PKI in Win2K

Public key cryptography is one of the top 10 great ideas of the 20th century, up there with jet airplanes and rock and roll. But despite being more than 20 years old, this technology has only recently taken off in a big way. Originally hampered by patent problems and other issues, public key is used today in Lotus Notes, the Novell Directory Service, on the Web in SSL and in other applications. Yet truly generalized use has remained elusive.

One reason it has taken so long to see this general use is that effectively using public key technology requires creating a public key infrastructure (PKI). Among the most important parts of this infrastructure are mechanisms for creating the required encryption keys, some way to create certificates that verify a key’s ownership and organizations acting as certification authorities (CAs) to issue those certificates. The technical problems in creating an effective PKI have been understood for some time. What has held us back is the more mundane issues: Who will act as CAs? How should CAs relate to one another? How can we manage which CAs, and thus which certificates, are trusted?

Answering these questions and the many more posed by the problem of building an effective PKI requires multivendor standards. For the most part, those standards exist today. The widely supported X.509 standard defines how certificates should look, for example, while other standards specify things such as how requests for those certificates should be formatted. We also need software that uses these standards and more software that implements other aspects of PKI that aren’t standardized. As always, paper standards aren’t enough -- real code is required.

In a decision that I think will have a significant impact, Microsoft has chosen to provide this code in its next operating system release. Windows 2000 includes a large set of software for creating and using a public key infrastructure. Given the likely popularity of this new operating system, and the fact that all of this software comes for free, Microsoft’s decision will jumpstart the more general use of this technology.

Microsoft offers some PKI support today. The Microsoft Certificate Server available now with Windows NT 4, for example, allows the creating of certificates, establishing of CAs and more. And CryptoAPI, also shipping today, provides a standard way to access implementations of public key algorithms, allowing creation of keys and other critical functions. But this support focuses on Web applications -- there’s not really enough available to support generic use of the technology.

Windows 2000 changes this. For example, one tough issue in using public key effectively is determining which CAs should be trusted to issue certificates. Most organizations will one day have their own CAs, and the certificates they issue will most likely be trusted by users in that organization. But using public key technology effectively may require trusting outside CAs, too, which creates a much tougher problem. Will you trust certificates issued by the CA of your major competitor? Trusting a CA is a big decision -- trust the wrong one and your security can be compromised.

In a Windows 2000 domain, this decision can be made centrally by a domain administrator. Using the new system’s group policy feature, a list of trusted CAs can be created, and passed down to all machines in the domain. Rather than let individual users make this important decision -- almost certainly a bad idea -- it can be made once by someone with the knowledge to make it intelligently.

Windows 2000 supports other important PKI functions, as well, including improved support for using smart cards to store keys and support for revoking certificates. But not too surprisingly, all of this comes at a cost: complexity. Frankly, I’m amazed at what Microsoft expects an administrator to understand to correctly configure the system’s PKI features. In the company’s defense, this stuff is inherently complicated, another reason for its slow spread into the computing mainstream. Still, if you plan to exploit the attractive new public key features in Windows 2000 prepare to devote some time and money to training the people who will administer it.

An organization can effectively deploy Windows 2000 and completely ignore its PKI support. Kerberos is the system’s core security protocol, so there’s no obligation to understand or use public key technology. Yet especially for Web-based applications, public key is very attractive, if not downright essential. Windows 2000 supports its use in other contexts, too. While you can put it off for a while, I’d guess that most organizations moving to Windows 2000 will eventually need to bite this bullet. Don’t be too scared -- the technology really is usable --but do maintain a healthy respect. Public key technology is a useful thing, and Windows 2000 includes some nice support for using it. Just don’t underestimate the effort involved in making it real in your organization. --David Chappell is principal of Chappell & Associates (Minneapolis), an education and consulting firm. Contact him at