There's been a ton of discussion on what constitutes "Trust" in the modern web world of late, but very little of it seems to have borne fruit. One minor advance Kubernetes formally adopting a proposal for a trust anchor[1][2]; Which is to say, a set of CAs that are equivalent.
Someone mentioned earlier that "At least we all agree that they're PEM and DER Formatted", to which someone mentioned that Java had it's own world, and ugh... That's a whole thing. Java has moved backwards in recent years; Their old Keystore format was useful for a single context, in that you could say "Here's the keystore for communicating with Google, it's got a list of public keys to trust and list of private keys that we are"; And that more or less worked with the tooling. The move to PKCS#12 moves to one unified bag with all your private and public keys mixed in and you have to specify which are which, which is theoretically better but in practice represents a configuration nightmare over just specifying separate files with the trusted CAs, our public keys, and our private keys. You still can't deliver a single PKCS12 file to all of your servers as a whole, because SafeBags aren't; They're DES encrypted, which is to say: Not at all[3], but at least it's clear that they aren't.
The right answer is basically what Cloudflare[4] and then Google Cloud[5] tried to do and failed: Create a single file-format for "Public Key and accompanying Private Key", and make it easy to extract the public key from many of those to form a list of CAs.
Someone mentioned earlier that "At least we all agree that they're PEM and DER Formatted", to which someone mentioned that Java had it's own world, and ugh... That's a whole thing. Java has moved backwards in recent years; Their old Keystore format was useful for a single context, in that you could say "Here's the keystore for communicating with Google, it's got a list of public keys to trust and list of private keys that we are"; And that more or less worked with the tooling. The move to PKCS#12 moves to one unified bag with all your private and public keys mixed in and you have to specify which are which, which is theoretically better but in practice represents a configuration nightmare over just specifying separate files with the trusted CAs, our public keys, and our private keys. You still can't deliver a single PKCS12 file to all of your servers as a whole, because SafeBags aren't; They're DES encrypted, which is to say: Not at all[3], but at least it's clear that they aren't.
The right answer is basically what Cloudflare[4] and then Google Cloud[5] tried to do and failed: Create a single file-format for "Public Key and accompanying Private Key", and make it easy to extract the public key from many of those to form a list of CAs.
[1] https://github.com/kubernetes/enhancements/pull/3258 [2] https://spiffe.io/docs/latest/spiffe-about/spiffe-concepts/ [3] The actual Java recommendation is to use a single well-know DES key for all PKCS12 operations, which obviates all of the stated and even best-case-steelman arguments for why Java made this change, to the point that anyone defending the decision should probably not be trusted and the proposers were more likely malicious than stupid. That's a rant for a different post. [4] https://github.com/cloudflare/cfssl [5] https://cloud.google.com/docs/authentication/application-def...