RE: SSL Certs and FIPS 140-2 Compliance

Verisign's commercial SSL cert license/T&Cs allows an ssl cert to be used on
more than 1 machine, provided a second license is purchased. Given they at
least have an appearance of liability, I'm sure Verisign wouldn't license
something that could severely bite their liability fund. 
I don't know if there is a 'Verisign for government' license which is any
different to this.

Fundamentally, SSL certs may be considered, in some cases, to verify
owenerhsip of the domain name, not the server/machine on which it resides.
What would be the point of preventing a smooth failover of a public-facing
site?

Lyal

-----Original Message-----
From: John Thompson [mailto:jwledt@xxxxxxxxxxx] 
Sent: Wednesday, 7 September 2005 8:35 AM
To: 'Lionel Ferette'; websecurity@xxxxxxxxxxxxx
Cc: Ryan Barnett
Subject: RE: [WEB SECURITY] SSL Certs and FIPS 140-2 Compliance


Hello all!

I was just trying to find the document or paragraph that specifically states
that the private key for an SSL/TLS certificate may not exist in more than 1
physical location.  Does anyone on the list have that information?

I've read through "FIPS PUB 140-2 Security Requirements for Cryptographic
Modules" and "Implementation Guidance for FIPS PUB 140-2 and Cryptographic
Module Validation Program" and I could not find any references to:
Centralized Storage of Keys, Single Instance Storage of a Private or Secret
Key for a key pair OR certificate, Non-Duplication of Keys, etc...

Much appreciated.


John


-----Original Message-----
From: Lionel Ferette [mailto:lionel.ferette@xxxxxxxxx] 
Sent: Monday, August 22, 2005 11:41 PM
To: websecurity@xxxxxxxxxxxxx
Cc: Ryan Barnett
Subject: Re: [WEB SECURITY] SSL Certs and FIPS 140-2 Compliance

Ryan, List, greetings!

In the wise words of Ryan Barnett, on Monday 22 August 2005 22:43:
> I am hoping that some other people on this list have some info on this
> area.  I will try and make it brief.
[SNIP Concise and precise description]

> The FIPS compliancy issue seems to be that the SSL signed cert and 
> private key should only exist in one location - otherwise this 
> violates the whole reuse of keys sections.  In this case, FIPS is 
> making it difficult to leverage typical load-balancing 
> implementations.
The way you describe it, I'm also afraid that the one location requirement
is not met, indeed.

> Has anyone else, who works with the government, run into a similar 
> scenario?  The only option that we are kicking around is to implement 
> some sort of hardware SSL accelerator on the network and consolidate 
> our SSL functions on this host.
My own experience only relates to the banking sector, and the only solution
we found was to use a shared HSM, like nCipher's netHSM (which is FIPS 140-2
level 3 certified, incidentally). They don't come cheap, unfortunately, and
we had to drop their use for SSL. We used an HSM for the CA, though.

(Standard disclaimer: I'm not affiliated to nCipher, there are certainly
other products that perform the same function, but I have no first-hand
experience with them).

HTH,

Lionel

--
"To understand how progress failed to make our lives easier, please press 3"

Lionel Ferette
BELNET CERT Coordinator

Tel: +32 2 7903385                  http://cert.belnet.be/
Fax: +33 2 7903375                  PGP Key Id: 0x5662FD4B

---------------------------------------------------------------------
The Web Security Mailing List
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives
http://www.webappsec.org/lists/websecurity/archive/