Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
mariano/signer
dependabot/go_modules/github.com/slackhq/nebula-1.9.0
wire-acme-extensions
mariano/init-provisioners
fix-1637
herman/wire-dpop-struct
herman/fix-nebula-curve-param
herman/wrapped-listener
herman/configure-server-http-timeout
josh/fips
herman/acme-macos-properties
josh/webhook-error-response-content
user-regex
max/nebula-sign-curve
carl/bootstrap-error-clarity
max/capabilities
herman/acme-cname-txt
max/test
herman/acme-da-roots
backports
but
collections
update-step-env-vars
panos/api/flow
errors-internal
docker-dns-names
docker-init
carl/sysd-update
carl/readmes
carl/ssh-host-matchbug
nosql-0.3.2
dcow/challenge-retry
ssh
printAud
getHosts
ssh-config
certificate-transparency
seb/ct-local
seb/markdown-issues
seb/anchors
v0.25.3-rc7
v0.25.3-rc6
v0.25.3-rc4
v0.25.3-rc.1
v0.22.2-rc14
v0.22.2-rc13
v0.0.1-rc.1
v0.0.1-rc.2
v0.0.1-rc.3
v0.10.0
v0.11.0
v0.11.0-rc.1
v0.11.0-rc.2
v0.11.0-rc.3
v0.11.0-rc.4
v0.12.0
v0.13.0
v0.13.1
v0.13.2
v0.13.3
v0.14.0
v0.14.0-rc.1
v0.14.0-rc.10.badger2
v0.14.0-rc.14
v0.14.0-rc.15
v0.14.0-rc.16
v0.14.0-rc.2
v0.14.0-rc.3
v0.14.0-rc.4.badger2
v0.14.0-rc.5
v0.14.0-rc.6
v0.14.0-rc.7
v0.14.0-rc.8
v0.14.0-rc.9
v0.14.0.rc.11.badger2
v0.14.0.rc.12.badger2
v0.14.0.rc.13.badger2
v0.14.1
v0.14.2
v0.14.3
v0.14.3-rc.1.badger2
v0.14.3-rc.2.32bitbadger2
v0.14.4
v0.14.5
v0.14.5-rc.1.100MB.badgerV2
v0.14.5-rc.2.100MB.badgerV2
v0.14.5-rc.3.cullACMEOrders
v0.14.5-rc.4
v0.14.6
v0.14.7-rc.1.docker-buildx
v0.14.7-rc.2.deb-name-test
v0.15.0
v0.15.0-rc.1
v0.15.1
v0.15.1-rc.1
v0.15.10
v0.15.11
v0.15.12
v0.15.12-rc1
v0.15.12-rc2
v0.15.12-rc3
v0.15.12-rc4
v0.15.12-rc5
v0.15.13
v0.15.14
v0.15.15
v0.15.16
v0.15.16-rc1.test-arm6
v0.15.16-rc2.test-arm6
v0.15.16-rc3.test-arm6
v0.15.16-rc4
v0.15.16-rc5
v0.15.16-rc6
v0.15.16-rc7
v0.15.2
v0.15.2-rc.1
v0.15.3
v0.15.4
v0.15.5
v0.15.5-rc.1
v0.15.6
v0.15.7
v0.15.7-rc.1
v0.15.8
v0.15.9
v0.15.9-rc1
v0.15.9-rc10
v0.15.9-rc11
v0.15.9-rc12
v0.15.9-rc13
v0.15.9-rc14
v0.15.9-rc15
v0.15.9-rc16
v0.15.9-rc17
v0.15.9-rc18
v0.15.9-rc19
v0.15.9-rc2
v0.15.9-rc3
v0.15.9-rc4
v0.15.9-rc5
v0.15.9-rc6
v0.15.9-rc7
v0.15.9-rc8
v0.15.9-rc9
v0.16.0
v0.16.0-rc.1
v0.16.0-rc.2
v0.16.1
v0.16.2
v0.16.3
v0.16.4
v0.17.0
v0.17.0-rc1
v0.17.1
v0.17.2
v0.17.2-rc1
v0.17.3
v0.17.3-rc1
v0.17.3-rc2
v0.17.3-rc3
v0.17.3-rc4
v0.17.3-rc5
v0.17.3-rc6
v0.17.3-rc7
v0.17.3-rc8
v0.17.3-rc9
v0.17.4
v0.17.4-rc1
v0.17.5
v0.17.5-rc1
v0.17.6
v0.17.6-rc1
v0.17.6-rc2
v0.17.7-rc1
v0.18.0
v0.18.1
v0.18.1-rc1
v0.18.1-rc2
v0.18.1-rc3
v0.18.2
v0.18.3-rc1
v0.18.3-rc2
v0.18.3-rc3
v0.18.3-rc4
v0.19.0
v0.20.0
v0.21.0
v0.22.0
v0.22.1
v0.22.2-rc10
v0.22.2-rc11
v0.22.2-rc12
v0.22.2-rc15
v0.22.2-rc16
v0.22.2-rc17
v0.22.2-rc18
v0.22.2-rc2
v0.22.2-rc3
v0.22.2-rc4
v0.22.2-rc5
v0.22.2-rc6
v0.22.2-rc7
v0.22.2-rc8
v0.22.2-rc9
v0.23.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.23.1-rc.1
v0.23.2
v0.24.0
v0.24.0-rc.2
v0.24.0-rc1
v0.24.1
v0.24.2
v0.24.3-rc.1
v0.24.3-rc.2
v0.24.3-rc.3
v0.24.3-rc.4
v0.24.3-rc.5
v0.24.3-rc1
v0.25.0
v0.25.1
v0.25.2
v0.25.3-rc2
v0.25.3-rc3
v0.25.3-rc5
v0.26.0
v0.26.0-rc1
v0.26.0-rc2
v0.26.1
v0.8.1
v0.8.1-rc.1
v0.8.1-rc.2
v0.8.2
v0.8.2-rc.1
v0.8.3
v0.8.4
v0.8.4-rc.1
v0.8.4-rc.2
v0.8.5
v0.8.5-rc.1
v0.8.5-rc.2
v0.8.5-rc.3
v0.8.5-rc.4
v0.8.5-rc.5
v0.9.0
v0.9.0-rc.1
v0.9.1
v0.9.1-rc.1
v0.9.1-rc.2
v0.9.2
v0.9.2-rc.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'fb4d114a82'
${ noResults }
smallstep-certificates/docs/questions.md

6.2 KiB
Raw Blame History

Frequently Asked Questions

These are some commonly asked questions on the topics of PKI, TLS, X509, cryptography, threshold-cryptography, etc. Hopefully we will reduce the amount of hand-waving in these responses as we add more features to the Step toolkit over time.

We encourage you to read our blog post on everything relating to PKI as we believe it to be a solid resource that answers many of of the questions listed below.

What are TLS & PKI?

TLS stands for transport layer security. It used to be called secure sockets layer (or SSL), but technically SSL refers to an older version of the protocol. Normal TCP connections communicate in plain text, allowing attackers to eavesdrop and spoof messages. If used properly, TLS provides confidentiality and integrity for TCP traffic, ensuring that messages can only be seen by their intended recipient, and cannot be modified in transit.

TLS is a complicated protocol with lots of options, but the most common mode of operation establishes a secure channel using asymmetric cryptography with digital certificates (or just certificates for short).

First, some quick definitions:

  • Asymmetric cryptography (a.k.a., public key cryptography) is an underappreciated gift from mathematics to computer science. It uses a key pair: a private key known only to the recipient of the message, and a public key that can be broadly distributed, even to adversaries, without compromising security.
  • Digital certificates are data structures that map a public key to the well-known name of the owner of the corresponding private key (e.g., a DNS host name). They bind a name to the public key so you can address recipients by name instead of using public keys directly (which are big random numbers).

Briefly, there are two functions that can be achieved using asymmetric cryptography:

  • Messages can be encrypted using the public key to ensure that only the private key holder can decrypt them, and
  • Messages can be signed using the private key so that anyone with the public key knows the message came from the private key holder. With digital certificates, you can replace "private key holder" with "named entity," which makes things a whole lot more useful. It lets you use names, instead of public keys, to address messages.

PKI stands for public key infrastructure. Abstractly, it's a set of policies and procedures for managing digital certificates (i.e., managing the bindings between names and public keys). Without proper secure PKI, an attacker can fake a binding and undermine security.

What's a certificate authority?

A certificate authority (CA) stores, issues, and signs digital certificates. CAs have their own key pair, with the private key carefully secured (often offline). The CA binds its name to its public key by signing a digital certificate using its own private key (called self signing). The CA's self-signed certificate, or root certificate, is distributed to all principals in the system (e.g., all of the clients and servers in your infrastructure).

So, the CA is tasked with securely binding names to public keys. Here's how that process works.

  1. When a named principal wants a certificate, it generates its own key pair. Nobody else ever needs to know the private key, not even the CA.
  2. The principal creates a certificate signing request (CSR), containing its name and public key (and some other stuff), and submits it to the CA. The CSR is self-signed, like the root certificate, so the CA knows that the requestor has the corresponding private key.
  3. The CA performs some form of identity proofing, certifying that the request is coming from the principal named in the CSR.
  4. Once satisfied, the CA issues a certificate by using its own private key to sign a certificate binding the name and public key from the CSR.

Certificates signed by the CA are used to securely introduce principals that don't already know one anothers' public keys. Assuming both principals agree on a trusted CA, they can exchange digital certificates and authenticate the signatures to gain some assurance that they are communicating with the named entity.

Technically, smallstep's certificate authority is more than just a certificate authority. It combines several PKI roles into one simple, flexible package. It acts as a registration authority, accepting requests for digital certificates and verifying the identity of the requesting entities before establishing bindings. It also acts as a central directory and more generally as a certificate management system, a secure location for storing and distributing key material.

Why not just use Verisign, Entrust, Let's Encrypt, etc?

The web's open public key infrastructure (web PKI), while far from perfect, is an important foundation for securing the web. So why not use it for securing communication for your own internal infrastructure? There are several reasons:

  • It's expensive to provision certificates from a public CA for all of your services
  • Public CAs can't handle client certificates (mutual TLS)
  • It's much harder (and more expensive) to revoke or roll certificates from public CAs
  • It relies on a third party that can subvert your security

More broadly, the answer is that web PKI was designed for the web. A lot of the web PKI design decisions aren't appropriate for internal systems.

How does identity proofing work?

In general, trust will always flow back out to you, the operator of your system. With that in mind, the simplest form of identity proofing is manual: [describe token-based manual mechanism here]. As your system grows, this process can become onerous. Automated identity proofing requires careful coordination between different parts of your system. Smallstep provides additional tooling, and vetted designs, to help with this. If you integrate with our other tools its easy to start with a manual identity proofing mechanism and move to a more sophisticated automated method as your system grows.

I already have PKI in place. Can I use this with my own root certificate?

Absolutely. [Details here].

Further Reading