Historical: Roots 2008-11-28

Results

Although the event worked out well, there were a number of flaws:

  1. the method chosen to escrow the root under board control proved weak
  2. root is under single control (not dual control or 4-eyes)
  3. acceptance testing was too slow / not completed
  4. it is unclear whether the source code supports additional roots
  5. project management was unable to "complete" the project beyond the event

This means that the exercise was both necessary and valuable. Indeed essential. However, it remains an open question as to whether to deploy these roots or do the process again. There are these considerations:

What is the balance? Is it worth it? We cannot know without running the experiment, because it is hard to predict the costs either way.

However there is one consideration that dominates the above discussion: software. As of the current time, software is unable to deliver sustained and good support. This means that we are hamstrung in moving forward. Therefore the solution is evident: Fix Software First.

Comments from PhilippG (01/14/2010) :

The country field is missing ("C=" field) in the root certificate, which is a requirement of certain certificate standards/browser vendors / relying parties. (to be continued)

Planning

On 20081128, the team converged and created the top-level root and 2 subroots. This document is the planning.

Team

Root Key Task Force is CAcert Sub-Committee installed by board motion m20081008.1 see Board decision list 2008. Task Force has the following members: Guillaume Rogmany, Teus Hagen, auditor (Ian Grigg) and advisor (Philipp G├╝hring). Also in attendance was Wytze and Mendel.

Date and Location

The Root Key Generation (One Root Key and 2 sub-rootkeys) was scheduled on 27th and 28th of November 2008 in Ede, Holland.

day

tasks

location

people

Wed 26 Nov

travel

to Venlo

Root Key Task Force

Thu 27 Nov

travel

to Venlo

Auditor

afternoon

script testing

Grubbenvorst

Task Force, Auditor, Sec Evaluation

Fri 28 Nov

9 am, Key generation

Echteld

Task Force, Auditor, Crit-team

afternoon

3 pm, Key installation, back ups

Ede

Crit-team, Auditor, Oophaga

Sat 29 Nov

10 am, back ups

Echteld, Tiel

Crit-team, Oophaga

afternoon

travel

to Paris

Guillaume

Sun-Tue 2 Dec

audit project, policies

Grubbenvorst

Auditor,Teus

afternoon

travel

to Vienna

auditor

Budgets

expense type

description

budget

allocated

Euro

accomodation

2 persons * 3 night * 125

750

250

0.00

travel

train / car

650

315

670.68

party

5 persons

400

182.50

unforeseen

2 backup disks 147.50

300

147.50

10.00

total

1100

863.18

Costs: disks went to Oophaga Foundation.

night accomodation

Grubbenvorst -- Guillaume and Ian at teus home address.

work location

Thursday 27th of November 2008: Grubbenvorst (teus/home): Guillaume and Teus.

Friday 28th Nov 2008: at Mobach Systems in Echteld. 10 am - 1 pm preparations and last tuning (Guillaume/Teus), 1 pm key generation ceremony (Guillaume/Teus/auditer). 10 am - 3 pm prepartions of critical system backups by Wytze and Mendel.

Friday afternoon key 3.30 pm two sub-root keys (Community Members and Assured Community Members) installation at BIT in Ede (see webcam BIT). Critical system admin team will also install on Friday the backups and recover the backups on Saturday 29th of November 2008. Backups are on encrypted files systems. Passwords to encrypted files system backups are separated from physical Oophaga storage devices.

Friday night: physical destruction of the unencrypted keys: 10 pm USB stick with keys has been physically detroyed (Guillaume/Teus/Ian). Pictures are available of the action.

Report

Preparations

The preparations of the installation of required installation and tooling scripts (install.sh script), key generation scripts (ceremony.sh script), key copy script (CopyKey.sh) and clean/new installation of the Linux Ubuntu 8.10 on a 10 year old Pentium II Dell Compaq Despro PC with a 10 year old WD disk and 12 year old audio Creative Labs PCI card. Selection of hardware is done on base of old hardware just enough to provide a workable environment. Major work was to search for a hardware combination which provided a random number generator with high entropy profile based on random sound, /dev/random and openssl. For entropy measurement three tools were used and compared (and added) to the sig.cacert.at random generators overview table.

For key generation a fresh and locally compiled OpenSSL (latest) release was used. Java scripts have been used to support the signing of the (sub) root keys. The latest Java scripts have been downloaded from the SUN Java distro. For this see the install.sh script.

Key Generation Ceremony

Keys are only generated from and to USB sticks. Swap has been stopped. Network connectivity has been stopped from this point up to deletion and cleaning of the PC and disks.

Key generation has been done with ceremony.sh script, supported with Java tooling for key signing. The process has been fully under 4 eyes principle (Guillaume, Teus, critical systems admin team and auditor). Passwords have never been visible to anyone present at the ceremony and are copied to separate USB sticks.

In total there has been made:

  1. 2 (mirrored) USB sticks with encrypted Root Key and labelled self signed Root certificate, 4 encrypted sub-root keys and labeled signed by Root Key key. These two USB sticks go together in escrow.
  2. 2 (mirrored) USB sticks with passwords of the encrypted 5 keys.
  3. 1 USB sticks with 4 encrypted Sub-Root Keys and labelled self signed Sub-Root keys certificates (a copy of the escrow Sub-Root keys). This USB is provided to one critical system administrator.
  4. 1 USB stick with passwords of the encrypted Sub-Root keys. This USB is provided to the other system administrator.
  5. 1 USB stick with the public and signed keys, script logging files and certificate signing results test files. This key has been provided to critical system administrators and a copy of the stick to the auditor.

The USB stick used for key generation (source of keys) has been physically destroyed at Friday 28th of November by Teus/Guillaume under eyes of auditor.

The PC used at the ceremony has been dismantled from audio card used, CDrom drive used, and after threading (35 passes with the program shred) the disk drive. Reasoning: the combination of the hardware might influence the random generation and so the random number used in the key generation process. The keys used in the generation procedure have only be resided on RAM memory and USB sticks.

(Sub) Root Key installation

Two (out of four) Sub-Root Key files have been installed on the signing server at 3:30 pm on Friday 28th of November by critical systems administrators (Wytze/Mendel) from their both USB sticks (one with encrypted Sub-Root Keys and one with Sub-Root Key password). The signing server communication protocol has been updated to support the two new installed Sub-Root keys. Access to the rack with the signing server has been provided by Oophaga (Rudi Engelbertink).

(Sub-)Root Key SHA1 checksums

Command used: openssl x509 -in <filename>.crt -sha1 -fingerprint

key type

purpose

sha1 check sum

Root Key

Sub-Root Key signing

79:9B:6C:6C:CD:B9:E4:12:EE:5A:58:F0:9A:2C:8B:20:A0:E0:CA:A7

Sub-Root Key 1

non-assured

53:7C:1D:5D:F7:44:66:33:B2:78:F2:BE:27:9E:72:CC:F2:08:53:2D

Sub-Root Key 2

assured

58:0F:C9:2E:45:D7:43:B8:68:D2:60:82:C0:60:B2:01:0D:A2:46:C2

Sub-Root Key 3

spare

Sub-Root Key 4

spare


Roots/20081128 (last edited 2011-06-02 11:24:30 by UlrichSchroeter)