Hi Nelson,
On 20/11/2009 20:57, Nelson B Bolyard wrote:
On 2009-11-19 08:24 PST, Daniel Joscak wrote:
Or is this a question about the behavior of Mozilla's crypto code?
In that case, this is the right list.
I read it is a question as to what goes wrong when it is done, and why
it is that Mozilla might recommend one over the other choices. I don't
think it is policy, and it's not crypto code.
It's more like experience, what the documents don't say.
Why correct authority key identifier (AKI) can not include both the key
ID and the issuer's issuer name and serial number. We have an authority
that adds to its certificates such AKI and till now I thought it is a
valid X.509 certificate according to RFC 5280.
It is allowed, but it is almost always a huge mistake to do so. CAs that
make this mistake typically have to abandon and completely replace their
entire PKI (entire tree of issued certificates) when a CA cert expires and
its serial number appears in the AKI of other subordinate certs. More than
once I've seen entire corporate PKIs have to be replaced due to this error.
That's why it's a "problematic practice".
I don't see it here:
https://wiki.mozilla.org/CA:Problematic_Practices ?
Almost without exception, most CAs that do that (put both issuer's key ID,
and issuer's issuer name and serial number into an AKI) do so because they
use OpenSSL, and virtually every OpenSSL cookbook web page on the internet
shows all 3 AKI fields being used. Monkey see, Monkey do.
All of which says, don't do that. If I got a dollar for every time
someone said, "don't do that" I'd be rich :)
I think the question is not "whether" but "why?"
All we can do is advise people to use only the issuer's key ID, and NOT
the issuer's issuer name and serial number in the AKI of the certs they
issue. Trust me, if you stay in the game long enough, you'll thank me.
Here, you are implying that the authorityKeyIdentifier should include
the subjectKeyIdentifier (of the signer?) and not the name+serialNumber.
Yet the RFC makes it an "or" and indicates no preference?
I can think of one reason: the brand / name might change over time.
But that isn't enough to cause the above serious warning. Your writings
indicate to me that it should be documented in here:
https://wiki.mozilla.org/CA:Recommendations_for_Roots
but so far there isn't enough to write about???
iang
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
