#80: Re-introduce the issuer key hash into the Precertificate
Comment (by [email protected]): This problem affects browser clients and any other client that wants to verify that an SCT corresponds to a particular cert. A browser has the full cert chain (from the TLS handshake) and the corresponding SCTs, but it is _not_ expected to have the full log entries (i.e. extra_data, etc). In the current text, the SCT is bound to the Issuer Name (because that's in the TBSCertificate), but not to the Issuer Key (because that's not in the TBSCertificate). There could exist two or more publicly-trusted intermediate CA certs with the same Name but different Keys. One of those intermediates might be logged, while the other(s) are not logged. Each of them could issue leaf certs that have an identical TBSCertificate. Only one of those leaf certs needs to be logged for there to exist SCT(s) that are valid for all of those leaf certs. The logged leaf cert might get revoked, but the other(s) might not get revoked. However, the SCT(s) would still work for all of those certs, including the non-logged ones. Therefore, we need to fix SCTs so that they're bound to the Issuer Key Hash as well as the Issuer Name. -- ------------------------------+--------------------------------------- Reporter: [email protected] | Owner: [email protected] Type: defect | Status: assigned Priority: major | Milestone: Component: rfc6962-bis | Version: Severity: - | Resolution: Keywords: | ------------------------------+--------------------------------------- Ticket URL: <http://trac.tools.ietf.org/wg/trans/trac/ticket/80#comment:4> trans <http://tools.ietf.org/trans/> _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
