Re: [pkix] Self-issued certificates

[王文正 <wcwang@cht.com.tw>]

In my experiences, Mozilla Firefox still worked fine for handling self-issued certificates for key rollover purposes. Actually, most browsers will simply treat self-issued certificates as regular intermediate CA certificates. Therefore, if there are no complex path length constrains or name constrains to be handled, the certification path processing will be fine even though browsers might not implement those exceptional handling rules for self-issued certificates.



What really caused our headaches was some web server such as Microsoft IIS does not recognize self-issued certificates. For a CA performing its key rollover with self-issued certificates, the certification path chaining up to the old root certificate will be as follows:



old root certificate (a self-signed certificate) --> new-with-old certificate (a self-issued certificate) --> subordinate CA certificate (an intermediate CA certificate) --> SSL certificate



During the SSL/TLS handshake, it is expected that the web server to send "new-with-old certificate --> subordinate CA certificate --> SSL certificate" to browsers (the client side).

However, it is unfortunately that Microsoft IIS wrongly treats the self-issued certificate as a self-signed certificate and therefore it will only send "subordinate CA certificate --> SSL certificate" to browsers. The result is that browsers such as Firefox might failed to chain the certification path up to the old root certificate. In the cases where browsers do not yet trust the new root certificate, the SSL/TLS handshake will be failed.



Our company had already send a bug report to Microsoft through their so-called premium tech support channel several months ago, however they seemed not yet decide whether they want to fix that IIS bug or not. Therefore, be warned if you want to perform a CA key rollover with self-issued certificates because there are still a lot servers and clients whose certification path processing implementations do not conform to RFC 5280 or X.509 standard.



Wen-Cheng Wang



-----Original Message-----
From: pkix [mailto:pkix-bounces@ietf.org] On Behalf Of Brian Smith
Sent: Monday, July 13, 2015 9:57 AM
To: Peter Bowen
Cc: PKIX
Subject: Re: [pkix] Self-issued certificates



<snip>



In fact, mozilla::pkix doesn't recognize self-issued certificates at all, and so doesn't implement those exceptions. So far, this has not caused any problems, so as far as the Web PKI is concerned, it is likely we can forget about the concept of self-issued certificate completely. And, that's what I recommend that people do.



Cheers,

Brian



Please be advised that this email message (including any attachments) contains confidential information and may be legally privileged. If you are not the intended recipient, please destroy this message and all attachments from your system and do not further collect, process, or use them. Chunghwa Telecom and all its subsidiaries and associated companies shall not be liable for the improper or incomplete transmission of the information contained in this email nor for any delay in its receipt or damage to your system. If you are the intended recipient, please protect the confidential and/or personal information contained in this email with due care. Any unauthorized use, disclosure or distribution of this message in whole or in part is strictly prohibited.  Also, please self-inspect attachments and hyperlinks contained in this email to ensure the information security and to protect personal information.