Re: [keyassure] [dane] protocol #20 (new): Change the format of
Stephen Kent <kent@bbn.com> Wed, 23 February 2011 07:07 UTC
Return-Path: <kent@bbn.com>
X-Original-To: keyassure@core3.amsl.com
Delivered-To: keyassure@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 327AF3A6862 for <keyassure@core3.amsl.com>; Tue, 22 Feb 2011 23:07:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.545
X-Spam-Level:
X-Spam-Status: No, score=-102.545 tagged_above=-999 required=5 tests=[AWL=0.054, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NLAGL+65HQjE for <keyassure@core3.amsl.com>; Tue, 22 Feb 2011 23:07:45 -0800 (PST)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by core3.amsl.com (Postfix) with ESMTP id 025E93A657C for <keyassure@ietf.org>; Tue, 22 Feb 2011 23:07:45 -0800 (PST)
Received: from dommiel.bbn.com ([192.1.122.15]:48902 helo=[169.223.148.236]) by smtp.bbn.com with esmtp (Exim 4.74 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1Ps8pm-000EG7-Ll; Wed, 23 Feb 2011 02:08:27 -0500
Mime-Version: 1.0
Message-Id: <p06240802c98a092e27b5@[169.223.137.111]>
In-Reply-To: <201102221826.p1MIQEwR007372@fs4113.wdf.sap.corp>
References: <201102221826.p1MIQEwR007372@fs4113.wdf.sap.corp>
Date: Wed, 23 Feb 2011 02:07:57 -0500
To: mrex@sap.com
From: Stephen Kent <kent@bbn.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Cc: keyassure@ietf.org, trac@tools.ietf.org, paul.hoffman@vpnc.org
Subject: Re: [keyassure] [dane] protocol #20 (new): Change the format of
X-BeenThere: keyassure@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Key Assurance With DNSSEC <keyassure.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyassure>
List-Post: <mailto:keyassure@ietf.org>
List-Help: <mailto:keyassure-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Feb 2011 07:07:48 -0000
At 7:26 PM +0100 2/22/11, Martin Rex wrote: >Stephen Kent wrote: >> > >> >Simplicity and robustness. >> > >> >When simple public keys for servers are to be used with DANE, these >> >will usually be X.509v1 certificates, which do not contain >> >a BasicConstraints extension. >> >> Why would they be v1 certs? >> >> We know that using v1 certs introduced vulnerabilities in browsers, >> e.g., it enabled EEs to issue subordinate certs. > >Getting all X.509v3 attributes into a usable consistent fashion is >pretty difficult -- and a complete waste if they're supposed to be >entirely ignored. I agree, but that seems orthogonal to what I proposed, i.e., a profile for certs that would be stored in TLSA records. >Also self-signed X.509v3 End-Entity certs don't really exist. I agree that if the cert is self-signed, it should, be a CA cert based on fundamental X.509/PKIX rules, but if an SS cert is a TA package, this is a bit less clear. >I know that self-signed X.509v1 certs work fine with TLS implementations. >I wouldn't know which exact attributes I would have to add to a >self-signed X.509v3 certificate in order to not run into interop >problems. E.g. a KeyUsage constraint _without_ keyCertSign in an >X.509v3 self-signed certificate would obviously be self-contradictory. because a self-signed cert used as a TA pkg is special, it's hard to argue what is required. > > I thought that browsers were fixed and that most commercial CAs used > > v3 certs now, since v3 has been the current standard for a very long >> time. I'm surprised to hear that Entrust still has a v1 cert out >> there > >That Entrust cert is a v3 cert -- which is why our software rejects it. I (and I think some others) got the opposite impression from your message. Nevermind. >But it seems that most other PKI-Software (MS-CryptoAPI, Firefox, ...) >did not complain about this malformed X.509v3 TrustAnchor, because they're >shipping it as trust anchor. I can believe that, because if you view it as a TA package, then there are no hard and fast rules about what needs to be verified. > > Anyway, why should we think in terms of v1 certs for servers at this > > point in time? Do you statistics that suggest that most (many?) web >> sites are using v1 certs? if we're talking about certs that sites >> can issue themselves (vs. buying certs), then there is a lot of v3 >> cert CA SW available. > >selfsigned X.509v1 containers are the X.509 public key bag that >we're looking for for TLSA EE certs -- those where NO PKIX certificate >path validation is to be performed on the certificate. You really can't perform path validation on an SS cert, because there is no path :-). The issue is what other cert validation checks one should perform, and what use one should make of the fields in the cert wrt path validation for certs that chain to it. Steve
- [keyassure] [dane] protocol #20 (new): Change the… dane issue tracker
- Re: [keyassure] [dane] protocol #20 (new): Change… Peter Gutmann
- Re: [keyassure] [dane] protocol #20 (new): Change… Paul Hoffman
- Re: [keyassure] [dane] protocol #20 (new): Change… Scott Schmit
- Re: [keyassure] [dane] protocol #20 (new): Change… Stephen Kent
- Re: [keyassure] [dane] protocol #20 (new): Change… Lawrence Conroy
- Re: [keyassure] [dane] protocol #20 (new): Change… Phillip Hallam-Baker
- Re: [keyassure] [dane] protocol #20 (new): Change… Ilari Liusvaara
- Re: [keyassure] [dane] protocol #20 (new): Change… Paul Hoffman
- Re: [keyassure] [dane] protocol #20 (new): Change… Martin Rex
- Re: [keyassure] [dane] protocol #20 (new): Change… Stephen Kent
- Re: [keyassure] [dane] protocol #20 (new): Change… Stephen Kent
- Re: [keyassure] [dane] protocol #20 (new): Change… Paul Hoffman
- Re: [keyassure] [dane] protocol #20 (new): Change… Phillip Hallam-Baker
- Re: [keyassure] [dane] protocol #20 (new): Change… Stephen Kent
- Re: [keyassure] [dane] protocol #20 (new): Change… Phillip Hallam-Baker
- Re: [keyassure] [dane] protocol #20 (new): Change… Martin Rex
- Re: [keyassure] [dane] protocol #20 (new): Change… Warren Kumari
- Re: [keyassure] [dane] protocol #20 (new): Change… Ilari Liusvaara
- Re: [keyassure] [dane] protocol #20 (new): Change… Jakob Schlyter
- Re: [keyassure] [dane] protocol #20 (new): Change… Phillip Hallam-Baker
- Re: [keyassure] [dane] protocol #20 (new): Change… Carl Wallace
- Re: [keyassure] [dane] protocol #20 (new): Change… Phillip Hallam-Baker
- Re: [keyassure] [dane] protocol #20 (new): Change… Paul Wouters
- Re: [keyassure] [dane] protocol #20 (new): Change… Paul Wouters
- Re: [keyassure] [dane] protocol #20 (new): Change… Stephen Kent
- Re: [keyassure] [dane] protocol #20 (new): Change… Peter Gutmann