Re: [keyassure] The draft and subj alt names

=JeffH <> Mon, 04 April 2011 14:49 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9F5193A680A for <>; Mon, 4 Apr 2011 07:49:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -102.265
X-Spam-Status: No, score=-102.265 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id qppuL5ia7dfj for <>; Mon, 4 Apr 2011 07:49:18 -0700 (PDT)
Received: from ( []) by (Postfix) with SMTP id 8FF4C3A67F5 for <>; Mon, 4 Apr 2011 07:49:18 -0700 (PDT)
Received: (qmail 30755 invoked by uid 0); 4 Apr 2011 14:51:01 -0000
Received: from unknown (HELO ( by with SMTP; 4 Apr 2011 14:51:01 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default;; h=Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:Content-Type:Content-Transfer-Encoding:X-Identified-User; b=kj94Fj/28g/7ukp8p5L5lkLZyqGfeDqZskg1xicA9+pz5dRwbmWTZp9lE7d4VhNOeuR4GP6T9lzeQPlzmhdSlaHGX2EglY6wmxYXLapTegsCQbkQUiFZDbEJqazW9N6P;
Received: from ([]) by with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <>) id 1Q6l7M-0005O1-Rm for; Mon, 04 Apr 2011 08:51:01 -0600
Message-ID: <>
Date: Mon, 04 Apr 2011 07:50:59 -0700
From: =JeffH <>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20110223 Thunderbird/3.1.8
MIME-Version: 1.0
To: IETF DANE WG list <>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Identified-User: {} {sentby:smtp auth authed with}
Subject: Re: [keyassure] The draft and subj alt names
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Key Assurance With DNSSEC <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 04 Apr 2011 14:49:25 -0000

On Mar 31, 2011, at 12:05 PM, Olle E. Johansson wrote:

 > I have read the draft and reacted to one thing. Sorry if this already have 
been discussed on the list.
 > The draft -06 says
 > "The end entity certificate from TLS, regardless of whether it was
 >   matched with a TLSA type 1 certificate or chained to a TLSA type 2 CA
 >   certificate, must have at least one identifier in the subject or
 >   subjectAltName field of the matched certificates matches the expected
 >   identifier for the TLS server. "
 > The new RFC 6125 tells us that we should:
 > "Move toward including and checking even more specific
 >      subjectAlternativeName extensions where appropriate for using the
 >      protocol (e.g., uniformResourceIdentifier and the otherName form
 >      SRVName)."

"Richard L. Barnes" <> replied on Thu, 31 Mar 2011 13:12:32 +0200..
 > As I've said in other threads, this WG should be silent on requirements for
 > certificate names, since different applications use TLS certificate names in
 > different ways.

+1 to what Richard says.

The RFC6125 (aka "TLS Server Identity Check") text quoted by Olle is a 
suggestion to _applications_ to move away from CN-ID and towards leveraging 
SubjectAlternativeName (SAN) name types in terms of the identifiers embedded in 
certs and checked against _at the app layer_ during TLS connection establishment.

I think that Richard is correct that what the DANE WG is designing lies "below" 
the applications, and it is still their job to ascertain whether the name(s) 
embedded in the cert used to secure the connection meaningfully match the 
intended server. Please see sections 1 and 2 of RFC6125 for an in-depth 
discussion of the nuances.