Calum MacCleod (UK): Planes, Trains, Automobiles...and Certificate Authorities

I guess most of us have seen the movie with Steve Martin and the late John Candy, and I guess at some stage or other most of us have been there to some extent. It happened to me last week. After getting all the connections just right, I arrived at the airport, checked in for my 12:30 flight, breezed through an empty immigration hall and security check, and then sat down for a leisurely cup of coffee and a read of the newspaper. I’ll spare you the gruesome details but we eventually took off at 19:30. Mind you, you do get to meet some interesting people!

While you sit there for hours on end, being occasionally fed some irrelevant information, planes are coming and going to your destination, and you ask yourself, why did I choose to fly with ABC! Then you start to contemplate the alternatives. After all, the flight was only an hour and I could have hired a car and probably been home five minutes earlier.

And it seems at the moment, that every day, another Certificate Authority has fallen victim to everything from poor maintenance, “pilot error”, saboteurs (sounds much better than the modern equivalent), and careless customers. While you may suddenly find yourself unable to work, you’re asking the same questions as the poor souls who were heading off to Bali - why did I choose this Certificate Authority!

So what should you do? Well I suppose if I had a good travel agent, they would have done their magic and got me on another flight, and in the case of Certificate Authority breaches I need to be able to quickly respond by shifting to another “carrier”.

Your company is probably already using different Certificate Authorities – although hopefully not as many as one of our clients who recently discovered that instead of the two they believed they were using they actually had 25! In any case, most companies will have more than one Certificate Authority, and generally this is being done to try and have a competitive situation. After all if your Certificate Authority feels that you will “fly” with them come what may, they may just take your business for granted.

But the problem with Certificate Authorities is the same as with airlines; you can’t just jump in another airline’s queue and expect to fly; you need to ensure that you have the right travel agent who can quickly make the arrangements. And you can’t jump to a new Certificate Authority if you don’t know where your certificates are, so basically you need to have an open, vendor-neutral management system that allows you to easily switch when necessary.

Otherwise when it all goes pear shaped, you may end up facing an external auditor with a silly grin on his or her face -and if you don’t know what I mean, you need to watch the movie!

Calum MacLeod is currently EMEA director for Venafi, a digital certificate and encryption key management specialists. He has over 30 years of expertise in secure networking technologies.


« Alexander Egorov (Russia): Good or Bad News for Startups in Russia?


Manu Bonnassie (Middle East): Preparing for the Unified Communications Boom »


Do you think your smartphone is making you a workaholic?