On 23/03/17 16:04, Brian Julin wrote:
Technical creation of a CA server is trivial. CAs are more than a server. Proper procedures to ensure the CA is used in a way that does not subject it to compromise is... "a bit more difficult". So are disaster recovery precautions (e.g. what group of people are allowed to take airplanes together?) There are whole books about it.
Everyone rushing to build an insecure CA infrastructure could be a pretty dangerous trend.
People don't talk about this enough. A CA is more than just a server or HSM, some scripts and a web UI. It's almost *all* about process and procedure, and as technical people we tend to ignore this. I would be interested to hear an assessment of costs in term of staff/FTE equivalent for running a CA, cross-referenced to an independent evaluation of the security of said CA from a process PoV. Slightly OT: can we have a quick headcount of which client deployment tools people are using to deploy their private CA, ideally annotated with any platforms it *doesn't* support?