[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Dedicated CRL signing keys

To: "David P. Kemp" <dpkemp@xxxxxxxxxxxxxx>
Subject: Re: Dedicated CRL signing keys
From: "Housley, Russ" <rhousley@xxxxxxxxxxxxxxx>
Date: Mon, 30 Apr 2001 16:08:20 -0400
Cc: ietf-pkix@xxxxxxx
In-reply-to: <>
References: <>

Dave:

The current text supports your position. That is, CAs MAY use separate keys, and applications SHOULD be able to handle it.

Russ

= = = = = = = = = = =

5.1.1.3 signatureValue

   The signatureValue field contains a digital signature computed upon
   the ASN.1 DER encoded tbsCertList.  The ASN.1 DER encoded tbsCertList
   is used as the input to the signature function.  This signature value
   is then ASN.1 encoded as a BIT STRING and included in the CRL's
   signatureValue field.  The details of this process are specified for
   each of the supported algorithms in [PKIXALGS].

   CAs MAY use one private key to digitally sign certificates and CRLs,
   or CAs MAY use separate private keys to digitally sign certificates
   and CRLs.  When separate private keys are employed, each of the
   public keys associated with these private keys is placed in a
   separate certificate, one with the keyCertSign bit set in the key
   usage extension, and one with the cRLSign bit set in the key usage
   extension (see sec. 4.2.1.3).  When separate private keys are
   employed, certificates issued by the CA contain one authority key
   identifier, and the corresponding CRLs contain a different authority
   key identifier.  The use of separate CA certificates for validation
   of certificate signatures and CRL signatures can offer improved
   security characteristics; however, it imposes a burden on
   applications, and it might limit interoperability.  Many applications
   construct a certification path, and then validate the certification
   path (see sec. 6).  CRL checking in turn requires a separate
   certification path to be constructed and validated for the CA's CRL
   signature validation certificate.  Applications that perform CRL
   checking MUST support certification path validation when certificates
   and CRLs are digitally signed with the same CA private key.  These
   applications SHOULD support certification path validation when
   certificates and CRLs are digitally signed with different CA private
   keys.

At 11:52 AM 4/30/2001 -0400, David P. Kemp wrote:

If certificate-using applications MAY handle CRLs signed by a different key
than the certificates, then CAs have no real ability to exercise that option.
I believe:
Certificate-using applications SHOULD handle CRLs signed by a different key
than the certificates.
Dave

"Housley, Russ" wrote: > Yes. So, I guess we agree. > > At 04:47 PM 4/26/2001 -0400, Santosh Chokhani wrote: > > Russ: Will a CA that signs the certificates and CRLs using different keys, > > but same Issuer DN be considered compliant? If yes, then we agree. > > > > From: Housley, Russ [mailto:rhousley@xxxxxxxxxxxxxxx] > > > Certificate-using applications must be able to handle certificates and CRLs > > > signed by the same key. Certificate-using applications may handle CRLs > > > signed by a different key than the certificates. > > > > > > If you agree with this position, then we agree. > > > > > > Russ

References:
- RE: Dedicated CRL signing keys
  - From: Housley, Russ
- Re: Dedicated CRL signing keys
  - From: David P. Kemp

Prev by Date: RE: keyCertSign and cRLSign Key Usage Bits
Next by Date: RE: keyCertSign and cRLSign Key Usage Bits
Previous by thread: Re: Dedicated CRL signing keys
Next by thread: RE: Dedicated CRL signing keys
Index(es):
- Date
- Thread