Re: [oss-security] please verify unusual x.509 constraints are handled

[Nikos Mavrogiannopoulos]

On Wed, Oct 31, 2012 at 9:22 AM, Daniel Kahn Gillmor
<address@hidden> wrote:
> The attached message was sent earlier this year to oss-security,
> implying that gnutls does not properly honor pathLenConstraint:
>   http://openwall.com/lists/oss-security/2012/06/27/5
> I'm unable to replicate the reported results with GnuTLS 2.8.6 (debian
> squeeze), 3.0.22 (debian sid) or 3.1 (debian experimental).
> What i see is (sid and experimental):
> 0 address@hidden:/tmp/certtest$ cat local-cert.pem Mengsk.pem
> sms.hallym.ac.kr.pem CA134040001.pem GPKIRootCA.pem | certtool -e
> Loaded 5 certificates, 1 CAs and 0 CRLs
>         Subject: C=KR,O=Government of Korea,OU=GPKI,CN=CA134040001
>         Issuer: C=KR,O=Government of Korea,OU=GPKI,CN=GPKIRootCA
>         Output: Not verified.

I haven't checked why the verification fails, but he is right that we
don't honor the pathLenConstrains and the CertSign and CRLsign
keyUsage bits for CAs. The issue with being strict on X.509
verification is that if other implementations aren't people think it
is a bug. We had that when we enforced the keyUsage bits for digital
signature and encryption. It would be good to enforce those
restrictions though.

regards,
Nikos