PKI Topologies
There is not a one-size-fits-all solution for PKI. In small networks, a single CA server may be enough, but in a network with 30,000 devices, a single server may not provide the availability and fault tolerance required. To answer these issues, let’s investigate the options available to us for implementation of the PKI, using various topologies, including single and hierarchical. Let’s start off with the single CA and expand from there.
Single Root CA
If you have one trusted CA, and you have tens of thousands of customers who want to authenticate that CA and request their own identity certificates, there might be too large of a demand on a single server even though a single CA does not have to be directly involved in the day-to-day authentication that happens between peers. To offload some of the workload from a single server, you could publish CRLs on other servers. At the end of the day, it still makes sense to have at least some fault tolerance for your PKI, which means more than just a single root CA server.
Hierarchical CA with Subordinate CAs
One of our options to support fault tolerance and increased capacity is to use intermediate or subordinate CAs to assist the root CA. The root CA is the king of the hill. The root CA delegates the authority (to the subordinate CAs) to create and assign identity certificates to clients. This is called a hierarchical PKI topology. The root CA signs the digital certificates of its subordinate or intermediate CAs, and the subordinate CAs are the ones to issue certificates to clients. For a client to verify the “chain” of authority, a client needs both the subordinate CA’s certificate and the root certificate. The root certificate (and its public key) is required to verify the digital signature of the subordinate CA, and the subordinate CA’s certificate (and its public key) is required to verify the signature of identity certificates assigned to clients. If there are multiple levels of subordinate CAs, a client needs the certificates of all the devices in the chain from the root all the way to the CA that issued the client’s certificate.
Cross-Certifying CAs
Another approach to hierarchical PKIs is called cross-certifying. With cross-certification, you could have a CA with a horizontal trust relationship over to a second CA so that clients of either CA could trust the signatures of the other CA.