Should CNG be used in a *ROOT* CA? What CSP, Hash algorithm, and Length is appropriate?
Microsoft allows a CA to use Cryptography Next Generation (CNG) and advises
of incompatibility issuesfor clients that do not support this suite.
My intent is to have a general-purpose offline Root-CA and then several Intermediate CAs that serve a specific purpose (MSFT-only vs Unix vs SmartCards etc)
What are the ideal settings for a Root Certificate with an expiration of 5, 10, and 15 years?
CSP
Signing Certificate
Key Character Length
Since this is a RootCA, do any of the parameters affect low powered CPU (mobile devices)
See a more complete version of this question (with images) at http://security.stackexchange.com/q/15532/396
May 31st, 2012 6:33pm
Hi,
What are the ideal settings for a Root Certificate with an expiration of 5, 10, and 15 years?
>> As this is related confidential information, please take more care of TechNet articles and related technical magazine.
Hope this helps!
Best regards
Elytis Cheng
TechNet Subscriber Support
If you are
TechNet Subscription user and have any
feedback on our support quality, please send your feedback here.Elytis Cheng
TechNet Community Support
Free Windows Admin Tool Kit Click here and download it now
May 31st, 2012 10:57pm
Hi,
What are the ideal settings for a Root Certificate with an expiration of 5, 10, and 15 years?
>> As this is related confidential information, please take more care of TechNet articles and related technical magazine.
Hope this helps!
Best regards
Elytis Cheng
TechNet Subscriber Support
If you are
TechNet Subscription user and have any
feedback on our support quality, please send your feedback here.Elytis Cheng
TechNet Community Support
May 31st, 2012 11:03pm
as of my own experience - some devices (older OS, mobiles, smart cards) cannot operate/validate with larger RSA keys than 2048 bits. This is my recommandation for all certificates in the chain (root, intermediage, issued etc.). A lot of applications and
devices cannot use ECC algorithms. Do not use ECC if you want to be compatible anywhere in the chain.
Some older systems (including Windows Server 2003 without a non-public update, even TMG has been reported to have some problems in some instances) cannot validate SHA-2 signatures. If you want to be compatible, do not use SHA-2 anywhere in the whole chain,
meaning root as well.
Some applications cannot use CNG certificate storage (examples are TLS client in Windows 7, TMG, SQL Server 2008 R2, System Center, etc.). So do not use Certificate Templates v3 (Windows Server 2008 type).
ondrej.
Free Windows Admin Tool Kit Click here and download it now
June 1st, 2012 4:03am
as of my own experience - some devices (older OS, mobiles, smart cards) cannot operate/validate with larger RSA keys than 2048 bits. This is my recommandation for all certificates in the chain (root, intermediage, issued etc.). A lot of applications and
devices cannot use ECC algorithms. Do not use ECC if you want to be compatible anywhere in the chain.
Some older systems (including Windows Server 2003 without a non-public update, even TMG has been reported to have some problems in some instances) cannot validate SHA-2 signatures. If you want to be compatible, do not use SHA-2 anywhere in the whole chain,
meaning root as well.
Some applications cannot use CNG certificate storage (examples are TLS client in Windows 7, TMG, SQL Server 2008 R2, System Center, etc.). So do not use Certificate Templates v3 (Windows Server 2008 type).
ondrej.
June 1st, 2012 4:09am
Thank you Ondrej for your very thoughtful, concise, and accurate response! I've found supporting information for all your comments.
I'm very interested in learning more about what does and doesn't support CNG cert storage. Do you have more information on this?
Free Windows Admin Tool Kit Click here and download it now
June 2nd, 2012 1:33am
Thank you Ondrej for your very thoughtful, concise, and accurate response! I've found supporting information for all your comments.
I'm very interested in learning more about what does and doesn't support CNG cert storage. Do you have more information on this?
June 2nd, 2012 1:40am
please understand first the term "CNG private key storage" - if you enroll Certificate Template v3, the private key goes into the CNG private key storage on the client computer. If you enroll Certificate Template v2 or v1, the private key goes into CSP storage.
The certificates will be visible to all applications in both cases, but not their private keys - so most applications will show the certificate as available, but will not be able to sign or decrypt data with the associated private key unless they support CNG
storage.
You cannot distinguish between CNG and CSP storages by using the Certificate MMC. If you want to see what storage a particular certificate is using, you must use CERTUTIL -repairstore my * (or CERTUTIL -user -repairstore my *) and take a look at the Provider
field. If it is saying "... Key Storage Provider", than it is CNG while all other providers are CSP.
If you create the initial certificate request manually (Create Custom Request in MMC), you can select between "CNG Storage" and "Legacy Key" where legacy means CSP.
The following is my experience-based list of what does not support CNG - you cannot find an authoritative list anywhere, so this arrises from my investigations over time:
EFS
Windows 2008/Vista-
user encryption certificates
VPN/WiFi Client (EAPTLS, PEAP Client)
Windows 2008/7-
user or computer certificate authentication
TMG 2010
server certificates on web listeners
Outlook 2003
user email certificates for signatures or encryption
Kerberos
Windows 2008/Vista- DC certificates
System Center Operations Manager 2007 R2
System Center Configuration Manager 2007 R2
SQL Server 2008 R2-
Forefront Identity Manager 2010 Certificate Management
in the previous list - if I say that EFS is not supported on Windows 2008/Vista-, it means that newer systems than Vista/2008 (thus 7/R2) are the first systems that support CNG for the particular technology. CNG is available only on Windows 2008/Vista and
newer, but SCOM nor SCCM 2007 support it regardless OS thay are install on.
I haven't time yet to check SQL 2012 nor System Center 2012 so if anybody has any info...
ondrej.
Free Windows Admin Tool Kit Click here and download it now
June 2nd, 2012 4:16am
one last clarification - CNG storage has nothing to do with the algorithms. If an application does support CNG
storage, it does not tell anything about the application's support for newer
algorithms. So the sole information about CNG storage support does not mean that the app supports ECC signatures etc.
o.
June 2nd, 2012 4:19am
please understand first the term "CNG private key storage" - if you enroll Certificate Template v3, the private key goes into the CNG private key storage on the client computer. If you enroll Certificate Template v2 or v1, the private key goes into CSP storage.
The certificates will be visible to all applications in both cases, but not their private keys - so most applications will show the certificate as available, but will not be able to sign or decrypt data with the associated private key unless they support CNG
storage.
You cannot distinguish between CNG and CSP storages by using the Certificate MMC. If you want to see what storage a particular certificate is using, you must use CERTUTIL -repairstore my * (or CERTUTIL -user -repairstore my *) and take a look at the Provider
field. If it is saying "... Key Storage Provider", than it is CNG while all other providers are CSP.
If you create the initial certificate request manually (Create Custom Request in MMC), you can select between "CNG Storage" and "Legacy Key" where legacy means CSP.
The following is my experience-based list of what does not support CNG - you cannot find an authoritative list anywhere, so this arrises from my investigations over time:
EFS
Windows 2008/Vista-
user encryption certificates
VPN/WiFi Client (EAPTLS, PEAP Client)
Windows 2008/7-
user or computer certificate authentication
TMG 2010
server certificates on web listeners
Outlook 2003
user email certificates for signatures or encryption
Kerberos
Windows 2008/Vista- DC certificates
System Center Operations Manager 2007 R2
System Center Configuration Manager 2007 R2
SQL Server 2008 R2-
Forefront Identity Manager 2010 Certificate Management
in the previous list - if I say that EFS is not supported on Windows 2008/Vista-, it means that newer systems than Vista/2008 (thus 7/R2) are the first systems that support CNG for the particular technology. CNG is available only on Windows 2008/Vista and
newer, but SCOM nor SCCM 2007 support it regardless OS thay are install on.
I haven't time yet to check SQL 2012 nor System Center 2012 so if anybody has any info...
ondrej.
Free Windows Admin Tool Kit Click here and download it now
June 2nd, 2012 4:23am
one last clarification - CNG storage has nothing to do with the algorithms. If an application does support CNG
storage, it does not tell anything about the application's support for newer
algorithms. So the sole information about CNG storage support does not mean that the app supports ECC signatures etc.
o.
June 2nd, 2012 4:27am
Thanks for the info! Can MSFT put up a Technet Wiki page with this information?
Edit .: or do we have the ability to?
Free Windows Admin Tool Kit Click here and download it now
June 2nd, 2012 7:00pm
I included this information on my summary notes at: http://security.stackexchange.com/q/15532/396
June 3rd, 2012 9:06pm
I included this information on my summary notes at: http://security.stackexchange.com/q/15532/396
Free Windows Admin Tool Kit Click here and download it now
June 3rd, 2012 9:06pm
hi, thanks. would you be able to back-reference also my own blog post on the topic? I may do the same :-)
http://www.sevecek.com/Lists/Posts/Post.aspx?ID=40
o.
June 4th, 2012 1:51am
hi, thanks. would you be able to back-reference also my own blog post on the topic? I may do the same :-)
http://www.sevecek.com/Lists/Posts/Post.aspx?ID=40
o.
Free Windows Admin Tool Kit Click here and download it now
June 4th, 2012 1:51am
Updated link :)
Thanks!
June 4th, 2012 2:47pm
Updated link :)
Thanks!
Free Windows Admin Tool Kit Click here and download it now
June 4th, 2012 2:53pm