There is an annoying edge case where a certificate with no DNS- or CN-IDs can have a Redacted Labels extension with zero elements and not be invalid according to 6962-bis.
This means you can't immediately reject a certificate if the Redacted Labels extension has fewer than one element. Combined with the requirement that the last integer implicitly repeats, this made my TBSCertificate reconstruction implementation more complicated than it would be otherwise. Considering that this code involves indexing an array, which carries a risk of invalid memory access in memory unsafe languages, I think it's important to make it possible to detect and reject bad input as easily and as early as possible. If redaction is not removed, could we specify that the Redacted Labels extension MUST NOT be present if no labels are redacted? Regards, Andrew _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
