[TLS] Why require EKU for certid?
Paul Hoffman <paul.hoffman@vpnc.org> Wed, 22 September 2010 16:44 UTC
Return-Path: <paul.hoffman@vpnc.org>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C873D3A6A4B; Wed, 22 Sep 2010 09:44:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.305
X-Spam-Level:
X-Spam-Status: No, score=-101.305 tagged_above=-999 required=5 tests=[AWL=0.741, BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uEPGYNYXgR1E; Wed, 22 Sep 2010 09:44:11 -0700 (PDT)
Received: from hoffman.proper.com (Hoffman.Proper.COM [207.182.41.81]) by core3.amsl.com (Postfix) with ESMTP id CE08F3A6A74; Wed, 22 Sep 2010 09:44:02 -0700 (PDT)
Received: from [10.20.30.158] (75-101-30-90.dsl.dynamic.sonic.net [75.101.30.90]) (authenticated bits=0) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id o8MGiFsq020194 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 22 Sep 2010 09:44:16 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
Mime-Version: 1.0
Message-Id: <p0624084ac8bfe10f5b72@[10.20.30.158]>
In-Reply-To: <4C9A2D12.3020409@stpeter.im>
References: <C8B4E80F.EE82%stefan@aaa-sec.com> <4C9A2D12.3020409@stpeter.im>
Date: Wed, 22 Sep 2010 09:44:13 -0700
To: Peter Saint-Andre <stpeter@stpeter.im>, Stefan Santesson <stefan@aaa-sec.com>
From: Paul Hoffman <paul.hoffman@vpnc.org>
Content-Type: text/plain; charset="us-ascii"
Cc: IETF cert-based identity <certid@ietf.org>, ietf@ietf.org, tls@ietf.org
Subject: [TLS] Why require EKU for certid?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Sep 2010 16:44:13 -0000
At 10:21 AM -0600 9/22/10, Peter Saint-Andre wrote: >On 9/14/10 12:51 AM, Stefan Santesson wrote: > > General: >> I would consider stating that server certificates according to this profile >> either MUST or SHOULD have the serverAuth EKU set since it is allways >> related to the use of TSL and server authentication. At least it MUST be set >> when allowing checks of the CN-ID (see 2.3 below). > >Jeff and I are still discussing this topic and do not yet have editorial >agreement about how to proceed. This is not editorial, this is definitely technical. What possible advantage is there to making certificates that do not have this flag set be excluded from the practices you are defining? That is, if a TLS client gets a certificate from a TLS server that the TLS server says is its authentication certificate, why should the client care whether or not that flag is set? That flag is an assertion from the CA, not from the server who is authenticating. > > 2.3 > > It would be good if we could restrict the use of CN-ID for storing a domain > > name to the case when the serverAuth EKU is set. Requiring the EKU reduce > > the probability that the CN-ID appears to be a domain name by accident or is > > a domain name in the wrong context. That makes no sense from an operational standpoint. The inclusion of an EKU has nothing to do with the decision-making for the domain name location. > > In many deployments, this also affects the name constraints processing to >> perform domain name constraints also on the CN attribute. True, and irrelevant. > > There should at least be a rule stating that any client that accepts the CN >> attribute to carry the domain name MUST also perform name constraints on >> this attribute using the domain name logic if name constraints is applied to >> the path. Failing this requirement poses a security threat if the claimed >> domain name in CN-ID violated the name constraints set for domain names. Fully disagree. --Paul Hoffman, Director --VPN Consortium
- Re: [TLS] Review of draft-saintandre-tls-server-i… Peter Saint-Andre
- Re: [TLS] Review of draft-saintandre-tls-server-i… Peter Saint-Andre
- Re: [TLS] Review of draft-saintandre-tls-server-i… Bernard Aboba
- Re: [TLS] Review of draft-saintandre-tls-server-i… =JeffH
- Re: [TLS] [xmpp] Review of draft-saintandre-tls-s… Bernard Aboba
- Re: [TLS] Review of draft-saintandre-tls-server-i… James Schaad
- Re: [TLS] [xmpp] Review of draft-saintandre-tls-s… Bernard Aboba
- Re: [TLS] Review of draft-saintandre-tls-server-i… Peter Saint-Andre
- Re: [TLS] Review of draft-saintandre-tls-server-i… James Schaad
- Re: [TLS] Review of draft-saintandre-tls-server-i… Peter Saint-Andre
- Re: [TLS] Review of draft-saintandre-tls-server-i… Peter Saint-Andre
- [TLS] Why require EKU for certid? Paul Hoffman
- Re: [TLS] Why require EKU for certid? Peter Saint-Andre
- Re: [TLS] Why require EKU for certid? Jim Schaad
- Re: [TLS] [certid] Why require EKU for certid? Martin Rex
- Re: [TLS] [certid] Why require EKU for certid? Henry B. Hotz