IETF Logo Mail Archive

Re: [certid] Why require EKU for certid?

Peter Saint-Andre <stpeter@stpeter.im> Wed, 29 September 2010 22:24 UTC

Return-Path: <stpeter@stpeter.im>
X-Original-To: certid@core3.amsl.com
Delivered-To: certid@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 1261E3A69B7 for <certid@core3.amsl.com>; Wed, 29 Sep 2010 15:24:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.545
X-Spam-Level:
X-Spam-Status: No, score=-102.545 tagged_above=-999 required=5 tests=[AWL=0.054, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NUVH0h48sVm0 for <certid@core3.amsl.com>; Wed, 29 Sep 2010 15:24:16 -0700 (PDT)
Received: from stpeter.im (stpeter.im [207.210.219.233]) by core3.amsl.com (Postfix) with ESMTP id C14D43A6B34 for <certid@ietf.org>; Wed, 29 Sep 2010 15:24:16 -0700 (PDT)
Received: from moveme.cisco.com (72-163-0-129.cisco.com [72.163.0.129]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 05446403DF; Wed, 29 Sep 2010 16:30:33 -0600 (MDT)
Message-ID: <4CA3BCBB.1010007@stpeter.im>
Date: Wed, 29 Sep 2010 16:24:59 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1.12) Gecko/20100914 Thunderbird/3.0.8
MIME-Version: 1.0
To: Paul Hoffman <paul.hoffman@vpnc.org>
References: <C8B4E80F.EE82%stefan@aaa-sec.com> <4C9A2D12.3020409@stpeter.im> <p0624084ac8bfe10f5b72@[10.20.30.158]> <76232140-6713-416F-8758-8042A82B8857@jpl.nasa.gov> <4CA39B88.70402@stpeter.im> <p0624084ec8c96bc1768c@[10.20.30.163]>
In-Reply-To: <p0624084ec8c96bc1768c@[10.20.30.163]>
X-Enigmail-Version: 1.0.1
OpenPGP: url=http://www.saint-andre.com/me/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: Stefan Santesson <stefan@aaa-sec.com>, IETF cert-based identity <certid@ietf.org>
Subject: Re: [certid] Why require EKU for certid?
X-BeenThere: certid@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Representation and verification of identity in certificates <certid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/certid>, <mailto:certid-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/certid>
List-Post: <mailto:certid@ietf.org>
List-Help: <mailto:certid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/certid>, <mailto:certid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Sep 2010 22:24:18 -0000

On 9/29/10 4:20 PM, Paul Hoffman wrote:
> At 2:03 PM -0600 9/29/10, Peter Saint-Andre wrote:
>> [trimming tls@ and ietf@ from cc list]
>> 
>> On 9/23/10 11:43 AM, Henry B. Hotz wrote:
>>> 
>>> On Sep 22, 2010, at 9:44 AM, Paul Hoffman wrote:
>>> 
>>>> At 10:21 AM -0600 9/22/10, Peter Saint-Andre wrote:
>>>>> On 9/14/10 12:51 AM, Stefan Santesson wrote:
>>>>>> General: I would consider stating that server certificates 
>>>>>> according to this profile either MUST or SHOULD have the 
>>>>>> serverAuth EKU set since it is allways related to the use
>>>>>> of TSL and server authentication. At least it MUST be set
>>>>>> when allowing checks of the CN-ID (see 2.3 below).
>>>>> 
>>>>> [..snip..]
>>>> 
>>> 
>>>> What possible advantage is there to making certificates that do
>>>> not have this flag set be excluded from the practices you are
>>>> defining? That is, if a TLS client gets a certificate from a
>>>> TLS server that the TLS server says is its authentication
>>>> certificate, why should the client care whether or not that
>>>> flag is set? That flag is an assertion from the CA, not from
>>>> the server who is authenticating.
>>> 
>>> 
>>> Does this point need discussion?  Without checking, I suspect
>>> that 5280 says you obey the EKU, period.  OTOH I think Paul
>>> raises a valid point.
>>> 
>>> OTOH (again) one could argue that the EKU provides a way to
>>> prevent a stolen cert/key issued to the machine for a different
>>> function from being repurposed to support a fake server.  (I'm
>>> not convinced this is significant, but it's something.)
>>> 
>>> Absent discussion and consensus, I vote for whatever 5280 says,
>>> which I suppose is what the current silence on the topic equates
>>> to.
>> 
>> This I-D shall never be taken to override anything in RFC 5280 or
>> any other normatively-referenced specification on which it depends.
>> If folks think we need a blanket statement to that effect, please
>> let us know. Version -10 will have a new section containing an
>> applicability statement, which starts as follows:
>> 
>> This document does not supersede the rules for certificate
>> validation provided in [RFC5280].
>> 
>> But we can always add a stronger statement if need be.
> 
> This misses the point I made when I started this thread. 

That's because I was replying only to the small item of whether the
server-id-check can be taken to override RFC 5280.

> Stefan
> proposed a change that would require that only certs that included
> this EKU be considered, you said you would consider that, 

I think I said only that Jeff and I hadn't discussed it yet. It's still
on our todo list.

> and I said
> that would be a bad change. Henry's point did not negate or support
> my proposal.

My sense of the discussion so far is that there's no strong agreement to
accept the proposal that Stefan made.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/

v2.8.7 | Report a Bug | By Email