Re: [dane] "Name Checks are not appropriate for CU=3"

mrex@sap.com (Martin Rex) Thu, 16 January 2014 15:20 UTC

Return-Path: <mrex@sap.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D206E1AE4C5 for <dane@ietfa.amsl.com>; Thu, 16 Jan 2014 07:20:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.552
X-Spam-Level:
X-Spam-Status: No, score=-6.552 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-5, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i_zQm_ItaW6K for <dane@ietfa.amsl.com>; Thu, 16 Jan 2014 07:20:12 -0800 (PST)
Received: from smtpde02.sap-ag.de (smtpde02.sap-ag.de [155.56.68.140]) by ietfa.amsl.com (Postfix) with ESMTP id 9C4451AE4C0 for <dane@ietf.org>; Thu, 16 Jan 2014 07:20:12 -0800 (PST)
Received: from mail05.wdf.sap.corp by smtpde02.sap-ag.de (26) with ESMTP id s0GFJxLs009009 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <dane@ietf.org>; Thu, 16 Jan 2014 16:19:59 +0100 (MET)
In-Reply-To: <20140114163118.GB2317@mournblade.imrryr.org>
To: dane@ietf.org
Date: Thu, 16 Jan 2014 16:19:59 +0100 (CET)
X-Mailer: ELM [version 2.4ME+ PL125 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20140116151959.4AA021ABB0@ld9781.wdf.sap.corp>
From: mrex@sap.com (Martin Rex)
X-SAP: out
Subject: Re: [dane] "Name Checks are not appropriate for CU=3"
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: mrex@sap.com
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Jan 2014 15:20:15 -0000

Viktor Dukhovni wrote:
>
> Yes, and in fact there need not be any subjectAltNames, the subject
> DN may be an empty sequence, and the certificate may be either
> already expired, not yet valid, or both.  With usage 3 the TLSA
> record binds the service end-point directly to a public key, the
> certificate itself is just a public-key container.
> 
> Certificate:
>     Data:
>         Version: 3 (0x2)
>         Serial Number: 1 (0x1)
>         Signature Algorithm: ecdsa-with-SHA256
>         Issuer: 
>         Validity
>             Not Before: Jan 14 16:25:19 2014 GMT
>             Not After : Jan 13 16:25:19 2014 GMT
>         Subject: 
>         Subject Public Key Info:
>             Public Key Algorithm: id-ecPublicKey
>                 Public-Key: (256 bit)
>                 pub: 
>                     04:ae:38:28:5a:22:68:0b:40:6d:51:c3:14:17:4d:
>                     99:51:50:21:88:0f:01:c2:a3:0d:f2:02:28:07:a4:
>                     93:07:22:fd:e9:82:88:f9:6e:da:4c:43:3f:3e:24:
>                     4b:9d:aa:fe:8e:6a:f7:af:48:e1:7b:e5:25:77:05:
>                     ec:37:d9:54:8a
>                 ASN1 OID: prime256v1
>     Signature Algorithm: ecdsa-with-SHA256
>         30:45:02:20:3b:cf:71:f5:21:ce:69:2f:82:49:37:ee:ee:7b:
>         4d:f9:6a:36:a9:f6:f4:9c:29:43:f8:51:b0:b2:dc:63:9a:c8:
>         02:21:00:e2:2f:d2:61:ef:3b:56:c0:4a:a4:3e:e0:67:17:9c:
>         7c:3b:41:b1:7e:f0:23:22:7d:55:80:aa:4d:85:a1:0f:05


Excuse me while I panic.

Don't be surprised if the above will be unconditionally rejected by some
PKIX software (because it is not well formed and should fail
plausibility checks in the certificate parser).

AFAIK, the issuer field of an X.509v3 certficate must never be empty,
and the subject field can only be empty if a non-empty subjectAltName
is present.

-Martin