1
00:00:02,030 --> 00:00:08,310
Let's consider whether we mentioned all the typical applications of public key infrastructure we talked

2
00:00:08,310 --> 00:00:10,310
about E-F technology.

3
00:00:11,620 --> 00:00:17,230
Authentication using a smart card is much safer than authentication using a key chain device because

4
00:00:17,230 --> 00:00:20,320
Kerberos is integrated with public key infrastructure.

5
00:00:22,130 --> 00:00:31,470
We talked about the ATO to doubt one standard for example the radius server we discussed as mine the

6
00:00:31,470 --> 00:00:39,640
digital signing of programs the secure version of Internet Protocol and Web sites network access protection

7
00:00:39,640 --> 00:00:45,720
technology that was briefly mentioned in one of the earlier modules can also be based on certificates.

8
00:00:45,820 --> 00:00:52,720
It's the safer version using this technology we can quarantine computers that are connected to our company

9
00:00:52,720 --> 00:00:58,540
network a given computer will be isolated until its health is confirmed.

10
00:00:58,980 --> 00:01:06,720
Meaning for example that it has security updates and a virus scanner is installed in order to clearly

11
00:01:06,720 --> 00:01:08,360
identify who's isolated.

12
00:01:08,430 --> 00:01:11,080
We need a strong mechanism.

13
00:01:11,130 --> 00:01:17,790
The best is a certificate issued to a given computer or the lack of such.

14
00:01:17,800 --> 00:01:23,080
We also discuss software restriction policies which are mechanisms that enable blocking users from running

15
00:01:23,080 --> 00:01:26,580
programs.

16
00:01:26,620 --> 00:01:32,320
In conclusion the public key infrastructure has a very extensive implementation but at the same time

17
00:01:32,800 --> 00:01:39,120
it's a very functional and easy to use cryptographic system in the Windows environment.

18
00:01:40,380 --> 00:01:44,280
Running this infrastructure is a matter of days rather than a matter of weeks.

19
00:01:48,330 --> 00:01:54,270
Let's consider now how we can trust these certificates in a moment we'll take a look at a few of them.

20
00:01:56,720 --> 00:02:02,350
First certain information must be recorded in the certificate.

21
00:02:02,380 --> 00:02:05,970
Above all we need to be able to read to whom the certificate was issued.

22
00:02:07,220 --> 00:02:09,920
This brings up an interesting problem.

23
00:02:10,140 --> 00:02:16,330
If someone shows a certificate issued to for example March in can we believe that he has really march

24
00:02:16,330 --> 00:02:22,520
in not really we don't know him here.

25
00:02:22,530 --> 00:02:27,480
The issue is our trust in the organization that issued the certificate.

26
00:02:27,610 --> 00:02:29,840
Anyone can use a certificate.

27
00:02:29,870 --> 00:02:31,530
There is no photo.

28
00:02:31,690 --> 00:02:37,450
We need to trust that if an organization has issued someone a certificate that this organization verified

29
00:02:37,450 --> 00:02:42,500
in some way the identity of the person applying for the certificate.

30
00:02:42,520 --> 00:02:45,470
We also need to be able to read the purpose of the certificate.

31
00:02:45,970 --> 00:02:51,940
Is it used for file encryption for network user authentication or the secure exchange of electronic

32
00:02:51,940 --> 00:02:52,630
mail.

33
00:02:55,100 --> 00:03:00,200
Certificates may have a very specific use or they may be certificates that allow the performance of

34
00:03:00,200 --> 00:03:01,790
various operations.

35
00:03:03,550 --> 00:03:06,250
The certificate must have a validity period.

36
00:03:06,940 --> 00:03:11,940
We need to know to and from which states the certificate is valid.

37
00:03:12,010 --> 00:03:17,190
It's not mainly about a certificate that was revoked but the fact that we can't trust someone infinitely

38
00:03:18,650 --> 00:03:20,900
our trust must be limited in some way.

39
00:03:22,530 --> 00:03:29,140
We also need to know who issued the certificate a statement from certification authority X that issued

40
00:03:29,140 --> 00:03:31,300
the certificate is not enough.

41
00:03:32,370 --> 00:03:37,270
We have to be able to verify such a statement.

42
00:03:37,320 --> 00:03:43,540
We need to be able to verify the certification authority that issued certificates certificates may be

43
00:03:43,540 --> 00:03:52,280
revoked a revoked certificate provides for immediately breaking the relationship of trust if the certificate

44
00:03:52,280 --> 00:03:56,730
fell into the wrong hands or if the certification authority fell into the wrong hands.

45
00:03:58,600 --> 00:04:04,450
From now on if someone took control of the certification authority we should not further trust certificates

46
00:04:04,480 --> 00:04:12,190
issued by Therefore there must also be a way to inform system users that certain certificates were revoked.

47
00:04:14,200 --> 00:04:19,040
This is the purpose of the certificate revoke racialist.

48
00:04:19,170 --> 00:04:23,030
We need to be able to check of a specific certificate is on this list.

49
00:04:24,660 --> 00:04:29,430
The user certificate must be authenticated by a digital signature of the certification authority who

50
00:04:29,430 --> 00:04:30,240
issued it.

51
00:04:32,350 --> 00:04:37,870
We do not trust even in our own company directly the certification authority who is responsible.

52
00:04:39,070 --> 00:04:44,730
We need to have a level relationship of trust.

53
00:04:44,940 --> 00:04:47,640
It must start at the root certification authority.

54
00:04:49,280 --> 00:04:55,400
If we rely on a hierarchical model of certification authorities we will incorporate a public key infrastructure

55
00:04:55,640 --> 00:04:58,990
as is designed in the Microsoft operating systems environment.

56
00:05:01,070 --> 00:05:07,230
An alternative solution is the peer to peer network solution BGP is an example of such a solution.

57
00:05:08,900 --> 00:05:12,660
In this solution there is no hierarchy of trust.

58
00:05:12,700 --> 00:05:18,970
There is a person who has some sort of certificate because he knows his coworkers for example Jill insue

59
00:05:19,270 --> 00:05:20,520
he vouches for them.

60
00:05:20,650 --> 00:05:22,650
So they also could get a certificate.

61
00:05:24,510 --> 00:05:28,650
At this point three people already have a certificate.

62
00:05:28,810 --> 00:05:34,620
Joe may also have trusted coworkers for which she vouches and certifies their request to receive a certificate.

63
00:05:36,320 --> 00:05:44,070
Now 12 people have certificates and we all trust each other such a model is very interesting especially

64
00:05:44,070 --> 00:05:46,600
in theory.

65
00:05:46,690 --> 00:05:52,960
In practice there are certain problems if there are lots of acquaintance's research suggests that six

66
00:05:52,960 --> 00:05:54,600
to seven passes are enough.

67
00:05:55,910 --> 00:06:03,320
Consisting of the fact that we know someone who knows someone and so on in order to include in our trust

68
00:06:03,950 --> 00:06:10,700
all inhabitants on our planet seven passes and we find a friend of everyone on the earth.

69
00:06:12,480 --> 00:06:18,740
The network model is great but on a limited scale it simply doesn't work on a large scale.

70
00:06:19,970 --> 00:06:23,560
We would have to trust everybody and then we would not trust anybody.