[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: basicConstraints with CA=False in EE certs

To: chris.gilbert@xxxxxxxxxxxxx
Subject: Re: basicConstraints with CA=False in EE certs
From: Jean-Marc Desperrier <jmdesp@xxxxxxx>
Date: Tue, 11 Mar 2003 00:34:09 +0100
Cc: ietf-pkix@xxxxxxx
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Organization: totalement desorganise
References: <>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.3b) Gecko/20030129

chris.gilbert@xxxxxxxxxxxxx wrote:

To complicate matters Microsoft Security Bulletin MS02-050 describes
an exploitation whereby unpatched CSPs do not process
basicConstraints at all leaving them vulnerable to ID spoofing attacks
( CAN-2002-0862 ) . This problem is fixed by a patch which enforces
a check on basicConstraints.

BTW if ever you were not fully satisfied by the solution given by Peter, you can create certificate that are conformant to RFC2459 (no basicConstraint) and will be protected against this problem by making sure the Basic Constraint of the CA that emits them as a path length restriction of 0 (final CA, can only emit EE certs).

Microsoft fails to give the kind of really detailled explanation about the problem that would help implementers, but tests show that all version of the CAPI/application that will take into account the CA=false basicConstraint, will also take into account the path length restriction of 0.

References:
- basicConstraints with CA=False in EE certs
  - From: chris . gilbert

Prev by Date: Re: Certificate Policies (was Re: Trivial PKI Question)
Next by Date: RE: Certificate Policies (was Re: Trivial PKI Question)
Previous by thread: basicConstraints with CA=False in EE certs
Next by thread: Re: basicConstraints with CA=False in EE certs
Index(es):
- Date
- Thread