Rainer Perske
Westfälische Wilhelms-Universität
Zentrum für Informationsverarbeitung
Zertifizierungsstelle
Röntgenstraße 7-13
48149 Münster
ca@uni-muenster.de
+49 251 83 31590 (fon)
+49 251 83 31555 (fax)
Select a computer of your choice. Use the same computer for all steps below.
Make sure that you are the only user of this computer.
This includes physical protection against theft and loss as well as
configurational protection by choosing safe passwords, configuring a
crypto file system and a desktop firewall and so on.
Choose a WWW browser and an e-mail program of your choice.
If you select programs using a common certificate store (e.g.
Outlook + Internet Explorer or Seamonkey + Seamonkey) it will make life
easier later.
Open the WWW browser configuration and establish a safe master
password.
Firefox: Bearbeiten or Extras | Einstellungen | Sicherheit | Check:
Master-Passwort verwenden.
A German language guide for following steps can be found on https://www.uni-muenster.de/WWUCA/info/request-x509-person.html.
Open the WWW browser and go to ca.wwu.de.
You will be forwarded to a web page where you can request and
search for certificates.
. . .
. . .
Select Nutzerzertifikat, fill in the form, and click on
Weiter.
Please enter only e-mail addresses ending in @uni-muenster.de, not
those ending in @wi.uni-muenster.de. Use only lowercase
letters, no uppercase letters. You may set up an automatic e-mail
forwarding from the @uni-muenster.de address to the @wi.uni-muenster.de
address using https://sso.uni-muenster.de/MeinZIV/?action=forward_page
if you like.
Check all your data, then click on Bestätigen.
Perhaps after some check-backs depending on the WWW browser used
(always select the highest security level resp. bit count) and/or
password queries, a key pair is generated now by your browser. The
private key is invisibly stored on your disk. The public key is sent
together with your personal data to the WWUCA.
If you own a smartcard reader and a smartcard (or an eToken) with
the corresponding driver software, you are asked and can select that
device for generating and storing your private key for even more
security.
On the next page click on Zertifikatantrag anzeigen.
A PDF file is downloaded and opened. Print this file, manually
fill in the blank lines of the form and sign it.
You can even manually add further e-mail addresses, but limit
yourself to @uni-muenster.de addresses.
Take the signed form and your identity
card or passport and meet a WWUCA team member in
person during the tuesday lecture.
If you miss this date, see the WWUCA contact web page for how to
meet a WWUCA team member.
. . .
. . .
The director of the WWUCA will explain certificates and the WWUCA (in German).
A WWUCA team member is present at the tuesday, accepts your signed form and checks your identity.
You'll receive an e-mail with your certificate and a link. Open
the link with the same browser instance and click on
the button displayed. The certificate will be merged with your private
key.
Now you can export certificate and private key into a PKCS#12 file
(*.p12, *.pfx) and import them into other browsers, e-mail programs
etc.
ca. 30 Min.
Rainer Perske
Westfälische Wilhelms-Universität
Zentrum für Informationsverarbeitung
Zertifizierungsstelle
Röntgenstraße 7-13
48149 Münster
ca@uni-muenster.de
+49 251 83 31590 (fon)
+49 251 83 31555 (fax)
Public Key: Algorithm RSA, Exponent 65537; Modulus e3 d2 10 ... 50 4a 85
Subject (certificate owner): CN=Rainer Perske, O=Universitaet Muenster, C=DE
Issuer (certification authority): CN=Zertifizierungsstelle, O=Universitaet Muenster, C=DE
Serial number: 13:95:13:C7:CD:EA:2E; version: 3 (has extensions)
Valid from 2012-03-30 11:17:11 UTC to 2015-03-30 11:17:11 UTC
Extension: Usage: signing, key encryption (for mail, TLS, Smartcard-Login), but not as CA
Extension: Alternative names: E-Mail perske@uni-muenster.de, Login: perske (uni-muenster.de)
Signature for all data above, created with the private
key of the certification authority:
Algorithm: PKCS #1 SHA-1 with RSA, value: 81 5c 3e ... a8 eb
40
The certificate does not contain the owner's private key!
The certificate of Rainer Perske is signed by the
Zertifizierungsstelle der Universität Münster
(WWU Certification Authority, WWUCA)
The WWUCA is an intermediate CA because ...
The certificate of the WWUCA is signed by the DFN Public Key
Infrastructure (DFN-PKI) “Global” CA
(DFN = Deutsches Forschungsnetz = German Research Network)
The DFN-PKI “Global” CA is an intermediate CA because ...
The certificate of the DFN-PKI “Global” CA is signed by the “Deutsche Telekom Root CA 2”
The “Deutsche Telekom Root CA 2” is a root CA because ...
The certificate of the “Deutsche Telekom Root CA 2” is signed by itself.
Rainer Perske ⇐ WWUCA ⇐ DFN-PKI “Global” CA ⇐ “Deutsche Telekom Root CA 2”
The “Deutsche Telekom Root CA 2” certificate is part of nearly all browsers and e-mail programs
Thus nearly all e-mail programs can check our e-mail signatures
automatically
and all browsers accept our server certificates automatically
Recipients of our e-mails or users connecting to our servers do not receive boring warnings
Demo: Firefox: Edit the CA certificate of “Deutsche Telekom Root CA 2”
3 staff members (at ZIV) + 6 further team members (spread over WWU and UKM)
I spend about 10 % of my time for the WWUCA, all others far less.
X.509 certificates issued by the WWUCA (all in the
DFN-PKI “Global” hierarchy):
valid certificates: ca. 800: 440 server, 340 user, 10 code signing, 10
team member
issued certificates per year: ca. 120 personal and 90 server
certificates and 40 revocations
Other DFN-PKI hierarchies:
DFN-PKI “Classic” (not in browsers) discontinued, replaced
by “Global“
DFN-PKI “Basic” (relaxed identity check; not in browsers)
not supported (no demand)
DFN-PKI “Grid” (for scientific grid computing) is supported
(but not as distinct CA)
DFN-PKI “SLCS“ (Short-Lived Credential Service) not
supported (no demand)
OpenPGP discontinued: Less than 15 certificates per year
Service of the German Research Network provided by DFN CERT GmbH in Hamburg
6 full time team members operate and develop DFN-PKI
5 X.509 hierarchies with different policies (“Classic”, “Global“, “Basic”, “Grid”, “SLCS“)
300+ outsourced subordinate CAs of DFN e.V. members (incl. WWUCA)
OpenPGP discontinued due to lack of demand
No additional costs: DFN PKI service is part of the DFN Internet service
WWU + UKM + KA + FH + MPI together pay 250.000 €/a for 2×2 GBit/s cluster connectivity
Generate a key pair
Upload public key + personal data, signed with the private key, to the WWUCA
Print the application form containing the fingerprint of the public key and further data
All above in one step: http://ca.wwu.de ⇒ Nutzerzertifikat
Sign the form and thus declare that the public key is really yours
Hand out the form to a WWUCA team member, presenting your identity card
The WWUCA never sees your private key (is no »trust center«)
Beneath all usual measures to protect computer and password
Use dedicated browser instance / virtual machine for sensitive applications
Always protect your private key by encrypting with a password
resp. PIN
(master password in Firefox, encryption password for PKCS#12
files)
Always encrypt the medium containing your private key, too.
For authentication purposes, better use hardware device (smartcard, eToken, nPA) with a PIN.
(But think twice for e-mail purposes: you cannot read old e-mails any longer if you loose your private key)
Always keep in mind: Your private key is only needed when signing and when decrypting, never else.
Get paranoid. Even more paranoid. “Social Engeneering” is the most successful way of attacking.
The WWUCA team member:
strictly obeys Certificate Policy (CP) and
Certification Practice Statement (CPS)
(Rules for security, target audience, privacy, methods,
archiving, contents, life times, revocations etc.)
CP: https://www.pki.dfn.de/fileadmin/PKI/DFN-PKI_CP.pdf
CPS: https://www.pki.dfn.de/fileadmin/PKI/DFN-PKI_CPS.pdf
checks all aspects of your request (perhaps applies corrections or rejects)
compares the fingerprint on the form with that of the public
key
(thus the WWUCA knows the public key with the given fingerprint is
yours)
(electronically) signs a confirmation message to the certification server
(manually) signs and archives your request form
The DFN PKI certification server in Hamburg automatically:
checks the signature of the message and the accreditation of the signer
checks conformance of the request (only our domains? etc.)
creates the certificate
mails the certificate to the requester
publishes the certificate via LDAP (if requested)
Use as addressbook: ldap.pca.dfn.de:389, Base-DN: O=DFN-Verein,C=DE
Thunderbird: Bearbeiten | Einstellungen | Verfassen | Adressieren | LDAP-Verzeichnisserver | Bearbeiten | Hinzufügen ...
Several restrictions by CP+CPS:
only servers and e-mail addresses belonging to WWU, UKM, or KA
emailAddress=. . . (at most one may be given, but
see below)
CN=. . . (exactly one must be given; only name parts from
identity card, no "Prof." or alike)
OU=. . . (at most one may be given)
O=Universitaet Muenster (or) O=Universitaetsklinikum Muenster
(or) O=Kunstakademie Muenster (must be given)
L=Muenster (and) ST=Nordrhein-Westfalen (optional for
users; must be given for servers)
C=DE (must be given)
Limited character set for CN/OU/O/L/ST/C: a-z A-Z 0-9
'()+,-./:=? space; limited field length (64)
Convert german letters: ä ö ü ß Ä Ö
Ü ⇒ ae oe ue ss Ae Oe Ue,
Remove accents: Ibáñez ⇒ Ibanez,
Łódź ⇒ Lodz; and transcribe (phonetically):
Δήμητρα ⇒ Dimitra
Order matters and no other fields allowed
E-mail addresses, login names etc. can be given als Subject Alternative Name, but must be verified
You present your certificate (and all intermediate certificates):
As a user: when sending a signed e-mail (as part of the signature)
The recipient will check the certificate
As a server: when accepting an HTTPS (IMAPS, POP3S, ...) connection
The client will check the certificate
As a client: when connecting to an HTTPS (IMAPS, POP3S, ...) server
Only if requested by the server (better security than password authentification)
The server will check the certificate
Try: https://xsso.uni-muenster.de/MeinZIV/
For checking certificates you need the corresponding root certificate
Many root certificates are pre-installed in your software, but can be edited
Checking certificates = (automatically)
comparing identity in certificate with e-mail partner resp. hostname
Hosts and domains are case-insensitive but local parts of e-mail addresses are case-sensitive:
perske@wwu.de = perske@WWU.DE ≠ Perske@WWU.DE
Always use lowercase only, both in certificates and in your e-mail configuration
checking all ( signature + purpose + life time + more ) of each certificate involved
checking trust in root certificate
checking whether the certificates make up a complete certificate chain
Demo: Firefox: https://www.uni-muenster.de/ | padlock symbol | Show certificates | Details
Import own certificate
Export own certificate incl. private key into a PKCS#12 file (.p12 or .pfx)
Import PKCS#12 file into Thunderbird
Activate own private key as signing key in Thunderbird
Send a signed e-mail
Receive a signed e-mail, check signature
Send/receive an encrypted e-mail
Rainer Perske
Westfälische Wilhelms-Universität
Zentrum für Informationsverarbeitung
Zertifizierungsstelle
Röntgenstraße 7-13
48149 Münster
ca@uni-muenster.de
+49 251 83 31590 (fon)
+49 251 83 31555 (fax)
© 2011-2012 Rainer Perske und Universität Münster