What’s the Difference Between a Root CA and Intermediate CA?
Certification authorities (CAs) play a crucial role in securing communications and transactions over the internet through the use of digital certificates. CAs issue digital certificates that validate the identity of individuals, computers, and organizations on the internet.
There are two main types of CAs – root CAs and intermediate CAs. While both types of CAs issue digital certificates, there are some key differences between root CAs and intermediate CAs when it comes to their position and function in a public key infrastructure (PKI). Understanding the distinctions between a root CA vs intermediate CA is important for grasping their roles in certificate chains and web security.
Root CA vs Intermediate CA: Head-to-Head Comparison
| Feature | Root CA | Intermediate CA |
| Position in hierarchy | At the top as trust anchor | In the middle between root and endpoints |
| Certificate issuance | Issues subordinate CA certificates | Issues end-entity certificates |
| Trust source | Self-signed and inherently trusted | Issued and trusted by the root CA |
| Key usage | Used infrequently and kept offline | Used regularly and kept online |
| Compromise impact | Affects entire PKI trust | Limited to branch of CA |
| Management | Globally managed | Can be locally managed |
| Accessibility | Offline with restricted access | Online and accessible |
| Certificate path | Forms the root of all paths | Appears in middle of certificate paths |
| Validity period | Up to 20 years or more | Typically around 5 years |
| Audit requirements | Extensive auditing required | Less stringent auditing |
| Cryptographic algorithms | Typically stronger and updated less often | Can be updated more flexibly |
| Private key protection | Stored on FIPS 140-2 Level 3+ HSM | Stored on HSM with Level 2+ |
| Certificate storage | Self-issued so not stored externally | Stored in root CA database |
| Brand customization | Represents entire PKI | Can represent departments/products |
| Cost | Very high setup and maintenance costs | Lower costs per intermediate CA |
Overview of Root CAs
A root CA is at the top of the CA hierarchy and is the ultimate source of trust in a PKI. Here are some key characteristics of root CAs:
- Self-Signed Certificate: A root CA has a self-signed certificate, which means the certificate is signed by the CA’s own private key. Since there is no higher authority to issue the certificate, the root CA signs its own certificate.
- Trust Anchor: The root CA certificate is distributed as a trust anchor in operating systems, browsers, and devices. This allows the devices to trust certificates issued by the root CA.
- Root Of Trust: The root CA is the root of trust for all certificates issued by subordinate CAs in the hierarchy. Every certificate path leads back to the root CA certificate.
- Issuer Of Subordinate CA Certificates: The root CA issues certificates to subordinate intermediate CAs and enterprise CAs. These CAs can then issue certificates to entities.
- Offline Storage: The root CA is kept offline at all times for security reasons. The private key is stored securely offline and is used occasionally to issue intermediate CA certificates.
- Few Direct Certificate Issuances: Root CAs rarely issue certificates directly to entities. This minimizes exposure of the highly valuable root CA key.
- Long Validity Period: Root CA certificates have a long validity period, typically 20 years or more, so the root CA does not need to be recreated and redistributed often.
Overview of Intermediate CAs
Intermediate CAs are subordinate CAs that are issued certificates by the root CA or another intermediate CA. Here are some key characteristics of intermediate CAs:
- Not Self-Signed: An intermediate CA is issued a certificate by the root CA or another intermediate CA, so its certificate is not self-signed.
- Positioned Between Root CA and Endpoints: Intermediate CAs are positioned in between the root CA and end-entity certificates such as servers and clients.
- Issued By Higher-Level CA: An intermediate CA certificate is issued and digitally signed by a higher-level CA like the root CA or another intermediate CA.
- Issues End-Entity Certificates: The primary function of an intermediate CA is to issue certificates to end entities such as users, clients, servers, devices, code signing, etc.
- Issues Subordinate CA Certificates: An intermediate CA can also issue certificates to other intermediate CAs below it in the hierarchy.
- Online Connectivity: Intermediate CAs are kept online to issue certificates since they have limited scope of authority.
- Shorter Validity Period: Intermediate CAs tend to have a shorter certificate validity of around 5 years before renewal is required.
Key Differences Between Root CAs and Intermediate CAs
While root CAs and intermediate CAs have some overlapping functions, there are distinct differences between the two types of CAs:
Trust
- Root CAs is inherently trusted as the anchor of trust in a PKI.
- Intermediate CAs derive their trust from the root and higher-level intermediate CAs.
Position in Hierarchy
- The root CA sits at the top of the hierarchy as the trust anchor.
- Intermediate CAs are positioned in layers below the root CA and above end entities.
Scope of Authority
- Root CAs has broad authority over the entire PKI.
- Intermediate CAs have limited authority restricted to their branch of the hierarchy.
Key Usage
- The root CA key is used infrequently and kept securely offline.
- Intermediate CAs use their keys online to issue certificates to entities.
Certificate Issuance
- Root CAs mainly issues subordinate CA certificates.
- Intermediate CAs focus on issuing end-entity certificates.
Compromise Impact
- Compromise of the root CA key affects trust across the entire PKI.
- Compromise of an intermediate CA key is restricted to its branch of certificates.
Certificate Path
- All certificate paths ultimately lead back to the root CA.
- Intermediate CA certificates appear in the middle of certificate paths.
Conclusion
Root CAs and intermediate CAs serve distinct roles in a public key infrastructure. Root CAs are the ultimate trust anchors that issue subordinate CA certificates, while intermediate CAs provide scalability and availability by issuing end-entity certificates. Intermediate CAs compartmentalize the PKI into branches to limit damage if compromised.
The proper use of intermediate CAs enhances security by restricting exposure of the highly sensitive root CA keys. Organizations must carefully architect their intermediate CA structure to balance security, scalability, complexity, and cost based on their specific certificate requirements and risk profile. Overall, intermediate CAs are a critical component of a robust, trusted, and efficient PKI.
Frequently Asked Questions on Root CA vs Intermediate CA
What is the key difference between a root CA and intermediate CA?
The key difference is that root CAs are the ultimate trust anchor that issues subordinate CA certificates, while intermediate CAs derive trust from higher CAs and issue end-entity certificates to users, servers and devices.
Why are intermediate CAs used instead of just having the root CA issue all certificates?
Using intermediate CAs minimizes exposure of the highly sensitive root CA key by keeping it offline. Intermediate CAs also provide scalability, availability and compartmentalization benefits.
Can an intermediate CA issue certificates to another intermediate CA?
Yes, an intermediate CA can issue a subordinate intermediate CA certificate given allowance in the CA certificate extensions and policy. This creates a chain of intermediate CAs.
Does compromising an intermediate CA impact the entire PKI?
No, compromising an intermediate CA only impacts certificates issued by that CA, not the entire PKI. This damage containment is a benefit of using intermediate CAs.
How many intermediate CAs should be used?
The optimal number of intermediate CAs depends on the size, security requirements and management capabilities of the organization. Using more intermediate CAs increases compartmentalization but adds complexity.
- RSA keys of 2048 bits
- ECC keys of 224 bits
Larger key sizes of 3072+ bits for RSA and 256+ bits for ECC provide future-proof security. The strength depends on the algorithm and key generation.
What happens if you lose a private key?
Losing a private key is catastrophic since you can no longer decrypt or sign any messages secured by their associated public key. Lost private keys essentially destroy access to encrypted data. Diligently backing up and storing private keys in multiple safe locations is critical.
Can you protect a private key with a password?
Yes, private keys are often encrypted with a passphrase for additional security. The user must enter the password each time they need to access the private key so it remains cryptographically locked away otherwise. Proper password hygiene is important.
