On Fri, Oct 7, 2022 at 8:49 AM Rob Stradling <[email protected]> wrote:
> > Although this "defect" remains in RFC5280, ISTM that the original X.509 > requirement is restored by MRSP section 5.2 [2], which says: > > *"CA operators MUST NOT issue ... partial/scoped CRLs that lack a > distributionPoint in a critical issuingDistributionPoint extension"* > > Does this observation cause you to rethink your conclusion? > I had read that requirement differently, as "MUST NOT issue CRLs that have a critical issuingDistributionPoint extension that does not have a distributionPoint field". My reading bound the verb "lack" to the noun "distributionPoint", rather than to the noun phrase "distributionPoint in a critical issuingDistributionPoint extension". I think the appropriate text to convey the intended requirement here would be "partial/scoped CRLs which lack a critical issuingDistributionPoint extension with the distributionPoint field". It's of course also unfortunate that it picks as an *example* something that is not clearly laid out by RFC 5280; examples should be drawn from the underlying source, not laid on top of it. But I agree that there's a reasonable reading which arrives at your interpretation, and we have already decided <https://github.com/letsencrypt/boulder/issues/6410#issuecomment-1270705003> to begin including the issuingDistributionPoint in our CRLs in the near future in order to prevent replacement attacks. Aaron -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CAEmnErdZnuDo2%2BUtsY8q_8YBCYUKpojPdbrkEWboDqUMjH1rWw%40mail.gmail.com.
