Dirk-Willem van Gulik wrote: > Dirk-Willem van Gulik wrote: > >> Actually Steve - you may know - what besides the obvious >> >> extendedKeyUsage=nsSGC,msSGC >> >> in the extension file needs to go into a sub-ca below a >> self-signed-root-chain to make the browsers dance ? Or have they >> hardcoded in some specific CA or similar ? Or is there a test case in >> opnessl which is useful here ? As that would let us do decent tests >> script. > > Hmm - just found > > http://www.modssl.org/docs/apachecon2001/slide-010-n.html > > which seems to be one of the few places on the web; which suggest that > sepcial tagging in the browser is happening on a per-CA level. > > Is that indeed the case. That would suggest that we do need the help of > a CA to do proper testing. >
Some of it is coming back to me now ;-) If any old CA (including user installed ones) could do SGC and/or Step Up then there wouldn't be much point as the whole idea was to restrict who could use strong cryptography, prompted by the export laws of the time. You needed EKU extensions in each intermediate CA and the EE certificate in the chain (it was optional in the root) *and* the root CA had to be authorised to do SGC/Step Up. As I recall you could flip a bit/byte in the NSS certificate database to do this, I think that is documented somewhere. Caused quite a fuss at the time when this was discovered. In these more enlightened times you may be able to do the same with NSS tools. I recall doing experiments with MS CryptoAPI to enable SGC: that was many versions of Windows and MSIE ago though. You couldn't just flip a bit with that: it was hard coded to one root. I also remember that Netscape (as it was then) would only do Step up while MSIE would do Step Up or SGC depending on whether the nsSGC or msSGC EKUs were present in the chain. SGC doesn't actually renegotiate in the normal sense at all. It just sends another client hello before completing the first handshake. That was why OpenSSL needed to be modified to support it: it was a technical violation of the protocol. Steve. -- Dr Stephen N. Henson. Senior Technical/Cryptography Advisor, Open Source Software Institute: www.oss-institute.org OpenSSL Core team: www.openssl.org