Re: [Trans] Alternate formats for Precertificates
Rob Stradling <rob.stradling@comodo.com> Thu, 27 February 2014 16:00 UTC
Return-Path: <rob.stradling@comodo.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8BB131A03A6 for <trans@ietfa.amsl.com>; Thu, 27 Feb 2014 08:00:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.29
X-Spam-Level:
X-Spam-Status: No, score=-1.29 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_NET=0.611, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o8xiRdBgY9NJ for <trans@ietfa.amsl.com>; Thu, 27 Feb 2014 08:00:31 -0800 (PST)
Received: from ian.brad.office.comodo.net (eth5.brad-fw.brad.office.ccanet.co.uk [178.255.87.226]) by ietfa.amsl.com (Postfix) with ESMTP id 28C211A035E for <trans@ietf.org>; Thu, 27 Feb 2014 08:00:30 -0800 (PST)
Received: (qmail 30453 invoked by uid 1000); 27 Feb 2014 16:00:29 -0000
Received: from nigel.brad.office.comodo.net (HELO [192.168.0.58]) (192.168.0.58) (smtp-auth username rob, mechanism plain) by ian.brad.office.comodo.net (qpsmtpd/0.40) with (AES128-SHA encrypted) ESMTPSA; Thu, 27 Feb 2014 16:00:29 +0000
Message-ID: <530F611C.9060602@comodo.com>
Date: Thu, 27 Feb 2014 16:00:28 +0000
From: Rob Stradling <rob.stradling@comodo.com>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: Paul Hoffman <paul.hoffman@vpnc.org>, Ben Laurie <benl@google.com>
References: <CABrd9SSOmEgbTvLNw5bPN2SnKbob800qEecn+tHvZUkrghFcQg@mail.gmail.com> <530E100A.7040503@primekey.se> <530E142A.90007@comodo.com> <530E16CD.6030908@primekey.se> <CABrd9SR1S7Fg5Xs_dkgou3HfF4O_hyzFxW4qS=-2eti7DmGZew@mail.gmail.com> <67380B58-5D8B-4B38-B20B-2FF6769FE94B@vpnc.org>
In-Reply-To: <67380B58-5D8B-4B38-B20B-2FF6769FE94B@vpnc.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/PTAzfmGTMjsCenkAYm9tR6dzxf8
Cc: "trans@ietf.org" <trans@ietf.org>
Subject: Re: [Trans] Alternate formats for Precertificates
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Feb 2014 16:00:32 -0000
On 26/02/14 16:58, Paul Hoffman wrote:
> RFC 4211 is also somewhat ambiguous. It says:
>
> CertTemplate ::= SEQUENCE {
> version [0] Version OPTIONAL,
> serialNumber [1] INTEGER OPTIONAL,
> signingAlg [2] AlgorithmIdentifier OPTIONAL,
> issuer [3] Name OPTIONAL,
> validity [4] OptionalValidity OPTIONAL,
> subject [5] Name OPTIONAL,
> publicKey [6] SubjectPublicKeyInfo OPTIONAL,
> issuerUID [7] UniqueIdentifier OPTIONAL,
> subjectUID [8] UniqueIdentifier OPTIONAL,
> extensions [9] Extensions OPTIONAL }
>
> And:
>
> serialNumber MUST be omitted. This field is assigned by the CA
> during certificate creation.
>
> signingAlg MUST be omitted. This field is assigned by the CA
> during certificate creation.
>
> If it "MUST be omitted", it is not optional. So, a document updating RFC 4211 to fix this error, at least for the limited use of CT, seems fine.
Can a CA private key sign a CertTemplate structure?
Or rather, could RFC5280-compliant software verify a CA-signed
CertTemplate if the corresponding CA certificate has the keyCertSign Key
Usage bit set but _not_ the digitalSignature bit set?
I don't think it could.
So, I think we'd have to update RFC5280 - relaxing some of the Key Usage
rules - in order to permit the RFC4211 CertTemplate structure to be used
for Precertificates.
And if we're going to update RFC5280, surely the simplest update would
be to permit an RFC6962-compliant Precertificate/Certificate pair to
share the same serial number?
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
- [Trans] Alternate formats for Precertificates Ben Laurie
- Re: [Trans] Alternate formats for Precertificates Phillip Hallam-Baker
- Re: [Trans] Alternate formats for Precertificates Tomas Gustavsson
- Re: [Trans] Alternate formats for Precertificates Goulet, Walter
- Re: [Trans] Alternate formats for Precertificates Rob Stradling
- Re: [Trans] Alternate formats for Precertificates Tomas Gustavsson
- Re: [Trans] Alternate formats for Precertificates Ben Laurie
- Re: [Trans] Alternate formats for Precertificates Tomas Gustavsson
- Re: [Trans] Alternate formats for Precertificates Paul Hoffman
- Re: [Trans] Alternate formats for Precertificates Carl Wallace
- Re: [Trans] Alternate formats for Precertificates Paul Hoffman
- Re: [Trans] Alternate formats for Precertificates Carl Wallace
- Re: [Trans] Alternate formats for Precertificates Melinda Shore
- Re: [Trans] Alternate formats for Precertificates Robin Alden
- Re: [Trans] Alternate formats for Precertificates Rob Stradling
- Re: [Trans] Alternate formats for Precertificates Rob Stradling
- Re: [Trans] Alternate formats for Precertificates Tomas Gustavsson