 |
|
|
PKI
Market Survey
Click here to view a full copy of the Report. Introduction Managing public key pairs for all users in an organisation let alone all users on the Internet poses quite a logistical problem. This is where PKI comes in, providing the framework for key pairs and certificates to be generated and maintained over their life cycle. However, the framework is of little use without applications that take advantage of it. Today’s browsers and e-mail packages are beginning to include the ability to sign, verify, encrypt and decrypt data using digital certificates and associated key pairs which are stored in a “secret store” somewhere on the users local hard disk. In order to support full key history and automated CRL checking, however, off-the-shelf applications need to include much more PKI functionality. This is being implemented via PKI vendor tool kits, and we are beginning to see a new wave of applications which are advertised as “PKI Ready”. Another important question is “how do you find a public key certificate”? It is a frequent requirement to transmit a digital certificate and public key with a message so that the recipient has instant access. Some applications do this automatically – it is a part of the S/MIME standard, for instance. But what happens if you need to communicate securely with someone for whom you have no certificate and who does not know you? Once again, PKI is the answer. Where one of the well-known public CA’s has issued the certificate, life is made easier by the fact that the details are published in a searchable directory. Not every CA is as well known as VeriSign, however, and not all their directories are searchable by just anybody. Ideally, we need one large “master directory” for all certificates issued by any CA, but this Utopia is a long way from fruition. Only as PKI standards are ratified and compliance becomes widespread will functionality be built into applications. We are in the early stages at the time of writing, and much more work needs to be done to make widespread adoption of PKI a reality. Key management imposes a significant burden on an organisation, since it requires far more than just a piece of certificate server software to create and distribute digital certificates. To date, many organisations have found it confusing when looking for products. Is CA software the same as PKI? Are there any standards in place? Do they need separate directory services? Are Web certificates enough? Is client-side software required? When choosing a PKI system, there are a number of features to watch out for. It is easy to pass a certificate server off as a PKI solution, and the terminology is not entirely inaccurate. If you are looking for that complete solution, you should expect the products on your short list to contain most, if not all, of the following components: 1. Certificate Server - something to issue certificates 2. Directory – somewhere to store certificates and CRL’s 3. Revocation system – a means to prevent use of a certificate 4. Automatic key update – transparent renewal of certificates and key pairs 5. Key histories – transparent association of old key pairs with data encrypted by those keys 6. Key backup and recovery – secure means of backing up and recovering encryption key pairs 7. Support for non-repudiation – protection of the signing private key (which should never be backed up) 8. Cross certification – a means for two CA’s to trust each other 9. Client-side software – a desktop component to provide transparent access to some of the above features for the end user. Of course, not all of these components are always supplied by the PKI vendors themselves. The most obvious element which may be already installed in an organisation or which may be provided by a third party is the directory service. Those using an enterprise X.500 directory or one of the more recent offerings from Novell (NDS) or Microsoft (Active Directory) will require their chosen PKI solution to integrate fully. Some vendors will point to the fact that standards don’t cover all of these areas at present, and prospective purchasers will have to decide whether or not this is a good enough excuse to omit any of these functions. Some organisations will insist on a standards-only approach, and must therefore live with the limitations that are inherent in the current PKI products that attempt to adhere to those standards. Others will consider that a PKI that covers all eventualities is more important, and will be prepared to accept some proprietary elements in there. Product Reviews Baltimore UniCERT 3.0.5 UniCERT is Baltimore Technologies’ flagship product, a Certificate Authority (CA) used in PKI systems to provide full-strength security for a wide variety of eCommerce and enterprise security systems. Using X.509v3 digital certificates, UniCERT provides key management, authentication and non-repudiation facilities for services such as secure e-mail, Internet commerce, secure Web banking, on-line trading and Virtual Private Networks (VPN). The architecture of UniCERT has been designed to be as flexible as possible in order to help it fit a wide range of business and legislatory requirements. The result is a modular structure that allows new components to be individually added, modified, upgraded or removed as the organisation needs evolve. Separate components can be run on the same machine or can be placed on separate machines to reduce bottlenecks and allow distribution of workload. All modules communicate either through the underlying Oracle database or via secured (PKIX) TCP/IP connections. The UniCERT CA is the nicest one to manage of all those tested - no geeky command-line or sluggish Java-based admin interfaces here. Instead there is a slick graphical Windows utility – the PKI Editor - that allows you to effectively “draw” your PKI structure on screen. On entering the CAO the administrator is presented with icons for the CA and CAO (referred to as the “CAO Superuser”) generated during the initialisation process. Other CAO’s can be created, and these can be assigned a subset of the tasks available to the Superuser – for instance, they may only be able to create and edit policies, and may not be allowed to edit the PKI itself or revoke certificates. A toolbar allows additional icons to be dragged onto the screen to represent CA, RA, CAO, RAO, Database, Cross-Certification, Archive Server, UniCERT Gateway, PKI-Plus application, and Archive Server Security Officer entities. Some of these icons – such as the Database – are there for information only and to allow the diagram to represent a complete PKI. Others – such as the RA and RAO – are necessary components and have a number of attributes associated with them. For those who require key backup and recovery, Archive Server is an optional UniCERT component (new for V3.0.5)which allows storage of end users' private encryption keys securely in encrypted form, and retrieval as needed. The Archive Server is connected to the CA in the PKI, and RAO’s pass the keys to be archived to the Archive Server via the CA. Once the PKI has been defined and all the necessary certificates and key pairs generated, it is time to define policy. A policy is a set of criteria that must be fulfilled before a CA will generate a certificate for a user or entity. Specific types of end users or entities may need their own policy defining their access rights and certification requirements. For example, Cisco routers can send remote certificate requests via the UniCERT Gateway using the CEP support feature; the security policy for a Cisco router requires that it be allowed to send only its Dname since the router groups all the information it sends to the UniCERT Gateway as its Dname. Similarly, a separate policy may be required for all end users requesting certificates via an IPSec Virtual Private Network (VPN). The Policy Editor (another menu option in the CAO utility) allows the CAO to define extensions and additional fields that will appear on the certificate. Once again, this is accomplished by dragging and dropping items from the tool bars onto the on-screen “certificate”, which starts life with the bare essential attributes required to specify its distinguished name. Other attributes and extensions can be added quickly and easily and their properties defined. These include such items as key length, algorithm, key usage, policy ID, basic constraints, an instruction to automatically archive the secret key, generic extensions, and so on. Many of these items have multiple permissible values, and these can either be locked down by the CAO as part of the policy, or left as selectable lists for the RAO to determine at registration time. The Registration Components toolbar contains the basic components that can be used for end user identification, including a radio button, check box, edit box (for a generic text entry), list box, descriptive text and scan (which allows the RAO to scan an official document or photograph of the subscriber to be stored in the database). These registration components are used purely to add the criteria required for registration and are stored in the database only - they do not become part of the certificate itself. This ability to construct an extensive registration utility out of the box to collect data that is stored in the Oracle database but not in the certificate is unique to UniCERT. Registration can be performed face to face or remotely, and fully automatic registration is supported. Baltimore have just released an additional component, the Advanced Registration Module (ARM), which allows remote requests to be processed through strict policies. This module can be programmed to communicate with back end databases to validate the certificate request and provides total flexibility when customising registration policies. The simplicity of configuration of UniCERT hides the tremendous complexity and power hidden beneath the hood. A powerful database-driven policy engine, coupled with the excellent PKI Editor, makes UniCERT the most flexible CA solution out of the box of all those we have tested, yet it lacks none of the features we expect to see in a high-end PKI solution. Other products allow similar functionality to be achieved via extensive Java coding or the use of tool kits, but UniCERT provides a vastly superior “out of the box” experience, as well as offering the necessary tool kits for those who want to take things even further via custom development. If we had any criticism of the current release, it would be that automatic key update is not available for the CA, though this is planned for the next release. Apart from that, UniCERT offers everything you need. More than any other product, UniCERT encourages a mix-and-match philosophy, sticking firmly to standards in an attempt to remain as interoperable as possible. This does mean that it may be necessary to purchase the Oracle RDBMS and a directory server (which is optional) if not already available within the organisation, though Baltimore does resell these items if required. Product : UniCERT 3.0.5 Sample total costs per user (assuming all base modules, Web/E-mail/VPN gateways, Key Archive Server, and two certificates per user) for the following quantities of users: 100 - $72,500 1000 - $92,500 10,000 - $162,500 100,000 - $472,500 1,000,000 - $572,500 Verdict Overall, we found UniCERT to be hard to beat in terms of value for money, features, flexibility and ease of use (EDITORS CHOICE) Entrust/PKI 4.0 Entrust has been in the PKI market for some time now, and such is the power of the company and the strength of its products, that many of the Entrust technologies are fast becoming de facto standards in their own right. Many third party developers are thus keen to make their products “Entrust ready”. There is not much to do as far as the Certificate Authority (Entrust/Authority) is concerned in Entrust, since it tends to operate very much as a “black box”, with little administrator intervention required. An LDAP directory server is included out of the box, though Entrust will work with any third party LDAP server. When it comes to registration, there is Entrust/Admin. This is where users are registered, updated, revoked, recovered and deleted. It is also where security policy is defined, a procedure that usually gets its own separate utility in other products. Instead, administrative capability in Entrust/PKI is also defined by policy, with the same utility providing different capabilities depending on the level of the person running it. A dual-pane approach provides a hierarchical tree of Security Policies, Searchbases, Users, Audit Logs and Certificate Authorities. Security policies allow the administrator to set password restrictions for the security officers and administrators, and default key lifetimes for each type of certificate that has been defined. This would be the logical place to define new certificates too, but unfortunately if you need to do this (which many organisations will) then you have to edit a text file and import it into the system. Creating new users is a cinch, though again there is no easy way to customise the input screen should you want to collect information not directly related to the certificate as part of the user registration process. Key update policies can be inherited from the certificate security policy or can be overridden on a user by user basis, setting key lifetimes in terms of months, or setting expiry dates directly for encryption, signing and verification keys. Security Officers can also prohibit Administrators from overriding the default key update policy. This is one of the niggles we would have about the user interface – Entrust is an extremely powerful and flexible system that will cope with almost any PKI you care to create, but not enough of that flexibility is integrated with the administrator’s GUI, and that is a shame. Entrust maintains that to achieve a fully managed PKI, it is necessary to deploy a client-side component to provide end-to-end PKI functionality from client to CA. Entelligence is the Entrust client, designed to allow Entrust-Ready applications to integrate and work with Entrust/PKI. Entelligence is split into two parts: the engine and the application. The engine acts as a universal access point to all crypto and signing functions, allowing applications above it to remain oblivious as to whether encryption is performed by hardware or software, or whether keys are stored in a token or a file, for instance. Above the engine sit any number of applications (which have to be written to the client API’s), each of which can now access crypto functions via the single engine interface. Part of the Entelligence client is a simple file encryption and signing capability integrated with the Windows shell, providing crypto and signing facilities by right clicking on a file. The engine provides equal access to other applications such as e-mail or Web browsers, and has the advantage of providing a single logon to the crypto system. Wizards provide a simple way for users to initiate key generation (initial registration with the CA) and key recovery. Entelligence also provides a single point of access to certificates, keys and key histories for all applications above it, as well as ensuring that CRL’s are checked rigorously. A built-in address book allows the user to store keys for secure exchange of files and e-mail with others outside the immediate CA trust domain. Note that PKI-enabling an application using the Entrust tool kits does not make them natively PKI-aware. Thus all applications designated as “Entrust Ready” still require the Entelligence client to be running on each desktop. This is a major issue for some organisations. Where it is impossible or undesirable to install client-side software, however, Entrust provides plug-in modules called “Connectors”. This family of products work seamlessly within the Entrust infrastructure to provide a pure Web or SET model. Version 5.0 was released as we were preparing this report, and contains a number of new functions including roaming user credentials (similar to the RSA Keon Desktop), automatic registration, enhanced cross certification, automatic CA key update, expanded algorithm support, and improved user and RA policy management. Entrust has been around longer than most and this can sometimes be a dual-edged sword. On the down side, the administration interface is not always as intuitive as it might be, and betrays its heritage as a product that started life on platforms other than NT. Newcomers to the PKI market can demonstrate systems which are simpler, and generally nicer, to use in general. One example would be the need to edit a text file to define new certificate types in Entrust/Admin, rather than providing us with a nice integrated GUI. In its defence, Entrust points out that when a user base can run into thousands, or even hundreds of thousands, it is more important to make the end-user interface slick. This is certainly true, though since Entrust’s user interface is invisible, it is a moot point, and doesn’t distract us from making our point for improving the management interface. As you would expect, however, this is one area of the product that is being improved at the time of writing (and in the just-released version 5.0). The invisibility of the Entrust end-user interface is undoubtedly its strong point. It provides a single point of contact for the user and any security-related applications with the heavy duty crypto and signing stuff going on below. At the same time, it integrates the client fully into the PKI, providing single login to applications and ensuring that keys are updated transparently, key histories and lifecycles are maintained automatically, key recovery is simplified, and CRL’s are checked rigorously. It is worth noting, however, that all this can only be achieved by deploying the Entelligence client at the desktop (even when using Entrust Ready applications). Product : Entrust/PKI 4.0 Sample total costs per user for the following quantities of users: 100 - $29,500 1000 - $63,250 10,000 - $272,500 100,000 - $1,150,000 1,000,000 - $4,525,000 Note on Web Certificate Pricing: Where a fully managed Entrust ID is not required, Web Certificates may be purchased with a lifetime of up to 2 years. Pricing for these are as follows: 100 - $200 Verdict At the end of the day, Entrust/PKI’s few bad points are outweighed by the good ones, and the product certainly provides a robust, scalable and secure solution for managing public keys at any level. Recommended IBM Trust Authority 3.1 IBM SecureWay Trust Authority 3.1 is part of the IBM FirstSecure family which includes virus protection, intrusion detection, access control, traffic content control, encryption, digital certification, firewall technology, and application development toolkits. These functions are delivered from IBM’s family of security products as well as through offerings from other vendors. Trust Authority (TA) provides both encryption and digital certification functions providing applications with the means to authenticate users and ensure trusted communications A Trust Authority system can run on IBM AIX/6000 and Microsoft Windows NT server platforms. The main modules that make up a TA system are as follows: Trust Authority server - The Trust Authority server is the central server that ties the other components together. It maintains the configuration database and provides utilities for administering the system. Registration Authority - The Registration Authority (RA) is the server component that manages the registration process. It enforces local business policies to ensure that certificates are issued only to approved entities and used only for approved purposes. Certificate Authority - The Certificate Authority (CA) is the server component that manages the certification process. Audit subsystem - The Audit subsystem provides support for logging security-relevant actions. WebSphere Application Server - WebSphere is a security-aware collection of products, including the IBM HTTP Server, that provides a trusted base for network transactions. The IBM WebSphere Application Server (WAS) is a Java application server designed to facilitate the management and deployment of Web applications. Database system - Trust Authority uses IBM DB2 Universal Database (DB2) as its storage base for configuration data, registration data, certificate data, audit data, and Directory data. Directory server – The IBM SecureWay Directory integrates with DB2 to maintain information about certificates in a centralised location. Client components – TA provides browser-based enrolment as well as a Java-based Trust Authority Client for use when standard Web browsers are not available. In smaller systems, all of the main server components can reside on a single machine – this is how TA was tested in the NSS labs. In large-scale implementations, however, the three main components – Trust Authority/RA, Directory and CA/Audit servers – can reside on separate machines to provide enhanced performance and scalability. Administration of the CA is not particularly friendly, since it consists totally of command line utilities to perform such tasks as changing CRL settings, generating cross certification requests, maintaining administrators and checking logs. Despite (or perhaps because of) the fact that CA administration does not generally need to be performed on a regular basis, it would be nice to see a GUI interface for these tasks to make life simpler for the administrator. AIX users may be used to this sort of approach, but it will certainly not be popular with NT administrators, who are used to a much more feature rich and user-friendly admin interface. A set of Java pages provides a default framework for the registration process, and these can be customised to support the business policies of individual organisations. Each TA system has a single registration domain, and in the current release can support only a single RA server. Although a functional RA is provided out of the box, most organisations will need to customise it in some way. It is possible to change the enrolment forms or registration processes to reflect an organisation’s specific goals for digital certification. Customisation can range from displaying a corporate logo on the browser enrolment form to changing certificate profiles to support extensions that are relevant to the class of users, servers, or devices required. TA also offers support for policy exits, which enable organisations to call their own programs during the enrolment process for further customisation If a browser is not available for any reason, the Trust Authority Client application is provided. This application runs on any Microsoft Windows platform (95, 98, or NT) and provides the user interface for requests that use the PKIX Certificate Management Protocol (CMP). When a user submits a request to obtain, renew, revoke, or delete a certificate, the Client application communicates the request to the Registration Authority. When the RA issues a certificate, the application stores it on the user’s virtual or physical smartcard. The IBM Trust Authority offers a functional PKI solution out of the box for a reasonable price, though the pricing model begins to break down over 10,000 users compared to some of the competition. The client and RA operations are particularly straightforward and easy to use. There are, however, a couple of significant drawbacks with the current version. The first may not be considered a drawback by everyone, but we would suggest that the reliance on Java is far too heavy given the sluggish performance and general browser-to-browser compatibility problems (we had to upgrade to the latest Microsoft JVM in order to complete the testing) that plague the Java world today. The JVM on the server frequently consumed in excess of 95 per cent of the available CPU capacity and the client/RA utilities seem to take forever to load and run. It should be noted, however, that this problem relates only to the RA Desktops and Trust Authority Clients - users who request certificates do not need Java. Another criticism we had which may not bother everyone is the fact that there are simply too many command line utilities in TA, which is likely to be a major concern for NT sites. As a result of this, we found that administration of the CA is neither intuitive nor user-friendly. On a slightly more serious note, there are certain features missing in the current version, which sports no automated key renewal, key backup and recovery, or key histories (all of which are promised Q1 2000). On the positive side, TA offers extensive customisation capabilities due to the fact that the RA is represented by a number of Java scripts, Web pages and text configuration files. Configuration is in no way straightforward, but at least TA is flexible. Pricing is extremely cost-effective for low number of users, but quickly becomes prohibitive for larger implementations unless you are issuing large number of certificates to each user (prices are per user with unlimited certificates). Given the omission of some key features that would be of particular interest to the large enterprise (automatic certificate renewal, key backup and recovery, and so on) we feel large enterprises should gain commitments from IBM in these areas (as well as investigating the possibility of volume discounts) before scaling up to hundreds of thousands of users. Product : Trust Authority 3.1 Sample total costs per user for the following quantities of users: 100 - $1,000 1000 - $10,000 10,000 - $100,000 100,000 - $700,000 1,000,000 - $7,000,000 Verdict The current version of TA is a little light on features, though it is very cost effective for small number of users. For the time being, IBM’s Vault Registry offering is the superior choice for large scale PKI implementations. RSA Keon 5.0 RSA Keon is split into two offerings, both of which we look at here: Keon Certificate Server, and Keon Advanced PKI. Keon Certificate Server is a certificate management system that unites a key management engine, a certificate engine, an LDAP certificate repository and a certificate revocation database together into a single package. Keon Certificate Server provides the trust management foundation for PKI-enabled applications both from third parties or developed in-house using the RSA BSAFE developer tools. Keon Advanced PKI extends the scope of the Certificate Server by providing integrated desktop components – Keon Desktop – and advanced authentication and PKI features through Keon Security Server and associated authentication agents for third party products such as Oracle and SAP/R3. Once installed, the Keon CA is managed entirely via a browser interface using numerous Java applets. As with other solutions employing Java, we found that the client utilities were often slow and cumbersome to use, and the back-end loading on the servers which were running the JVM were horrendous. Unfortunately, Java seems to be here to stay for now, and we can only hope that the computer industry comes up with something better – running Java on your Pentium PC is like putting a Lada engine in a Rolls Royce! During generation of a Jurisdiction (an RA), the CAO defines a number of parameters relating to the certificates offered, including validity period, e-mail confirmation messages, certificate delivery format (PKCS#7 MIME, Base 64 PKCS#7, Base 64 X.509 or PKCS#7), which attribute fields should be included in the certificate, and whether or not the certificates from this Jurisdiction should be published automatically in the LDAP directory. This provides some customisation of the RA functionality, and each Jurisdiction can have a different policy if required. Each Jurisdiction can have one or more of five certificate types allocated to it – Microsoft Personal, Netscape Personal, Server, IPSec or CSR (Certificate Signing Request) – and each one can be configured independently to the others. It is not possible to add your own custom extensions to a certificate template, however. In terms of day to day operations, the Certificate Administrator is provided with a number of options via the Certificate Management page, including the ability to process registration requests, search for requests and certificates, revoke certificates and create reports. As with other CA offerings, Keon provides support for Web-based applications for browser, server, mail and device (i.e. VPN) certificates. A useful set of default Web pages are provided for enrolment, and these can be easily customised if required. Although Keon works well enough as a basic certificate server for Web-based subscribers, it is probably safe to say that the combination of the Keon Security Server and the Keon Desktop are the most important parts of the RSA Keon Advanced PKI Solution. It is important to realise that, because SS operates independently of the Keon CA, it is quite possible to deploy it alongside any standards based CA or directory from any other vendor (contact RSA for details of compatibility with other products), or even to use outsourced certification services from organisations such as VeriSign. Where enterprises are deploying smartcards and readers, RSA SecurID smartcards (or any PKCS#11 compliant device) can be used to store and carry the users’ credentials. Alternatively, the Keon Security Server can provide a unique virtual smartcard, called the Credential Store. The Credential Store is an encrypted software repository for a user’s digital certificate, private keys and other unique authorisation attributes. It can be securely and automatically delivered from the Security Server to wherever the mobile worker logs in, without dependency on a smartcard reader. Access to the credential store can even be protected by a one-time password token device such as SecurID. In either case, Keon Security Server allows central policy management over how users gain access to their critical private keys and credentials. Whilst the Security Server provides centralised management of user credentials, Keon Desktop is the client-side application that communicates with SS to provide a secure end-to-end solution. As well as providing the features missing form the Keon CA that are found in other PKI products, Keon Desktop also allows the support of the sort of features we would like to see as standard in all PKI implementations. For instance, as well as offering the secure mobile credential store for each user, it also provides centralised trust management, and dynamically checks the respective CRLs across the trust hierarchy, as well as offering two types of file encryption (automatic and manual). On its own, the Keon CA is not really worth considering as an enterprise PKI solution. For those who are intent on deploying a completely standards-based solution using typical browser and e-mail clients, Keon CA is missing vital components such as key backup and recovery, automatic key histories, automatic key update and peer-to-peer cross certification. If you are willing to deploy a desktop component, however, then the Advanced PKI solution provides all the functionality you would expect to find in other PKI solutions. Some of these capabilities may not work the way you are used to seeing them work in other PKI systems, but the combination of the Security Server and Desktop allows Keon Advanced PKI to provide an equally secure and robust solution, with a number of important advantages. For instance, it provides capabilities missing from PKI implementation without a desktop component, such as fully automatic CRL checking, automatic key histories, and signature verification, as well as a unique secure credential store that moves around the network with the user. It is still missing automatic key update in the current version, however (planned for a future release), and we would prefer to see hardware protection of CA root keys available as an option. For anyone who has already deployed a CA, the Keon Security Server and Desktop will add similar value, since they will work alongside any standards-compliant CA and directory. Prices do appear daunting at first, but the unlimited certificate/ server/ application model employed by RSA means that there is only a one-off payment required, and no more to pay no matter how many certificates are deployed nor how frequently they are renewed. This may actually work out to be more cost-effective for certain applications. Product : Keon
Advanced PKI Sample total costs per user for the following quantities of users (Keon CA only, with LDAP server): 100 - �3,100 1,000 - �25,000 10,000 - �100,000 100,000 - �100,000 1,000,000 - POA Sample pricing for RSA Keon Advanced PKI for following numbers of users, which includes RSA Keon Security Server & RSA Keon Desktop, as well as optionally RSA Keon Certificate Server. Also includes two user ACE/Server and two RSA SecurID key fobs for administrators: 100 - �14,100 1,000 - �109,000 10,000 - �620,000 100,000 - �4,300,000 1,000,000 - POA Verdict On its own, the Keon CA is not really worth considering as an enterprise PKI solution. If you are willing to deploy a desktop component, however, then the Advanced PKI solution provides superb levels of functionality and flexibility. Recommended Summary PKI is far from being a no brainer, and most of the current crop of PKI vendors are to be congratulated on even coming close to providing a shrink-wrapped solution for such a complex requirement. Do any of them meet the high standards set in our Introduction? At the moment, none of them fulfil all our wishes. Entrust and RSA come closest, but they require proprietary client-side software in order to function. Both are also very expensive. Baltimore provides far and away the most administrator-friendly and cost-effective PKI solution. But whereas it offers the best CA we have seen to date, it falls short of Entrust and RSA in terms of automatic CRL checking, automatic key update, key histories, and so on. It simply cannot offer these facilities without client-side software. Some is appearing, of course, written using vendor tool kits. However, this introduces the thorny issue of standards. If we have a so-called “standard” in terms of X.509v3 certificates, why is it that certificates issued by one CA cannot be recognised by another? Will applications written using one vendor’s tool kit work with another vendor’s CA? It might not be wise to put money on this! Another area that does not seem to be moving fast enough is adoption of smartcards. The appearance of smartcard readers on major brands of laptop and desktop PC heralds a new era for authentication at the desktop and on the move. The smartcard industry also needs to work harder on standards compliance, and on solving some of the thornier issues relating to PKI. For instance, keys generated on a crypto smart card cannot be backed up by the PKI – the card simply will not allow the keys to be exported since it would violate the premise of non-repudiation. However, it introduces an important single point of failure – if a user loses his smartcard, he loses his private keys and his digital identity. Encryption keys can only be backed up when they are generated in software by the PKI solution, and they can then be written to a memory smartcard – but these devices are not ideal in terms of security. For the time being, we are caught between a rock and a hard place here. At the time of writing, the most elegant solution to this problem is offered by RSA Security with Keon Security Server and Keon Desktop. This provides the best compromise between security and portability, especially when combined with the one-time password token system offered by SecurID. It can also be deployed alongside most other CA products, so you could run Baltimore UniCERT with Keon Security Server and Desktop to provide the missing client-side functionality – but you would need a healthy budget. Entrust/PKI offers similar levels of functionality to RSA Keon Advanced PKI but is not quite as open and flexible. Both Keon Advanced PKI and Entrust/PKI deserve a “Recommended” award. Our favourite PKI product this year, however, is Baltimore’s UniCERT, which provides an excellent combination of features, flexibility and ease of use, and is deserving of our “Editor’s Choice” award. On the issue of pricing – should you choose a product that licenses by user (unlimited certificates) or by certificate? We have attempted to reduce the often complex pricing models employed by the PKI vendors into some sample prices for a given scenario to provide like-for-like comparisons. However, with all vendors you need to approach them and discuss applications and how the certificates will be used. A product that looks expensive on paper may work out less costly in the long run for a particular application. Likewise, cheapest on paper may not turn out to be cheapest to deploy on a large scale. The price comparisons in this report can only provide a starting point for further discussion, and it is impossible to make firm recommendations based on the figures quoted here. On the up side, things are improving almost on a daily basis in the PKI industry. New releases are appearing ever more regularly from the major vendors, and PKI-aware applications are becoming more common. For the time being, however, it is a case of caveat emptor – make sure you confirm with your PKI suppliers that all the components you wish to deploy will interoperate successfully. This Market Servey is a summary of The NSS Group PKI Test Report 2000. Click here to view a full copy of the Report. |
Security Testing |
Send mail to webmaster
with questions or
|