Re: [pkix] A non-compliant use of the EKU extension in Mozilla's CA Certificate Policy Version 2.1.

[Erwann Abalea <eabalea@gmail.com>]

2013/2/20 Stefan Santesson <stefan@aaa-sec.com>
>
> This was introduced well over 10 years ago and I truly believe that the
> engineers at the time did their best and thought they did the right thing.
> They did try their own extension, but that is a rocky road. MSFT tried
> with ApplicationPolicy. But it didn't do the job. Presumably because no
> once cared to implement it besides Microsoft.
> Certificate policy does not work either. As we at that time discovered the
> hard way, certificate policy implementations are terribly broken.
>

Then PKITS came, with some sets of tests on CertificatePolicies. I hope
that by now, major tookits (NSS/libpkix, MSCAPI, OpenSSL, ...) validates
all the tests.


> A huge amount of PKI:s put policies in CA certificates that has nothing to
> do with the constraining mechanism defined in X.509 and RFC 5280 path
> processing.
>

That's sadly true.

As deployments as they are effectively prevents standards compliant path
> processing of policies, the result is that no one really checks policies as
> per 5280 path processing, and if they do, they don't use the resulting
> policy set for anything useful.
>

Policies are checked for EV validation, and may be (in the future) for DV
and OV as well.
I don't know if the performed validation is RFC5280 compliant.

Anyway, between modifying EKU semantics for a browser + asking all CAs to
update their subordinate CAs, and correctly implementing policies path
processing, which way is better?

-- 
Erwann.