Text needed here
[1] The first component in ensuring a properly configured CA is the naming document. Its formal title is the New Issuing Authority Naming Application. This document contains the information necessary to properly configure a CA:
After the Digi-CAST2™ Consultant and the customer have defined the Customer’s CA, the
Digi-CAST2™ Consultant will give you a copy of the completed naming document that has
been signed by both the Digi-CAST2™ Consultant and the Customer. You will use the information in the naming document to create the CA. Detailed information about the naming document is available in Chapter 4, "Key Ceremony Preparation".
[1] We have a requirement, that the generation of new RSA keys and creation of new Certification Authorities (CAs) must be witnessed by a third party auditor and appointed witnesses. We must therefore generate fresh keys which have been witnessed in the prescribed manner and use these keys to create new Certification Authorities (CAs).
The keys we generate today will be new keys, having no existing keys residing on the HSM device we are about to use during this ceremony. There are therefore no existing keys residing in the HSM device should this note be relevant to any party participating in this ceremony.
It is important to note, that the Key Generation and Certificate Signing operations occur entirely within the HSM device which uses a FIPS 140 approved pseudo random-number generator, which is seeded periodically from a random bit-value accumulator fed with an unpredictable input from an electronic noise source.
The prime number generator used in RSA key pair generation is entirely within the HSM and is covered by FIPS 140.
The software and the procedures were tested to ensure, that the keys were valid, and that the import and export procedures were working as required.
The source code was examined to ensure that its operation was correct.
[1]
Issue |
|
Subject Dn |
Issue Dn |
.req |
.509 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[1] An IBM compatible computer (hereafter referred to as "the computer") was set up in a room providing strict personnel access control, security camera monitoring [and electronic isolation from any computer networks].
2. The computer has a hard disk which has been pre-prepared with a fresh installation of a [Red Hat Enterprise Linux, version 5.0] operating system, the requisite HSM driver, nToken authentication PCI device, HSM device Support Software and the
Digi-CA™ PKI System, both acting as the Cryptographic Operation Control Software. The software was tested for correct operation prior to the Key Ceremony by using an HSM reserved for backup purposes.
3. The Key Access Component Cards are going to be distributed to appointed Key Access Component Holders during a later event of this ceremony. It is however important to note, that Key Access Component Holders are the only holders possessing PIN codes necessary to access the data stored on these smart cards. Before this step can be completed, each appointed Key Access Component Holder must now write down their new PIN code on a dedicated PIN paper sheet and put the PIN paper sheet with the written PIN code into an envelope, indicating their full personal name. Each envelope is to be placed on the Inventory Table and remain not sealed for the duration of the entire Key Ceremony. All attending Witnesses must ensure, that Key Access Component Holders are inserting their PIN Code paper sheets into correct envelopes, that indicate their full personal name.
Key Ceremony Administrator should now place a sufficient number of empty Key Access Component Cards on top of the envelopes containing PIN Code paper sheets. It is important to note, that the video camera should constantly record all activities related to access to the Key Access Component Cards and envelopes containing PIN Code paper sheets.
The Key Ceremony Administrator is now going to note the new Name for the newly configured Key Access Component Card Set, the Serial Number of each Key Access Component Card, that is about to be used and the details of each Key Access Component Holder (below) in this script. All attending Key Ceremony Witnesses must ensure, that the date entered into the script, the full personal name of each Key Access Component Holder and the Serial Number of the Key Access Component Card they are about to use is correct. They also must place their signature where indicated (below) in this section of the script.
Key Access Component Card Set
Name: …………………………………………………………………………………………………………………
Key Access Component Holder #1
Full Name: …………………………………………………………………………………………………………………
Card Serial Number: ……………………………………………………………………………………………
Key Access Component Holder #2
Full Name: …………………………………………………………………………………………………………………
Card Serial Number: ……………………………………………………………………………………………
Key Access Component Holder #3
Full Name: …………………………………………………………………………………………………………………
Card Serial Number: ……………………………………………………………………………………………
Key Access Component Holder #4
Full Name: …………………………………………………………………………………………………………………
Card Serial Number: ……………………………………………………………………………………………
Key Access Component Holder #5
Full Name: …………………………………………………………………………………………………………………
Card Serial Number: ……………………………………………………………………………………………
[1] The first HSM device (designated #1) was removed from production and connected to the computer prior to this ceremony and the event was monitored and supervised by an appointed company’s Head of Security.The Cryptographic Operation Control Software is now about to be used to cause the numbered (in section 3 above) operations to occur in the following sequence: 5.
During this phase of the Key Generation Ceremony, a new Key Access Component Card Set is created and bound to our HSM device security infrastructure. The card set configuration we choose is as follows:
b. Minimum number of smart cards required to access the private key: 3
c. Minimum number of smart cards required to recreate any lost smart card: 3
d. Minimum number of smart cards required to recover lost PIN codes: 3
e. Minimum number of smart cards required to recover a private key: 3
During this step, one of the HSM Security Administrators present at the ceremony will be requested by the Key Generation Ceremony Administrator to insert his Administrator’s Smart Card into the smart card reader interface of the HSM device in order to authorize the creation of a new Key Access Component Card Set. This is required by the HSM device, which operates in FIPS 140-2 level 3 modes.
Further during step, each appointed (in previous step) Key Access Component Holder will be requested to actively participate in the ceremony. The Key Generation Ceremony Administrator will require each Key Access Component Holder to separately follow the steps below:
a. Access their PIN envelope, that were previously placed on the Inventory Table
b. Re-read and memorize their PIN codes, that were previously written on their PIN Code paper sheet
c. Confirm to memorize their PIN code
d. Place their PIN Code paper sheet back into their envelope and place the envelope not sealed back on the Inventory Table
e. Take their smart card from the Inventory Table and when requested by the Key Generation Ceremony Administrator, walk towards the HSM device
f. When requested by the Key Generation Ceremony Administrator, insert their smart card into the smart card reader interface of the HSM device and when requested by the Key Generation Ceremony Administrator, enter and confirm their memorized PIN Code.
g. When requested by the Key Generation Ceremony Administrator, remove the smart card from the HSM smart card reader interface and place their smart card back on the Inventory Table on top of their PIN envelope.
The above sequence of steps will be repeated for each appointed new Key Access Component Holder.
All attending Witnesses must ensure, that each Key Access Component Holder accesses only their own Key Access Component Card and PIN envelope. They must also ensure, that all PIN Code paper sheets remain in envelopes, which are not sealed, and that relevant Key Access Component Cards reside on the top of each envelope on the Inventory Table at the end of this step.
The new card set will be subsequently used during this ceremony to encrypt and protect access to relevant private keys we are about to generate. The encryption key elements [components] are now stored on each PIN protected Key Access Component Card, which will be required to access newly generated and access protected private keys at any time.
[1] During the Key Access Component Card Set Configuration, at least two people from the Key Ceremony Attendees list of personnel were present at all times. No other personnel were permitted access to the room. The Cryptographic Operation Control Software required a PIN code to be entered before the software could communicate with any smart card (holding encryption key component [Key Access Component Card]) used during the Key Access Component Card Set configuration.
[1] The previous step left the HSM device #1 configured for use with our newly generated keys. The encryption key elements [components] are stored on several PIN protected smart cards, herein referred to as "Key Access Component Cards", which are required to access these keys at any time. The smart cards are currently visible on the Inventory Table and during the later phase of this ceremony will be distributed to the Key Access Component Holders, who are the only holders possessing PIN codes necessary to access the data stored on these smart cards.
We note, that there is no need to delete our encrypted keys from the hard disk within the computer as these keys are strongly encrypted by the HSM device and additional encryption key, that was divided into key elements (components) within a key set. If the key repository data was stolen, it would be useless without the HSM decryption key and additional encryption key elements (components) distributed to Key Access Component Holders inside the PIN protected Key Access Component Cards. The encrypted keys stored within the repository are in offline state and the computer with the hard drive storing the encrypted repository data will be kept safe in an isolated room with strict personnel and network access controls in place as well as video camera monitoring maintained 24 hours per day throughout the year.
All witnesses attending this part of the ceremony must ensure, that the date entered into this script is correct and the checksum values presented on the computer screen upon sequential execution of the checksum calculation commands, that are performed on private key data stored inside the repository as well as on the backup media, and the values written below by the Key Ceremony Administrator, exactly match. They also must place their signatures where indicated (below) in this section of the script.
Date: …………………………………………
Key 1
Common Name: ………………………………………………………………………………………………………
Checksum: …………………………………………………………………………………………………………………
Key 2
Common Name: ………………………………………………………………………………………………………
Checksum: …………………………………………………………………………………………………………………
…
Key N
Common Name: ………………………………………………………………………………………………………
Checksum: …………………………………………………………………………………………………………………
Witnessing Attendees’ Signatures:
[1] The removable media disks holding backup copies of our keys will now be separated placed into sealed envelopes and sent to be held at separate bank deposit facilities immediately after this ceremony. [1] 4. Since the private key we are about to use is encrypted and access protected, the Key Ceremony Administrator will require any 3 (three) Key Access Component Holders from the previously created Key Access Component Card Set, to separately follow the steps below:
b. Re-read and memorize their PIN codes, that were previously written on their PIN Code paper sheet
c. Confirm to memorize their PIN code
d. Place their PIN Code paper sheet back into their envelope and place the envelope not sealed back on the Inventory Table
e. Take their smart card from the Inventory Table and when requested by the Key Generation Ceremony Administrator, walk towards the HSM device
f. When requested by the Key Generation Ceremony Administrator, insert their smart card into the smart card reader interface of the HSM device and when requested by the Key Generation Ceremony Administrator, enter their memorized PIN Code.
g. When requested by the Key Generation Ceremony Administrator, remove the smart card from the HSM smart card reader interface and place their smart card back on the Inventory Table on top of their PIN envelope.
The above sequence of steps will be repeated for the number of Key Access Component Holders, that are selected by the Key Ceremony Administrator.
All attending Witnesses must ensure, that each Key Access Component Holder accesses only their own Key Access Component Card and PIN envelope. They must also ensure, that all PIN Code paper sheets remain in envelopes, which are not sealed, and that relevant Key Access Component Cards reside on the top of each envelope on the Inventory Table at the end of this step.
Furthermore, all Witnesses must ensure, that the correct private key is used during this step. This can be achieved by cross-checking whether the private key identifier file name along with the file system path, are both entered correctly by the Key Ceremony Administrator in the command prompt. These must match the private key details stored in the Key Map Document. The private key should be dedicated for use only with the new Root CA we created today hence the cross-check.
5. The previous step left the private key used to sign the newly created Root CA Certificate offline. It also permanently associated that private key with the new Root CA we created.
6. The Root CA Signing is now declared complete.
[1] An IBM compatible computer (hereafter referred to as "the computer") was set up in a room providing strict personnel access control, security camera monitoring [and electronic isolation from any computer networks].During this step, the Key Ceremony Administrator, using the Cryptographic Operation Control Software, will create new Subordinate CA and assign it to a dedicated private key that was previously generated during this ceremony. The newly created Subordinate CA will be signed by the Root CA that was created earlier during this ceremony.
To complete this process, the Key Ceremony Administrator will use a Naming Document, that contains the details of the new Subordinate CA we are about to sign, to create a certificate profile configuration file, containing various certificate related information such as: Subject Distinguished Name, Validity Period, Signature Algorithm, Certificate Serial Number and Certificate extensions. The certificate profile configuration file will be used by the Cryptographic Operation Control Software to create the new Subordinate CA certificate.
All attending Witnesses must ensure, that the certificate details entered into the certificate profile configuration file by the Key Ceremony Administrator, match the details contained in the Naming Document used during this ceremony. The new Subordinate CA Certificate details must be taken from the section of the Naming Document specifically dedicated for the correct Subordinate CA, for which the Subordinate CA Certificate is created.
Key Ceremony Administrator will capture and store during this step any relevant informational output produced on the computer screen by the Cryptographic Operation Control Software in the Key Map Document.
[1] Upon directing the Cryptographic Operation Control Software to sign the new Subordinate CA Certificate, the private key of the Root CA will need to be loaded to the HSM securely protected operational memory.b. Re-read and memorize their PIN codes, that were previously written on their PIN Code paper sheet
c. Confirm to memorize their PIN code
d. Place their PIN Code paper sheet back into their envelope and place the envelope not sealed back on the Inventory Table
e. Take their smart card from the Inventory Table and when requested by the Key Generation Ceremony Administrator, walk towards the HSM device
f. When requested by the Key Generation Ceremony Administrator, insert their smart card into the smart card reader interface of the HSM device and when requested by the Key Generation Ceremony Administrator, enter their memorized PIN Code.
g. When requested by the Key Generation Ceremony Administrator, remove the smart card from the HSM smart card reader interface and place their smart card back on the Inventory Table on top of their PIN envelope.
The above sequence of steps will be repeated for the number of Key Access Component Holders, that are selected by the Key Ceremony Administrator.
All attending Witnesses must ensure, that each Key Access Component Holder accesses only their own Key Access Component Card and PIN envelope. They must also ensure, that all PIN Code paper sheets remain in envelopes, which are not sealed, and that relevant Key Access Component Cards reside on the top of each envelope on the Inventory Table at the end of this step. Furthermore, all Witnesses must ensure, that the correct Root CA private key is used during this step. This can be achieved by crosschecking whether the private key identifier file name along with the file system path, are both entered correctly by the Key Ceremony Administrator in the command prompt. These must match the Root CA private key details stored in the Key Map Document. The correct Root CA private key should be used hence the crosscheck.
It also permanently associated an existing private key, that was generated earlier during this ceremony with the new Subordinate CA we created.
During the Signing Event, at least two people from the Key Ceremony Attendees list of personnel were present at all times. No other personnel were permitted access to the room. The Cryptographic Operation Control Software required a PIN code to be entered before the software could communicate with any smart card (holding encryption key component [Key Access Component Card]) used during the Signing Event.
[1] During this phase of the ceremony, the Key Ceremony Administrator will request each Key Access Component Card Holder to place their Key Access Component Cards in their PIN envelopes place the envelopes sealed on the Inventory Table.
8. Key Ceremony Conclusion
[1] All copies of the signed Key Ceremony Script are now going to be placed in the Archive Folder.
9. Key Ceremony Attendees Present
Name Title Company Signature
[This page printed blank to allow notes to be made]
[1] I am:
_______________________________________________________________________
CA Owner Organization Name:
___________________________________________________________
CA Owner Organization’s Address:
___________________________________________________________
CA Owner Organization’s Telephone Number:
___________________________________________________________
I confirm that I am in receipt of the following Component(s):
Description Details:
_________________________________________________________________________
_________________________________________________________________________
I confirm that:
I have understand that I am an official Component Receipt Shareholder.
I must keep my Component information secret.
I will only reveal my Component information at scheduled Key Ceremony events.
Under penalties of perjury, I declare to the best of my knowledge and belief, that the information I have provided is true, correct, and complete.
Signature: ___________________________________ Date: ____________________
I attest that:
I have validated the identity of this Key Access Component Holder
Under penalties of perjury, I declare to the best of my knowledge and belief, that the information I have provided is true, correct, and complete.
Notary Signature: _____________________________ Date:____________________
[1] I am:
_______________________________________________________________________
Organization Name:
___________________________________________________________
Organization Address:
___________________________________________________________
Telephone Number: ___________________________________________________________
Professional License and/or Association Number(s):_________________________
This letter of attestation is being provided on behalf of the following entity:
CA Owner Organization’s Name:
________________________________________________________________
CA Owner Organization’s Address:
________________________________________________________________
CA Owner Organization’s Telephone Number:
________________________________________________________________
I attest that:
Under penalties of perjury, I declare to the best of my knowledge and belief, that the information I have provided is true, correct, and complete.
Signature: ___________________________________ Date: ____________________
Notary Signature: _____________________________ Date: ____________________
Appendix III – Entry/Exit Log
________________________________________________________________
CA Owner Organization’s Address:
________________________________________________________________
CA Owner Organization’s Telephone Number:
________________________________________________________________
Links:
[1] https://www.digi-sign.com/downloads/digi-ca-admin-manual
[2] https://www.digi-sign.com/public+key+infrastructure