RE: Open Issue in Part1: path length constraints

["Michael Myers" <myers@xxxxxxxxxxxxx>]

> From: David Kemp [dpkemp@xxxxxxxxxxxxxx]
> Sent: Tuesday, March 06, 2001 8:25 AM
> To: ietf-pkix@xxxxxxx
> Subject: RE: Open Issue in Part1: path length constraints
>
> . . .
>
> P.S. There is a difference between OCSP and CRLs - OCSP responses
> can be signed by a "trusted" responder . . . . CRLs, on the other hand,
> are never valid unless signed by the CA or the CA's designee.
>
> . . .


Dave,

Does your observation of a "trusted" responder interpret case 1.b below or
were you intending to speak to some broader notion?

Section 4.2.2.2 of RFC 2560 asserts the following normative requirements:

   "Systems or applications that rely on OCSP responses . . . MUST reject
   the response if the certificate required to validate the signature on
   the response fails to meet at least one of the following criteria:

   "1. Matches a local configuration of OCSP signing authority for the
   certificate in question; or

   2. Is the certificate of the CA that issued the certificate in
   question; or

   3. Includes a value of id-ad-ocspSigning in an ExtendedKeyUsage
   extension and is issued by the CA that issued the certificate in
   question."

The generality of case 1 allows for two sub-cases:

   1.a  An implicitly trusted but nonetheless CA-delegated trusted
   public key; and

   1.b  A key that is implicitly trusted by a relying party but is
   in no way related to the issuer of the certificate in question.


Mike