mailing list archives
Re: [PEN-TEST] Your opinions are solicited ...
From: "L.W." <eldub () POBOX COM>
Date: Mon, 30 Oct 2000 18:55:14 -0800
-> Jim Miller said:
-> Access will be controlled by installing a certificate on each
-> remote client. The installation is done via download from the
-> Certificate Server, but is a manual process: the remote will
-> request the certificate and the server will download only after
-> a process is started by support.
How will the user identify themself to retrieve the certificate? Will the
PKCS#10 request be autoapproved? What CSP will be invoked to generate the
You are looking at a good deal of user overhead here.
-> The IT staff is unsure where the certificate resides on the
-> client. They suppose it to be both file based and in the
-> Registry. They have tried the "certificate export" process in
-> IE and found that it will not export, so they are satisfied that
-> it provides the level of security required to secure a cash mgt
-> application. They note that the HTML page presented to IE
-> without the certificate is an error page. There is no way to
-> get at the certiciate on the Net site.
This is completely dependant on OS and browser type. Also, any client-side
stored certificates can be accidently erased. How do you plan to deal with
the CRL issue? What will your certificate re-issuance process be?
-> I have recommended using VPN, now readily available in Win2000,
-> but have been rejected. "A support nightmare." was the reason given.
You are alreay facing a support nightmare. The certificate issuance and
management problem is going to be huge if you plan for this to scale to any
significant numbers. How is the end user going to keep certificates
straight in a multi-certificate environment?
-> What do you think of the security schema planned?
-> What schema would you use?
-> What do you think of the reason given for not using VPN?
1. Relies on the user doing the right thing, which is a bad assumption.
2. It is unclear if your certificate issuance process is secure.
3. It is unclear if your administration process is secure.
4. It is unlikely this process (as described) will scale due to certificate
management and help desk overhead.
5. The private key may be exposed depending on the OS and browser used.
eldub () pobox com