Don't want to go too deep here, but issues uncovered in the TURKTRUST incident demonstrate an urgent need for specifying the WebPKI.
Not every certificate that is a valid PKIX certificate is a valid WebPKI certificate (and vice versa). In particular WebPKI allows for self signed certs which are not PKIX certs and self signed certs typically lack features that PKIX mandates like key usage, revocation distribution points etc. Self-signed certs are accepted in the WebPKI because they have a specific purpose which is OK. But accepting a certificate chained to an embedded trust anchor that lacks mandated PKIX features is not. This particular incident appears to be the result of an administrative error. But that error might have been caught if the offline/online separation had included a requirement that an online certificate issuer MUST NOT be capable of issuing CA certs and clients MUST be able to reject CA certs issued by such an issuer. This is something that is easily implemented using a path length constraint but you have to know that there is a potential problem to avoid it. Another feature of the generated certs is that they lacked CRL or OCSP distribution points so the cert status could not be checked. This is not permitted in WebPKI to an embedded trust anchor. -- Website: http://hallambaker.com/
_______________________________________________ wpkops mailing list [email protected] https://www.ietf.org/mailman/listinfo/wpkops
