On Tue, May 21, 2019 at 3:32 PM Daniel McCarney <c...@letsencrypt.org> wrote:
> >> Of the 8 unrevoked, they're all issued by a single CA - GlobalSign - and >> are all RSA keys that lack the explicit NULL parameter, and thus violate >> the requirements of https://tools.ietf.org/html/rfc3279#section-2.3.1 > > >> These are flagged by cablint (but not zlint), so that is an opportunity >> for >> CAs to improve things - both in how they encode and how they lint. > > > Ryan: Thanks for flagging this difference between cablint and zlint. > > Let's Encrypt uses zlint and so I took some time today to submit a PR to > address this missing lint finding: https://github.com/zmap/zlint/pull/285 > Extra > eyes on that would be most welcome. > Thanks. I left some comments, and also spent some time digging into the signature algorithm encodings. Using an algorithm that undercounts (meaning if they got it right in the SPKI, but botched it in the signature, or vice-versa, I'm not counting it), I still only found 415 certificates. I sampled around 40 of these, and they were all revoked, and all fell into the class of RSA omitting the NULL. Note that this is applicable for signatureAlgorithms as well (and the same section of the RFC), and this is again something cablint picks up and zlint misses. However, it seems CAs happened to already have revoked these certificates - perhaps from internal linting efforts that looked at all their certificates, or crt.sh, or some other bit. It's also not too surprising, given that this is the logic that mozilla::pkix implements directly in its implementation. So I'm fairly confident that the increased expression in policy does not harm things, makes it easier to implement safe linters. Not to pick on Daniel, but it looks like the PR made for zlint missed some edge corner cases - perfectly understandable, in context, but exactly why/where the direct comparison makes it easier :) _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy