1

Question:

I am a little confused as to the purpose of the WWDR Intermediate Certificate used in iOS development. After following these steps:

  1. generate a public/private key pair;
  2. generate a certificate signing request (CSR) based on the generated pair, and send it to Apple;
  3. receive back a certificate, signed by Apple, that verifies that I own the private key associated with the submitted public key,

I would already seem to have everything I would need to sign an application (using my private key) and have proved to Apple that I am the owner of the private key. I therefore arrive at the following related questions:

  • Why is the WWDR Intermediate Certificate necessary?
  • What information does the WWDR Intermediate Certificate encapsulate?
  • At what stage of the code-signing process is the information encapsulated by the WWDR Intermediate Certificate used, and how?

Context:

I am an Android developer who has been doing iOS development for the past 3 months. So far, I have built up my understanding of:

  • the basic principles of public key cryptography;
  • how PKC allows for the signing of entities;
  • the need for a chain of trust between the individual and a CA for a signature to be useful.

I have read questions like this one that indicate the WWDR Intermediate Certificate is necessary to validate that all other certificates acquired via CSRs sent to Apple are valid. How is that validation performed? Is downloading an intermediate certificate a typical way to verify that the signer of another certificate is a CA?

Community
  • 1
  • 1
stkent
  • 18,470
  • 14
  • 80
  • 99
  • 2
    Typically intermediate certificates are used to allow the use of an offline root certificate. The root certificate is used to generate the intermediate certificate in an offline process. This helps further protect the root private key as if it isn't kept online then it can't leak through a security violation. If the intermediate certificate is compromised then that certificate can be revoked and re-issued without needing to update the root public key held in millions of devices or compromise many other certificates that Apple may have issued for different purposes – Paulw11 Sep 21 '15 at 01:45
  • 1
    To further answer your question, you have proved to Apple that you are the owner of the private key. When they sign your CSR then you can prove to iOS that you have proved to Apple that you are the owner of the private key. To do this they sign your CSR with the private key of the WWDR intermediate certificate – Paulw11 Sep 21 '15 at 01:46

1 Answers1

2

You supply some details, including a public key to Apple in your CSR. Technically this doesn't prove to Apple that you own the private key, but the signed information can be used to validate your public key. As long as your private key is kept secret then something that decrypts with your public key must have been encrypted with the corresponding private key. This means that iOS devices can trust provisioning profiles and apps that you generate because your identity can be verified and linked to something they trust.

The reason that your CSR is signed by the WWDR intermediate certificate is to help with the security of Apple's root key pair. The root key pair is a very important and sensitive thing. Access to it would be restricted to a very small number of people at Apple. Having it on an Internet connected computer so that it could sign your CSR would be very risky.

To avoid having the root certificate online an intermediate CA is used. The root certificate is used to generate the intermediate CA in an offline process.

Then, if the intermediate CA certificate is compromised then that certificate can be revoked and re-issued without needing to update the root public key held in millions of devices or compromising many other certificates that Apple may have issued for different purposes

Paulw11
  • 95,291
  • 12
  • 135
  • 153
  • Excellent answer! One question: why do I need do download the intermediate certificate to my machine if the CSR returns a certificate already signed by the intermediate certificate? I thought that validation of signatures was normally performed remotely? Or does this link back to the need to keep the root key pair secret, somehow? – stkent Sep 21 '15 at 02:15
  • 1
    Your machine needs to trust all of the steps in the certification chain. While in theory it could go out over the Internet to validate the certificate this causes issues if you aren't connected to the Internet and there can also be risks associated with attacks on the validation process - Man in the middle attacks. Operating systems, like OS X, ship with a lot of trusted roots already installed (Have a look at the System Roots item in Keychain Access), but the WWDR IC isn't one of them. – Paulw11 Sep 21 '15 at 02:17
  • I see, interesting. I'm surprised it's not installed by default; presumably it's considered advantageous to have the smallest practical set of certs installed by default for security reasons. – stkent Sep 21 '15 at 02:19
  • 1
    Not sure about security reasons, but I guess of all of the millions of OS X installs only a small percentage will need the WWDR IC. Also you will see that the WWDR IC expires in 2016 while the Apple Root doesn't expire until 2035. This is because of the higher risk profile with an Internet exposed CA vs an offline CA. – Paulw11 Sep 21 '15 at 02:23