With all the cryptocalypse news from the last months the question of the trust in the CA's becomes relevant : why should I trust a well-known CA rather than operating my own ?
The advantage of the usual method is clear : the CA is already included in the certificate stores of the mail tools (like Outlook, Thunderbird...) and thus the crypto works out of the box, without bothering the user with questions about trust etc. I have a SMIME certificate signed by StartCom for this purpose.
The disadvantages :
- People have to trust the CA no to issue rogue certificates. Not only hackers could subvert the CA, also in the post-Snowden era some "other stakeholders" may influence the CA operations
- Key generation run within web browser, self-created certificates can't be submitted (at least for the StartCom free StartSSL certificates). Though I found out that the key generation really takes place on the local computer within the browser, and thus no secret data is transfered to the CA, the generation parameters (especially key size, hashing algorithm) can't be seen nor influenced
The idea is therefore to create a SMIME certificate with highest security features and have it signed by an own CA in order to have the full trust chain under control. The disadvantage of the method is that users would have to manually setup the trust on this CA in the mail tool. Thus the use of the SMIME certificate would remain reserved to an experienced user base.
I started with this guide - one configuration file for openssl and few commands lead to the wanted certificate.
However I did not feel comfortable with the configuration file as it contained lots of information and it was not clear what the various lines were doing, if they were needed, if they opened sme kind of backdoor, if they introduced some kind of collateral weakness in the crypto...
So I started investigating SMIME generation with openssl on Google. I found lots of different guides on how to generate the certificates. Most of them were using a single openssl.conf that looked like some default one. This was not satisfying.
Finally I found another guide and followed the simple PKI implementation. The big difference of this procedere is that it uses a own openssl.conf for every step (CA creation, signature, key creation...), each config file containing only the minimal information needed for the purpose, along with comments
Root CA and signing CA were created, one SMIME certificate for secure (at) joel-hatsch.net issued and signed. Public keys for secure communication can be found on my homepage(see SMIME 2)