Re: [Opensc-devel] Smartcard HSM built-in root CA?

[Daniel P. <da...@po...>]

On 12/01/16 23:38, Andreas Schwier wrote:
> Hi Daniel,
> 
> the purpose of the SmartCard-HSM PKI is to allow a relying party to
> authenticate public keys for private keys generated on the device. It
> does both, proof of possession and proof of correspondence.
> 
> It also allows using the public key without a certificate, because the
> internally generated certificate signing request is signed by the device
> authentication key. In some applications like the n-of-m scheme [1] this
> is sufficient, i.e. there is no need for another separate PKI to issue
> certificates that bind the public key to a identity (each SmartCard-HSM
> has an identity asserted by the device certificate and linked to the
> device authentication key).
> 
> This means, that if someone relies on this PKI, he must rely on the
> device issuer and the correct operation of the systems at the two PKI
> layers.
> 
> This is not limited to ourselves, as we have customers that are
> operating their own root and production CA.
> 
> Having a full PKI for public key authentication is something that - as
> far as I know - only the SmartCard-HSM provides for. Other schemes
> provide key attestation, but typically with a key shared amongst all
> devices.
> 

Can you please be more specific about some aspects of this PKI:

a) if CardContact goes out of business for any reason, what is the
impact on people using the cards?  Will people using the intermediate
certificates signed by your root be able to keep using them until they
expire?  How long are they valid?

b) if the CardContact root certificate is compromised (private key
stolen, etc), what is the impact on people using the cards?

c) you say that some customers operate their own root, does that mean
they can completely eliminate or replace the "device authentication key"
you create at the factory?