X.509 is a standard of cryptography of the International union of telecommunications for the infrastructures with public keys (PKI). X.509 establishes inter alia the electronic general formats of certificates and an algorithm for the validation of way of certification.
X.509 was created in 1988 within the framework of the standard X.500. It rests on a hierarchical system of Autorités of certification, contrary to the networks of confidence (like PGP), where no matter who can sign (and thus validate) the certificates of the others.
Certificates
In the X.509 system, a Autorité of certification allots a certificate binding a public key to a distinctive name ( Distinguished Name ), at an address E-mail or a recording DNS.
The certificates roots are key public not signed, or car-signed, but worthy of confidence. Commercial authorities of certification hold certificates present roots in many software, for example the navigators. Internet Explorer or Firefox contains some certificates roots préinstallés. When the navigator opens a protected connection (SSL) to a site having bought a certification near a known authority, he considers that the site is sure, and the mode switch-over protected is transparent.
If the certificate car-is signed (authority of certification and creator of the public key do only one), the navigator proposes to examine it, then to accept it or to refuse it according to confidence that one grants to him.
The period of validity of commercial certifications is not infinite, they often expire at the end of a year and must be renewed.
Structure of a certificate
- Version
- Serial number
- Algorithm of signature of the certificate
- Signatory of the certificate
- Validity (dates limits)
- Pas before
- Pas after
- Détenteur of the certificate
- Informations on the public key
- Algorithme of the public key
- public Clé
- single Identifiant of the signatory (Optional)
- single Identifiant of the holder of the certificate (Optional)
- Extensions (Optional)
- Liste of the extensions…
List revocation
A certificate can become invalid for many reasons other than the natural expiry, such as the loss or the compromising of the private key associated with the certificate or the change of at least a field included in the name of the holder holder of the certificate.
This is why the standard defines the format of a list indicating the certificates become invalid for an authority of certification given. This list is signed by the authority of certification to prevent any indétectée modification of it. It includes/understands a date of emission, a date of update (all 2 optional) and the list itself in the shape of pair < serial number of the revoked certificate; possible reason for révocation>. The reason can be present only in the CRL at the format version 2.
A limitation sometimes génante of the CRL is the time of propagation of information of revocation. To reduce it, one invented a protocol of validation of certificate which gives, about, same information as CRLs but giving more up to date information potentially. It is about OCSP, defined in the RFC 2560.
Safety
Following the publication of an attack of search for complete collisions against MD5 in 2004, Arjen Lenstra, Xiaoyun Wang and Benne of Weger were interested in X.509 using MD5 for the authentification of the certificate. Their attack makes it possible to forge two certificates with identical signatures. The use of the cryptographic function of chopping SHA-1 does not solve the problem because a similar attack is possible in theory (the complexity of the search for collisions on SHA-1 is much larger than on MD5).
External bonds
Authorities of certification
Some commercial authorities of certification:
-
CAcert
- Thawte
- Certigna
- VeriSign
- Firmaprofesional
Safety
- Colliding X.509 certificates, Arjen Lenstra, Xiaoyun Wang and Bucket of Weger
- strong Authentification
| Random links: | Canton of Valence-4 | Max Haufler | Highland Park | Coupe de France of football 1965-1966 | Microrégion de Viçosa |