Re: [TLS] comments on draft-subcerts

Russ Housley Tue, 14 Jul 2020 14:57:12 -0700

Watson:

This does not look right to me.  The extensions in the certificate are:


  extensions=Extensions:
   Extension:
    extnID=2.5.29.15
    critical=True
    extnValue=0x03020780
   Extension:
    extnID=2.5.29.37
    critical=False
    extnValue=0x300a06082b06010505070301
   Extension:
    extnID=2.5.29.19
    critical=True
    extnValue=0x3000
   Extension:
    extnID=2.5.29.17
    critical=False
    extnValue=0x300687047f000001
   Extension:
    extnID=1.3.6.1.4.1.44363.44
    critical=False
    extnValue=

The last one should have a value of 0x0500.

Russ


> On Jul 14, 2020, at 3:51 PM, Watson Ladd 
> <[email protected]> wrote:
> 
> On Tue, Jul 14, 2020 at 3:38 PM Salz, Rich
> <[email protected]> wrote:
>> 
>> I would love to see a sample cert and private key in “PEM format” and 
>> samples of the TLS extensions encoded, or even a simplified handshake dump.
> 
> https://github.com/tlswg/tls-subcerts/pull/77

_______________________________________________
TLS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tls

Re: [TLS] comments on draft-subcerts

Reply via email to