Thomas, Apologies, you're totally correct -- but the prompt was not fully specified. Suppose further that CA Alpha and CA Beta are operated by the same organization.
Thanks, Aaron On Tue, Aug 8, 2023 at 10:03 AM Thomas Zermeno <[email protected]> wrote: > Phil, > > Presuming that CA Alpha and CA Beta are different organizations, which are > not affiliated, then the cross-signed Intermediate CA Gamma certificate > does not meet the requirements of 7.1.2.2.3, namely: > > The extKeyUsage extension MAY be “unrestricted” as described in the > following table if: ‐ the > organizationName represented in the Issuer and Subject names of the > corresponding certificate > are either: ‐ the same, or ‐ the organizationName represented in the > Subject name is an affiliate of > the organizationName represented in the Issuer name .... > > > In this hypothetical scenario, the issuer of the cross-signed intermediate > certificate would be "organizationName=CA Alpha", but the subject would be > "organizationName=CA Beta". While this subject correlation matches the > cross-signed "Root CA Beta", that is not considered when determining the > extKeyUsage requirements. > > On Tue, Aug 8, 2023 at 11:00 AM 'Phil Porada' via > [email protected] <[email protected]> wrote: > >> Suppose there are three key-pairs identified by the following names: >> >> - Root CA Alpha >> - Root CA Beta >> - Intermediate CA Gamma >> >> Suppose a fairly traditional hierarchy utilizing those key-pairs: >> >> - Root CA Alpha has issued a certificate over its own public key. >> This self-signed cert must comply with BRs 7.1.2.1 Root CA Certificate >> Profile. >> - Root CA Beta has issued a certificate over its own public key. Same >> as above. >> - Root CA Beta has issued a basicConstraints CA=true cert over >> Intermediate CA Gamma's public key. Intermediate CA Gamma must comply with >> BRs 7.1.2.6 TLS Subordinate CA Certificate Profile. >> >> Suppose that Root CA Alpha also cross-signs Root CA Beta. This cross-sign >> would normally be a TLS Subordinate CA Certificate Profile, subject to >> BRs 7.1.2.6, except that it also matches the definition of BRs 7.1.2.2 >> Cross-Certified Subordinate CA. Specifically it is "a CA Certificate using >> the same Subject Name and Subject Public Key Information as one or more >> existing CA Certificate(s), whether a Root CA Certificate or Subordinate CA >> Certificate." Therefore it has slightly looser requirements, namely in >> terms of extKeyUsages. This makes sense, as the whole point of the >> Cross-Certified Subordinate CA profile is to allow cross-certs to more >> closely match the original cert they're cross-signing.Suppose that Root >> CA Alpha also cross-signs Intermediate CA Gamma. Now we arrive at a >> problem. This certificate also meets the qualifications of a 7.1.2.2 >> Cross-Certified Subordinate CA: it has the same Subject Name and Public Key >> as an existing CA Certificate. This means that the EKU extension can be >> omitted entirely because it is "unrestricted". But this is very surprising! >> The TLS Subordinate CA Certificate it is cross-signing is clearly required >> to have EKUs. Why does this cross-sign get to omit them? It feels like this >> certificate should be required to abide by the 7.1.2.6 TLS Subordinate CA >> Certificate Profile, even though it meets the qualifications of 7.1.2.2. >> >> If I have confused something, I apologize. Thank you for any guidance >> here. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "[email protected]" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/dcb791eb-4754-4389-a0ca-2551c9d55a7an%40mozilla.org >> <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/dcb791eb-4754-4389-a0ca-2551c9d55a7an%40mozilla.org?utm_medium=email&utm_source=footer> >> . >> > > > -- > -TZ > > "When I am working on a problem I never think about beauty. I only think > about how to solve the problem. But when I have finished, if the solution > is not beautiful, I know it is wrong." > - Buckminster Fuller (1895-1983) > > -- > You received this message because you are subscribed to the Google Groups " > [email protected]" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CAAbOY9JW0iMxdKBQZsBTKprZ40_p1pi5grsiLgbEjV1VrbCikw%40mail.gmail.com > <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CAAbOY9JW0iMxdKBQZsBTKprZ40_p1pi5grsiLgbEjV1VrbCikw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CAEmnErfiF0TLU%3DvCLVzkjuPY8vqP%3DL%2BVT-E9WDcG%2B3VCEuXP4Q%40mail.gmail.com.
