Ryan Sleevi via dev-security-policy <dev-security-policy@lists.mozilla.org> writes:
>>Pragmatically, does anything known break on the extra byte there? > >Yes. NSS does. Because NSS properly implements 5280. I would say that's probably more a flaw in NSS then. Does anyone's implementation seriously expect things to work, and by extension break if they don't, as 5280 says it should? What happens to NSS if it sees a policy explicitText longer than 200 bytes? If it sees a CRL with an unknown critical extension? If it sees a CRL with one of the extensions where you ignore the actual contents of the CRL and instead use revocation information hidden in a sub-extension (sorry, can't remember the name of that one at the moment). That's just the first few things that came to mind, there are a million (well, thousands. OK, maybe hundreds. At least a dozen) bizarre, arbitrary, and often illogical requirements (for example with the critical extension thing the only sensible action is to do the opposite of what the RFC says) in 5280 that I'm pretty sure NSS, and probably most other implementations as well, don't conform to, or are even aware of. So saying "it happens to break our code" is a perfectly valid response, but claiming better standards conformance than everyone else is venturing onto thin ice. More generally, I don't think there's any PKI implementation that can claim to "properly implement 5280" because there's just too much weird stuff in there for anyone to fully comprehend and be conformant to. As a corollary, since there are also things in there that are illogical, a hypothetical implementation that really was fully conformant could be regarded as broken when it does things that the spec requires but that no-one would expect an implementation to do. Peter. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
