North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

PKI operators anyone?

  • From: Joe Maimon
  • Date: Wed Sep 05 10:14:13 2007

MS-PRESS recommended design guidelines for multi-tier PKI systems for validity periods are along the lines of

8 years for the root
4 years for the "policy"
2 years for the "issuing"
1 year for the issued certificate

This is ostensibly due to fears of brute force cracking of the private keys over the root key's validity period.

Accompanied with this recommendation is one for key lengths of

4096 for the root
2048 for the policy
1024 for the issuing and for the issued.

I have found the downside to this: Constant renewals every single year of either minor or major impact.

While MS-AD pki client implementations seem to handle most of the (except for the root) resigning just fine, external implementation struggle with some details, such as "chaining up to the root" trusting (thereby only requiring them to trust the root cert) and such as trusting two different certs (for an issuing CA that gets resigned) but that have the same common name, hence loads of fun every 11 months or so.

I am about to recommend a re implementation along these lines

80 years for the root, 4096bit key
35 years for the policy, 4096bit key
15 years for the issuing, ?bit key
<=5 years for the issued certificates.

Good idea? Bad Idea? Comments? Are all pki client implementation in the wild 4096bit compatible?

Thanks in advance,