Using a PKI
When an SNS firewall is involved in an authentication process, the authentication mechanism can rely on certificates issued by a PKI. The level of trust placed in this PKI will determine the trust in the certificate used and therefore the reliability of the authentication. When no external solutions are used to manage certificates, SNS firewalls offer the possibility of generating a certification authority and identities (consisting of a private key, public key and the peer certificate) signed by this authority. In this case, private keys are generated by and stored on the SNS firewall. If the SNS firewall is compromised, the secrets generated by it will be as well.
R34 | SNS-SMC | Use a controlled external PKI
A controlled PKI outside the SNS firewall and the SMC server should be used to generate the identities used. This PKI and CAs used must comply with the recommendations in Appendix A1 of the RGS (in French).
In the absence of an external PKI, the PKI found on the SNS firewall can be used. In this case,
The generated secrets must be deleted from the SNS firewall after they are exported to other SNS firewalls,
The administrators of the PKI must be dedicated to this role only (see recommendation R9).
In the absence of an external PKI, the PKI found on the SNS firewall can be used.
WARNING
When the SNS firewall’s internal PKI is configured, compromising it would allow an attacker to forge an identity that will be considered legitimate on the IS. It is therefore important that this function be restricted to SNS firewalls that are the least exposed to uncontrolled networks.