Self-signed certificate

In cryptography and computer security, a self-signed certificate is an identity certificate that is signed by the same entity whose identity it certifies. This term has nothing to do with the identity of the person or organization that actually performed the signing procedure. In technical terms a self-signed certificate is one signed with its own private key.

In typical public key infrastructure (PKI) arrangements, a digital signature from a certificate authority (CA) attests that a particular public key certificate is valid (i.e., contains correct information).^[1]

Security issues

CAs are third parties and require both parties to trust the CA. (CAs are typically large, impersonal enterprises and a high-value target for compromise.) If the parties know each other, trust each other to protect their private keys, and can confirm the accurate transfer of public keys (e.g. compare the hash out of band), then self-signed certificates may decrease overall risk. Self-signed certificate transactions may also present a far smaller attack surface.

Self-signed certificates cannot (by nature) be revoked,^[2] which may allow an attacker who has already gained access to monitor and inject data into a connection to spoof an identity if a private key has been compromised. CAs on the other hand have the ability to revoke any compromised certificates they signed if alerted, which prevents its further use.

Some CAs can verify the identity of the person to whom they issue a certificate; for example the US military issues their Common Access Cards in person, with multiple forms of other ID, and only when a higher authority requires the issue.

Other issues

Cost Self-signed certificates can be created for free using a wide variety of tools including OpenSSL, Java's keytool, Adobe Reader, and Apple's Keychain. Certificates bought from major CAs often cost around a hundred dollars per year. In December 2015^[3] Mozilla Foundation has launched Let's encrypt, which allows one to obtain a DV certificate for free.

Speed to Deploy Self-signed certificates require the two parties to interact (e.g. to securely trade public keys). Using a CA requires only the CA and the certificate holder to interact; the holder of the public key can validate its authenticity with the CA's root certificate.

Customization Self-signed certificates are easier to customize, for example a larger key size, contained data, metadata, etc.

References

↑ PERLMAN, RADIA (1995). Network Security Private Communication in a PUBLIC World. Prentice Hall. p. 190. ISBN 0-13-061466-1.
↑ http://www.ietf.org/rfc/rfc2459.txt
↑ "Public Beta". Let's encrypt. Retrieved 2015-12-06.

TLS and SSL

Protocols and technologies

Transport Layer Security / Secure Sockets Layer (TLS/SSL)
Datagram Transport Layer Security (DTLS)
DNS Certification Authority Authorization (CAA)
DNS-based Authentication of Named Entities (DANE)
HTTPS
HTTP Public Key Pinning (HPKP)
HTTP Strict Transport Security (HSTS)
OCSP stapling
Perfect forward secrecy
Server Name Indication (SNI)
STARTTLS
Application-Layer Protocol Negotiation (ALPN)

Public-key infrastructure

Automated Certificate Management Environment (ACME)
Certificate authority (CA)
CA/Browser Forum
Certificate policy
Certificate revocation list (CRL)
Domain-validated certificate (DV)
Extended Validation Certificate (EV)
Online Certificate Status Protocol (OCSP)
Public key certificate
Public-key cryptography
Public key infrastructure (PKI)
Root certificate
Self-signed certificate

Self-signed certificate

Security issues

Other issues

See also

References