[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Open Issue in Part1: path length constraints

To: ietf-pkix@xxxxxxx
Subject: Re: Open Issue in Part1: path length constraints
From: "David P. Kemp" <dpkemp@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 23 Feb 2001 13:16:26 -0500 (EST)
Reply-to: "David P. Kemp" <dpkemp@xxxxxxxxxxxxxxxxxxxxxxx>

Steve,


> From: Steve Hanna <steve.hanna@xxxxxxx>
> 
> The original text said:
> 
>    The pathLenConstraint field is meaningful only if cA is set to TRUE.
>    In this case, it gives the maximum number of CA certificates that may
>    follow this certificate in a certification path. A value of zero
>    indicates that only an end-entity certificate may follow in the path.
> 
> The revised text says:
> 
>    The pathLenConstraint field is meaningful only if cA is set to TRUE.
>    In this case, it gives the maximum number of CA certificates that may
>    follow this certificate in a certification path. (Note: One end-
>    entity certificate will follow the final CA certificate in the path.
>    The last certificate in a path is considered an end-entity
>    certificate, whether the subject of the certificate is a CA or not.)
>    A pathLenConstrinat of zero indicates that only an end-entity
>    certificate may follow in the path.
> 
> I find it odd to say that a certificate with cA=TRUE is a CA certificate
> *unless* it is the last certificate in a path. I suppose this is only a
> wording problem, but I find this wording *less* clear than the old
> wording.


The oddness arises because you are applying the label "CA certificate"
to the certificate based on its contents instead of its usage.

If a certificate contains cA=TRUE and
keyCertSign=cRLSign=digitalSignature=1, then it can be used for more
than one purpose.  It is a CA certificate when validating the signature
of a certificate, and it is an EE certificate when validating the
signature of a CRL or a message.  (A CA should not use a cert-signing
private key to sign correspondence, but X.509 doesn't prohibit unhygenic
practices.)

X.509 says of the Basic Constraints extension: "the cA component
indicates if the certified public key may be used to verify
certificate signatures."    It does not indicate that the public
key may not be used to verify other (CRL, message) signatures.

I believe the parenthetical note in the revised text is helpful,
but it would read better if it were at the end:

    The pathLenConstraint field is meaningful only if cA is set to
    TRUE.  In this case, it gives the maximum number of CA certificates
    that may follow this certificate in a certification path.
    A pathLenConstraint of zero indicates that only an end-entity
    certificate may follow in the path.  (Note: One end-entity
    certificate will follow the final CA certificate in the path.
    The last certificate in a path is an end-entity certificate,
    whether the subject of the certificate is a CA or not.)

(The last certificate in a path is not just "considered" an
end-entity certificate, it is one.  Proof by construction.)

Follow-Ups:
- Re: Open Issue in Part1: path length constraints
  - From: Steve Hanna

Prev by Date: Re: multiple digitale signatures
Next by Date: Re: Part1 last call comments
Previous by thread: RE: Open Issue in Part1: path length constraints
Next by thread: Re: Open Issue in Part1: path length constraints
Index(es):
- Date
- Thread