IETF Logo Mail Archive

Re: [pkix] RFC 5280 interpretation of trust anchor certificates

Carl Wallace <carl@redhoundsoftware.com> Mon, 10 October 2022 11:22 UTC

Return-Path: <carl@redhoundsoftware.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0E542C14F73D for <pkix@ietfa.amsl.com>; Mon, 10 Oct 2022 04:22:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.109
X-Spam-Level:
X-Spam-Status: No, score=-2.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MIME_QP_LONG_LINE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhoundsoftware.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VR8qNPyuNSPd for <pkix@ietfa.amsl.com>; Mon, 10 Oct 2022 04:22:46 -0700 (PDT)
Received: from mail-qt1-x82f.google.com (mail-qt1-x82f.google.com [IPv6:2607:f8b0:4864:20::82f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F27CEC1522B4 for <pkix@ietf.org>; Mon, 10 Oct 2022 04:22:45 -0700 (PDT)
Received: by mail-qt1-x82f.google.com with SMTP id cj27so6258996qtb.7 for <pkix@ietf.org>; Mon, 10 Oct 2022 04:22:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhoundsoftware.com; s=google; h=content-transfer-encoding:mime-version:in-reply-to:references :thread-topic:message-id:to:from:subject:date:user-agent:from:to:cc :subject:date:message-id:reply-to; bh=whZ2vDX9FwQ+890mM3qRPbAiQAidM47XcWgiWko0QCg=; b=f5vX1BjHgtRnhSnUCd/t6TAUiFxnCzfzo/lUnLAl+u8YzibpfZuB8j9u+x25+vfNhW Of/pvyldaMTfS/RhP96IvN+kNmgKKXnlR+thwLsSwwRi3v9cqnLTnG3C/swQE3DrgV04 texWdQNPW6wuqURINNfXcti1oMkR0RxeIR8xk=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:in-reply-to:references :thread-topic:message-id:to:from:subject:date:user-agent :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=whZ2vDX9FwQ+890mM3qRPbAiQAidM47XcWgiWko0QCg=; b=2rYQq8U5bD3LEoeNfISdiGwEYbkiISthCyurj2QjrxltjpbFh2nG1hmyiKu8YKvXz1 G1p6BcUMajweHUZ3tYZPLLuhAgRqMKhYgy6KlZ/Aha/PJNT85YugBiNQR+SyUuwcO9RI F/Nl/7PUXxfcaCrOrxusYwoElhUY9mkLQiL/Udqbi21ufnmX+qjid/DDuas20fDPaFU5 7X1WSDd9HO1NHwSfHHcfIRO/h6iQ3ebyjeo36s3E2G+h35eS4kZP3cdtpzwmB0Fe/qj8 L6DNXjXoz+ndi3L4jNddXgsbcQbdkILyqkgrdUvFcTs0tfubkdC1AsYkRN3bZ9EIMTIl b30g==
X-Gm-Message-State: ACrzQf1C2xeMHwf4mg5eVp02qLTKOE+5ZYb3uTJDZJ7bqN81GGut4Bce ADON43MJX4jinS+Zr+5jWws50A==
X-Google-Smtp-Source: AMsMyM7l8HTOdOVqptKl0JD28XCHMDYtkzMmdS6nsT6hSOqGup/2+ovs04xmj8PYiSPlyveJwrlT7A==
X-Received: by 2002:ac8:7f42:0:b0:35c:b7f0:3411 with SMTP id g2-20020ac87f42000000b0035cb7f03411mr14355883qtk.210.1665400964437; Mon, 10 Oct 2022 04:22:44 -0700 (PDT)
Received: from [192.168.2.16] (pool-74-96-253-253.washdc.fios.verizon.net. [74.96.253.253]) by smtp.gmail.com with ESMTPSA id m15-20020a05620a13af00b006cfc1d827cbsm9895256qki.9.2022.10.10.04.22.43 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 10 Oct 2022 04:22:43 -0700 (PDT)
User-Agent: Microsoft-MacOutlook/16.65.22091101
Date: Mon, 10 Oct 2022 07:22:43 -0400
From: Carl Wallace <carl@redhoundsoftware.com>
To: Niklas Matthies <pkix@nmhq.net>, pkix@ietf.org
Message-ID: <5BE2994C-40E1-4588-ACB4-43FE2A59356D@redhoundsoftware.com>
Thread-Topic: [pkix] RFC 5280 interpretation of trust anchor certificates
References: <Y0MKZ/LkgnDcOY1z@nmhq.net> <182e19f5-a630-7830-3011-0ed9fc62ea81@nthpermutation.com> <Y0MpC50ARNV8QhB0@nmhq.net> <241fd8ce-e765-c7d3-bd01-207c003f45d5@nthpermutation.com> <Y0OPkA9g+1LFRqmN@nmhq.net>
In-Reply-To: <Y0OPkA9g+1LFRqmN@nmhq.net>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/pkix/WNzJLxQ0yxe12fJ00wzdr8xYXMU>
Subject: Re: [pkix] RFC 5280 interpretation of trust anchor certificates
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Oct 2022 11:22:51 -0000

Inline...

On 10/9/22, 11:21 PM, "pkix on behalf of Niklas Matthies" <pkix-bounces@ietf.org on behalf of pkix@nmhq.net> wrote:

<snip>

    Well. RFC 5280 specifically describes how one should go about to 
    determine the trust anchor information from a self-signed certificate, 
    presumably because it might not be obvious how to do so. The way it is 
    written also suggests that it is the only allowable way to interpret a 
    self-signed certificate as trust anchor information, e.g. one does not
    (say) take a DN from the subjectAltName as the trusted issuer name. 
    The RFC doesn't say "one way to use a self-signed certificate as a 
    trust anchor is to do x", instead it says (paraphrased) "it is done 
    this way" (though without SHALL).

    So, given that the way to interpret a self-signed certificate as trust 
    anchor requires explanation, and that a specific way is presented as 
    *the* apparantly only admissible way, it is only natural to have 
    doubts regarding non-self-signed certificates, because why would the 
    description not include them if the same procedure was admissible for 
    those? Maybe the procedure is different for non-self-signed 
    certificates, or not applicable at all for some reason? It is not 
    obvious, prima facie.

[CW] The first sentence of the paragraph you are referencing, i.e., in bullet (d) in section 6.1.1, states: " The trust anchor information may be provided to the path processing procedure in the form of a self-signed certificate." The "may" in this sentence leaves open the possibility to use other formats, so it's not clear why you are reading this as *the* only admissible way or have doubts that use of formats other than self-signed certificates is permitted. As noted in this thread, RFC 5914 defines an alternative format and includes similar language re: how to extract the necessary information to input to the path validation algorithm, so you are correct that where alternative formats are used some mapping from that format to the inputs to the path validation algorithm need to be defined. This issue has come up before and was addressed in RFC 6818 by updating Section 6.2 in RFC 5280 to clarify that other specs may describe how to use alternative formats or additional information:

  Section 6.1 does not assume that trust anchor information is provided
| in self-signed certificates and does not specify processing rules for
| additional information included in such certificates.
| However, [RFC5914] defines several formats for representing trust
| anchor information, including self-signed certificates, and [RFC5937]
| provides an example of how such information may be used to initialize
| the path validation inputs.  Implementations are free to make use of
| any additional information that is included in a trust anchor
| representation, or to ignore such information.

<snip>

v2.23.0 | Report a Bug | By Email