[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Absent keyUsage in certificates

To: ietf-pkix@xxxxxxx
Subject: Re: Absent keyUsage in certificates
From: Sam Roberts <sroberts@xxxxxxxxxxxx>
Date: Fri, 3 Jun 2005 14:29:57 -0400
In-reply-to: <E1DeG4y-0002SD-00@xxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Mail-followup-to: ietf-pkix@xxxxxxx
References: <3C69AE30038D9A4590F5EC20DCD41F68069C6418@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <E1DeG4y-0002SD-00@xxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
User-agent: Mutt/1.5.0i

Wrote Peter Gutmann <pgut001@xxxxxxxxxxxxxxxxx>, on Sat, Jun 04, 2005 at 05:35:32AM +1200:
> "David Cross" <dcross@xxxxxxxxxxxxx> writes:
> 
> >But many companies don't want to anticipate the purpose when they issue a 5
> >year smartcard, etc.
> 
> Doesn't that work the other way as well though?  What if I issue a cert with
> no keyUsage (i.e. all usage is OK) that's intended for throwaway use (signing
> in to jokeoftheday.com, so I don't protect it much and may even hand it out to
> friends) and six month later someone defines a new keyUsage bit
> confessingToAssassinateThePresident?  You're assuming that allow-all for any
> new usages will be a good thing, but it could quite well be that deny-all is a
> better policy.

These are both good examples of why the decision about which is better
policy should be made by the issuer and/or receiver of the certificate
so that it works for them, not here.

Currently, both policies are possible.

  allow-all future usages == no KeyUsage

  deny-all future usages == KeyUsage with some/all current bits set

If KeyUsage becomes mandatory, wouldn't there have to be a new usage bit
allocated (allow-all-future)? And then validation apps would have to
understand that bit. And we would still have to understand absence of
KeyUsage meaning allow-all, because even if PKIX changes to require all
CAs to specificy KeyUsage, that isn't how it is now.

Also, as you well know, the MUST clauses for certificate generation in
PKIX are already widely ignored or misintepreted, and we have to deal
with those certs anyhow. Adding more generation MUST clauses won't help
us.

Adding text in PKIX that more clearly explains what the bits are for,
and what it means for the extension to not be present might be helpful.
Unfortunately, the longer (and possibly clearer) that PKIX gets, the
easier it gets to miss parts of it.

As an aside, I'm really happy with the NIST validation test suites.
Standards as complicated as PKIX without test suites are hard to
implement correctly.  With good test suites, particularly ones that test
negative as well as postive cases, help the chances of interop improve.

Cheers,
Sam

-- 
http://www.certicom.com

Follow-Ups:
- Re: Absent keyUsage in certificates
  - From: Peter Gutmann

References:
- RE: Absent keyUsage in certificates
  - From: David Cross
- RE: Absent keyUsage in certificates
  - From: Peter Gutmann

Prev by Date: RE: 3280bis: CRL validation
Next by Date: Re: 3280bis: key usage (13)
Previous by thread: RE: Absent keyUsage in certificates
Next by thread: Re: Absent keyUsage in certificates
Index(es):
- Date
- Thread