[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Authority Revocation List - cont'd

To: Nick Pope <pope@xxxxxxxxxxxxxxxxxxx>, Sharon Boeyen <sharon.boeyen@xxxxxxxxxxx>
Subject: Re: Authority Revocation List - cont'd
From: Warwick Ford <wford@xxxxxxxxxxxx>
Date: Fri, 04 Jul 1997 11:36:36 -0700
Cc: "'OSIdirectory@xxxxxxxxxxxxx'" <OSIdirectory@xxxxxxxxxxxxx>, "'ietf-pkix@xxxxxxxxxx'" <ietf-pkix@xxxxxxxxxx>, "Molesworth Roger (Exchange)" <MolesworthR@xxxxxxxxxx>

Nick:

The intent was that if the issuingDistributionPoint extension is absent,
the CRL shall contain...  This is regardless of whether the CRL is stored
in the CRL or ARL attribute which, as you correctly point out, is not a
reliable security control.

Owing to an editorial error, the sentence is attached to the wrong para,
and this needs to be fixed. 

Warwick


At 10:29 AM 7/4/97 +0000, Nick Pope wrote:
>Sharon,
>
>Sorry to come back to the issue of Authority Revocation List but I have 
>some concern that there is:
>
>- Ambiguity in the current text on use of ARL & CRLs,  
>the use of the flags onlyContainsUserCerts and onlyContainsCACerts in 
>12.6.3.1
>
>-  potential for a security weakness resulting from confusion between 
>CRLs and ARLs.
>
>The sentence in 2nd para of 12.6.3.1 that I referred to earlier 
> "If this field is absent the CRL shall contain entries for all revoked 
>unexpired certificates issued by the CRL issuer." could be read two 
>ways:
>
>a)  the issuingDistributionPoint ("this field") is absent then the CRL 
>must be complete.
>
>b)  if the distributionPoint component of the issuingDistributionPoint 
>is absent (but the whole field present) then the CRL must be complete.
>
>(a) above implies that if ARLs are used then the issing distribution 
>point field must be present.
>
>(b) implies that if the Issue Distribution distribution point 
>field is to be used then either there must be a distribution point name 
>or indirect CRL must be used.
>
>Coming on to the potential weakness, if ARLs are used without any 
>onlyContainsCACerts flag then it is possible for an attacker to switch 
>the values in the CRL and ARL attributes so that when a CRL attribute 
>is retrieved it does not contain his/her revoked certificate.  I don't 
>believe that it is sufficient to trust the directory attribute type 
>which is unprotected.
>
>Thus, I believe that onlyContainsCACerts should be required for ARLs.
>
>How do you interpret this text?
>Do you agree that there is a need for clarification? 
>Should the use of onlyContainsCACerts be required for ARLs?
>Do you agree this warents a defect report?
>Can this be briefly discussed at Hesinki?
>
>Nick
>
>
>
>-------------------------------------
>
>
>Security & Standards
>Suite A
>191 Moulsham St.
>Chelmsford
>Essex
>CM2 0LG
>U.K.
>
>Tel: +44 1245 495018
>Fax: +44 1245 494517
>
>
---------------------------------------------------------------------
Warwick Ford, VeriSign, Inc., One Alewife Center, Cambridge, MA 02140
   wford@verisign.com; Tel: (617)492 2816 x225; Fax: (617)661 0716
---------------------------------------------------------------------

Prev by Date: questions about name constraints extension
Next by Date: RE: CRL Push over S/Mime
Previous by thread: Re: Authority Revocation List - cont'd
Next by thread: questions about name constraints extension
Index(es):
- Date
- Thread