Re: [pkix] Private key usage period extension

Russ Housley <housley@vigilsec.com> Fri, 06 May 2016 19:03 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C209D12D162 for <pkix@ietfa.amsl.com>; Fri, 6 May 2016 12:03:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.899
X-Spam-Level:
X-Spam-Status: No, score=-101.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kjdiussitUer for <pkix@ietfa.amsl.com>; Fri, 6 May 2016 12:03:49 -0700 (PDT)
Received: from mail.smetech.net (x-bolt-wan.smeinc.net [209.135.219.146]) by ietfa.amsl.com (Postfix) with ESMTP id A825E12B027 for <pkix@ietf.org>; Fri, 6 May 2016 12:03:49 -0700 (PDT)
Received: from localhost (ronin.smetech.net [209.135.209.5]) by mail.smetech.net (Postfix) with ESMTP id 135CEF2401F; Fri, 6 May 2016 15:03:49 -0400 (EDT)
X-Virus-Scanned: amavisd-new at smetech.net
Received: from mail.smetech.net ([209.135.209.4]) by localhost (ronin.smeinc.net [209.135.209.5]) (amavisd-new, port 10024) with ESMTP id n5+AhzRWYhMd; Fri, 6 May 2016 14:47:19 -0400 (EDT)
Received: from russellsleysmbp.home (pool-108-51-128-219.washdc.fios.verizon.net [108.51.128.219]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mail.smetech.net (Postfix) with ESMTP id 46F1DF24013; Fri, 6 May 2016 15:03:48 -0400 (EDT)
Content-Type: multipart/alternative; boundary="Apple-Mail=_67DE8347-48AE-4261-8215-CB1858C98EF6"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <000901d1a773$379e1680$a6da4380$@x500.eu>
Date: Fri, 6 May 2016 15:03:47 -0400
Message-Id: <243C9E60-552F-4F0D-B76B-8E2343564CD5@vigilsec.com>
References: <000901d1a773$379e1680$a6da4380$@x500.eu>
To: Erik Andersen <era@x500.eu>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/pkix/xsTgVAXLkRdA08M873jiqJRCuX0>
Cc: Directory list <x500standard@freelists.org>, IETF PKIX <pkix@ietf.org>
Subject: Re: [pkix] Private key usage period extension
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 May 2016 19:03:52 -0000

We had a very long discussion about this back in the day.  You can look in the mail list archive.

Really, only the owner of the private key can control when the private key is used.  This is not something involves the relying party, so it does not need to go into the certificate.

Russ


On May 6, 2016, at 4:42 AM, Erik Andersen <era@x500.eu> wrote:

> X.509 has a specification of the Private key usage period extension (8.2.2.5). This extension is a little confusing. It has notBefore and notAfter specification. However, the text says:
>  
> The notBefore component indicates the earliest date and time at which the private key could be used for signing. If the notBefore component is not present, then no information is provided as to when the period of valid use of the private key commences. The notAfter component indicates the latest date and time at which the private key could be used for signing. If the notAfter component is not present then no information is provided as to when the period of valid use of the private key concludes.
>  
> With a little ill will, this can be read as the private key validation period may extend beyond the validity of the public key. Note 1 adds to the confusing, as it says:
>  
> NOTE 1 – The period of valid use of the private key may be different from the certified validity of the public key as indicated by the certificate validity period. With digital signature keys, the usage period for the signing private key is typically shorter than that for the verifying public key.
>  
> It is the word “typical” that confuses me. It implies it could be different.
>  
> This extension was included in RFC 3280 with a heavy health warning. It was omitted from RFC 5280 (except for A.2).
>  
> In my mind, the validity of the private key should not spread outside the validity period of the certificate.
>  
> Have I misunderstood something?
>  
> Erik