证书吊销如何与中间CA一起使用? [英] How does certificate revocation work with intermediate CA's?

问题描述

假设如下所示的PKI层次结构.

root CA ==> inter-1 CA ==> user-1
  \
   \======> inter-2 CA ==> user-2

我的问题是:根CA是否还需要定期从其子代(inter-1和inter-2)下载CRL?

由于user-1和user-2可以相互认证，所以如果inter-2撤销了user-2的证书，则inter-2应该让root知道，然后传播给inter-1和user-1，对吗? /p>

如果是这样，这似乎很复杂.是否有用于管理撤销逻辑的工具?非常感谢.

解决方案

否，证书吊销不会在CA树上传播.每个CA(在您的情况下是根级和中级)负责发布CRL，其中包含仅此CA颁发的吊销证书的列表.

一个例子:

根CA会发布由根CA颁发的证书的CRL:1间CA和2间CA.根CA不了解用户1和用户2证书或它们的吊销状态.

第一间CA(分别为第二间CA)发布一个CRL，其中包含由第一间CA(分别为第二间CA)颁发的吊销证书列表，并且仅包含这些证书.

CRL Root CA   CRL inter-1 CA 
  ^             ^
  |             |
root CA ==> inter-1 CA ==> user-1
  |
  |           CRL inter-2 CA 
  |             ^
  \             |
   \======> inter-2 CA ==> user-2

如果吊销了user-1证书，则该证书(实际上是序列号)将仅出现在由inter-1 CA发布的CRL中.

当某人想要检查用户1证书的有效性时，过程如下:

1. 在证书和受信任的CA之间建立证书链:用户1/-1间CA/根CA
2. 获取列表中第一个证书的CRL
3. 验证CRL的签名
4. 对照此CRL检查列表中第一个证书的状态
5. 如果状态未被撤消，请从列表中删除证书，然后转到2.否则失败
6. 如果列表仅包含受信任的CA，请检查证书的签名链(证书必须由列表中的以下证书签名)
7. 如果所有签名均已检查并且有效，则user-1证书有效.

请注意，验证CRL签名可以触发另一个证书链的验证:即，该算法可以是递归的.实际上，X.509证书验证算法非常复杂，我仅在这里总结其原理.

Suppose a PKI hierarchy like below.

root CA ==> inter-1 CA ==> user-1
  \
   \======> inter-2 CA ==> user-2

My question is: does root CA also need to periodically download CRL from its children: inter-1 and inter-2?

Since user-1 and user-2 can authenticate each other, if user-2's certificate is revoked by inter-2, inter-2 should let root know and then propagate to inter-1 and user-1, right?

If so, it seems quite complicated. Is there any tool to use for managing the revocation logic? Thanks a lot.

解决方案

No, revocation of certificate is not propagated across the CA tree. Each CA (root and intermediate in your case) is responsible of the publication of the CRL containing the list of only the revoked certificates that were issued by this CA.

An example:

Root CA publishes a CRL for the certificates issued by Root CA: inter-1 CA and inter-2 CA. Root CA is not aware of the user-1 and user-2 certificates or their revocation status.

inter-1 CA (resp inter-2 CA) publishes a CRL containing the list of revoked certificates issued by inter-1 CA (resp inter-2 CA) and only these certificates.

CRL Root CA   CRL inter-1 CA 
  ^             ^
  |             |
root CA ==> inter-1 CA ==> user-1
  |
  |           CRL inter-2 CA 
  |             ^
  \             |
   \======> inter-2 CA ==> user-2

if user-1 certificate is revoked, this certificate (actually its serial number) will only appear in the CRL published by inter-1 CA.

When someone wants to check the validity the user-1 certificate the process is as follows:

1. build the certificate chain between the certificate and a trusted CA: user-1 / inter-1 CA / root CA
2. fetch the CRL for the first certificate in the list
3. verify the signature of the CRL
4. check the status of the first certificate in the list against this CRL
5. if the status is not revoked, remove the certificate from the list and go to 2. otherwise fail
6. if the list contains only the trusted CA, check the chain of signature of the certificates (a certificate must be signed by the following certificate in the list)
7. if all signature have been checked and are valid, the user-1 certificate is valid.

Note that validating the CRL signature can trigger a validation of another certificate chain : i.e. this algorithm can be recursive. Actually the X.509 certificate validation algorithm is (very) complex and I just summarize the principles here.

这篇关于证书吊销如何与中间CA一起使用?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！