Re: [openssl-users] X.509 certificate subject format

Mon, 02 Jul 2012 02:25:05 -0700 

Le 02/07/2012 10:34, Johannes Bauer a écrit :

I have a rather simple question regarding X.509 subjects that is not
entirely clear to me and for which I cannot find the appropriate
reference (pointers greatly appreciated). The trouble starts when trying
to compare two subjects of *different* certificates for equality and
becomes worse when certain fields are appearing more than once. To
clarify, by "equal" I mean 'should behave in exactly the same way by all
well-behaved implementations.

Let's start easy. Consider the following subjects:

subject1= /C=SE/O=FooBar/OU=BarFoo/CN=moo.koo.com
subject2= /C=SE/OU=BarFoo/CN=moo.koo.com/O=FooBar

Are these to be considered equal or not?


Not equal.


I.e.: Does the order of
elements matter? Does the order matter when fields are duplicate, i.e. are:
The order of elements in a SEQUENCE matters. The order of elements in a SET doesn't matter (read X.690 to get DER rules). Comparison rules for AttributeAndValue elements follow X.520 recommendation (you have to canonicalize them before comparison). 


subject1= /CN=foo/CN=bar
subject2= /CN=bar/CN=foo

equal?


Not equal.


If they are not equal, does the first one have a special meaning? For
example, assume a webserver with a duplicate common name field. Are both
names valid as the server name then? I.e. could I access a webserver
with the certificate subject as stated above by DNS "foo" *and* "bar" or
only by one of them?
This is not specified by X.509. Browsers tend to accept such a certificate for an accessed FQDN equal to either "foo" or "bar". But you SHOULD place at most the first FQDN in a CN element in the subject, and other FQDN values in the subjectAlternativeName extension. 


One reason to ask for equality is that there maybe is a certificate X:

issuerX = /O=myCA/OU=greatCA/CN=not
subjectX= /CN=foo/CN=bar

and it has a valid signature by a CA with the following subject:

issuerX = /OU=greatCA/O=myCA/CN=not

Is the certificate signature then valid?
The signature may be cryptographically valid, but the names don't match, so "/OU=greatCA/O=myCA/CN=not" is not the issuer of "/CN=foo/CN=bar" (at least not in what you described, "/CN=foo/CN=bar" may have another certificate). 

--
Erwann ABALEA
-----
Pas de panique, ça sera pire.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to