[pkix] RFC 5280 interpretation of trust anchor certificates
Niklas Matthies <pkix@nmhq.net> Sun, 09 October 2022 17:52 UTC
Return-Path: <pkix@nmhq.net>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39A50C1522AF for <pkix@ietfa.amsl.com>; Sun, 9 Oct 2022 10:52:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zw8vOSRFUhBe for <pkix@ietfa.amsl.com>; Sun, 9 Oct 2022 10:52:46 -0700 (PDT)
Received: from mail.nmhq.net (mail.nmhq.net [95.129.49.110]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F1C14C1522AB for <pkix@ietf.org>; Sun, 9 Oct 2022 10:52:46 -0700 (PDT)
Received: from matthies by mail.nmhq.net with local (Exim 4.94.2) (envelope-from <pkix@nmhq.net>) id 1ohaTf-0017lN-Bv for pkix@ietf.org; Sun, 09 Oct 2022 19:52:39 +0200
Date: Sun, 09 Oct 2022 19:52:39 +0200
From: Niklas Matthies <pkix@nmhq.net>
To: pkix@ietf.org
Message-ID: <Y0MKZ/LkgnDcOY1z@nmhq.net>
Mail-Followup-To: pkix@ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Disposition: inline
X-Clacks-Overhead: GNU Terry Pratchett
X-Editor: VIM - Vi IMproved 8.2
X-Operating-System: Linux 4.4.268 x86_64
Archived-At: <https://mailarchive.ietf.org/arch/msg/pkix/-pTp6lLIFpdS2VfSRCsnszY4nCQ>
Subject: [pkix] RFC 5280 interpretation of trust anchor certificates
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Oct 2022 17:52:49 -0000
Dear all,
On the ESI (ETSI) mailing list, the question came up whether RFC 5280
says anything about trust anchors provided in the form of certificates
that are _not_ self-signed.
In section 6.1.1, there is the following wording on page 76:
The trust anchor information may be provided to the path
processing procedure in the form of a self-signed certificate.
When the trust anchor information is provided in the form of a
certificate, the name in the subject field is used as the trusted
issuer name and the contents of the subjectPublicKeyInfo field is
used as the source of the trusted public key algorithm and the
trusted public key.
The first sentence seems to indicate that the case of providing a
trust anchor in the form of a non-self-signed certicate is not
considered here. But the second sentence doesn't repeat the
"self-signed" bit, which can be interpreted as that sentence also
applying to non-self-signed certificates. However, if that is the
case, why does the first sentence restrict itself to specifically
self-signed certificates?
On page 74 there is also the following wording:
When the trust anchor is provided in the form of a self-signed
certificate, this self-signed certificate is not included as
part of the prospective certification path.
If RFC 5280 also allows the possibility of trust anchors being
provided in the form of non-self-signed certificates, then it would
seem that the above restriction would not apply to those, i.e., that
they may be included as part of the prospective certifcation path.
However, I don't see how that would make any sense.
All the wording taken together, my conclusion up to now was that RFC
5280 simply does not consider the possibility that the trust anchor
could be provided in the form of a non-self-signed certificate, and
that therefore, specifications which *do* allow for that possibility
(such as in the context of ETSI trusted lists) have to clarify how
that case maps onto what RFC 5280 expects.
If that interpretation is incorrect, that is, if RFC 5280 doesn't
actually care about whether a trust-anchor-representing certificate
provided as input to the path validation algorithm is self-signed or
not, then maybe an erratum is in order?
Kind regards,
Niklas
- Re: [pkix] RFC 5280 interpretation of trust ancho… Michael StJohns
- [pkix] RFC 5280 interpretation of trust anchor ce… Niklas Matthies
- Re: [pkix] RFC 5280 interpretation of trust ancho… Jeffrey Walton
- Re: [pkix] RFC 5280 interpretation of trust ancho… Niklas Matthies
- Re: [pkix] RFC 5280 interpretation of trust ancho… Michael StJohns
- Re: [pkix] RFC 5280 interpretation of trust ancho… George Michaelson
- Re: [pkix] RFC 5280 interpretation of trust ancho… Niklas Matthies
- Re: [pkix] RFC 5280 interpretation of trust ancho… Carl Wallace
- Re: [pkix] RFC 5280 interpretation of trust ancho… Niklas Matthies
- Re: [pkix] RFC 5280 interpretation of trust ancho… Russ Housley
- Re: [pkix] RFC 5280 interpretation of trust ancho… Niklas Matthies
- Re: [pkix] RFC 5280 interpretation of trust ancho… Corey Bonnell
- Re: [pkix] RFC 5280 interpretation of trust ancho… Niklas Matthies