Rob Stradling has proposed:
"The PreCertificate could contain SAN:dNSName=<PRIVATE>.customer.com (I mean
the literal string "<PRIVATE>"), and the real certificate could contain:
•SAN:dNSName=top.secret.customer.com
•an extension that records the mapping between "top.secret" and
"<PRIVATE>". I suggest a SEQUENCE of INTEGERs, one for each Subject:commonName
and SAN:dNSName (and in the same order that they appear in the cert),
indicating how many leftmost domain components are masked."
1) I agree there should be an extension to alert clients to the fact that a
subdomain has been masked, but I'm not sure I see the value in knowing how many
leftmost domain components are masked. A monitor will notify the domain owner
that a certificate appeared in the log for their domain, with serial number
1234. The domain owner will then search through their list of known
certificates for one issued by that CA cert with that serial number. Knowing
the number of masked subdomains is of little or no value.
2) Consider a case where a cert contains multiple SANs from the same domain,
all of which are to be masked:
SAN1=foo.example.com
SAN2=bar.example.com
SAN3=foo.bar.example.com
All would be replaced with the same masked value. Should the precertificate
hold duplicate information, like this:
SAN1=<PRIVATE>.example.com
SAN2=<PRIVATE>.example.com
SAN3=<PRIVATE>.example.com
Or should it contain only one <PRIVATE>.example.com? What's the value in
knowing the number of SANs in the cert if they're all masked?
-Rick
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
