Hi I have few questions about Mozilla Root Store Policy 5.1 Mozilla Root Store Policy 5.1 only permits following algorithms for ECC.
> 5.1 Algorithms > > Root certificates in our root program, and __any certificate__ which > chains up to them, __MUST__ use __only__ algorithms and key sizes from the > following set: > > RSA keys whose modulus size in bits is divisible by 8, and is at least > 2048. > Digest algorithms: SHA-1 (see below), SHA-256, SHA-384, or SHA-512. > ECDSA keys using one of the following curve-hash pairs: > P-256 with SHA-256 > P-384 with SHA-384 I am wondering the above is for validation path only, or also for usage of EE certificate. #I thought it might be also for EE cert, since RFC5480 does not require anything on key usage(I descrive detail at the bottom of this text). As far as I understand, ECDSA public key just show a point on elliptic curve. that point can also be used (plain)ECDH or ECIES. So, if 5.1's description is also for end entity cert, EE cert's key-usage must contain digitalSignature, can contain nonRepudiation, and must not contain key agreement, key encipherment, etc. to comply 5.1. (question.1) So far I guess, that statement of 5.1 include requirement for key-usage of any EE certs, not limit to server certificates. is it correct? (question.2) In addition, if CA issue ECC certificate without appropriate key-usage, reason to revoke can be non-compliance with Mozilla's root program? RFC 5480 does not seems to require anything for key-usage #since, RFC 2119 state MAY is "truely optional" > RFC 5480 ECC SubjectPublicKeyInfo Format March 2009 > > If the keyUsage extension is present in an End Entity (EE) > certificate that indicates id-ecPublicKey in SubjectPublicKeyInfo, > then any combination of the following values MAY be present: > > digitalSignature; > nonRepudiation; and > keyAgreement. Regards Tadahiko Ito _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
