DomainPKI

Certificate Authority (CA) is a single point of failure in the trust model of X.509 Public Key Infrastructure (PKI), since CA is the only entity to sign and distribute public key certificates and no one else is involved in certificate verification. In response, recent fixes based on public logs have been successful in making certificate management more transparent and publicly verifiable. However, more recent researches have shown that none of existing solutions is fully satisfactory due to different security flaws and operational challenges. In this study, we propose a domain-aware alternative to mitigate those issues by involving domain owner in digital signature and certificate verification. Our proposal is based on current PKI design and business model with critical extensions of domain awareness. In order to engage domain owner in its certificate verification, we propose that each domain maintains its own certificate logs. A certificate is co-signed by a CA and its domain with a domain master key. To prove the authenticity of a certificate, a client first verifies the CA's digital signature, then the domain signature, and finally sends a query about the certificate status to its domain owner for further confirmation. By engaging domain owner in co-signing and verifying its certificates, we distribute the trust for certificate authenticity between the CA that signed this certificate and its domain owner. With these extensions, it will be extremely hard, if not impossible, for an adversary to make a successful attack to a client, and the damage of a successful attack is limited to this single client only. In this paper, we present a framework of our proposal, analyze its security gains and compare it with existing solutions.