ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Inclusion of the issuer and serial number in authenticated in formation

1998-03-12 15:04:49
from [Blake Ramsdell] [Permanent Link] 
On Wednesday, March 11, 1998 12:29 PM, Denis Pinkas
[SMTP:Denis(_dot_)Pinkas(_at_)bull(_dot_)net] wrote:

This is a good start, but this is not sufficient to handle all the
cases. If one trust point (ie. root CA) of the verifier is also the CA
that is identified in that attribute, this is fine and sufficient. If

a

certificate chain is needed to end up to the trust point of the
verifier, then a SEQUENCE OF IssuerAndSerialNumber *may* be needed.

The

reason is the following : CA names are not necessarily unique. One CA
is
only mandated to issue a name that is unique to it, but does not need
to
check that the name is not used by another CA. However if you take a
given CA as a trust point, the SEQUENCE OF IssuerAndSerialNumber is
unique. The side advantage is that this works without using
Distinguished Names (ie X.521 names).


You bring up an interesting point, but with cross-certification and
other deviations from missionary, strict-hierarchical cert chain
traversal, does this add any value?

I suspect that it won't hurt anything to specify a SEQUENCE OF
IssuerAndSerialNumber, but I don't think that CA namespace collisions
pose a significant problem.  Consider the following:

Two CAs exist, I'll call them A and A'.  Each one has a different public
key in their certificate.  You are trying to validate the signature on
end-entity certificate E.  E is signed by the private key corresponding
to certificate A.  If your chaining code tries to validate E with A', it
will fail.  At this point, your code will try using A and succeed.

Also, because issuer certificates sometimes expire (VeriSign has
re-issued both their Class 1 and Class 2 individual certificates), the
IssuerAndSerialNumber for the CA will be "stale" in an old message.

I certainly agree that solving the "I stuck another
IssuerAndSerialNumber for another certificate with the same public key
in a SignerInfo" problem is a Very Good Idea, and is A Necessity.  I
just don't know if we need to go the extra step for the SEQUENCE with
the IssuerAndSerialNumbers for the entire chain.

Comments welcome.

Blake
--
Blake C. Ramsdell
Worldtalk Corporation
For current info, check http://www.deming.com/users/blaker
Voice +1 425 882 8861 x103  Fax +1 425 882 8060
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Inclusion of the issuer and serial number in authenticated information, Denis Pinkas
Next by Date:  Comments to MSG-02, John Pawling
Previous by Thread:  New versions of the -msg and -cert drafts, Paul Hoffman / IMC
Next by Thread:  Re: Inclusion of the issuer and serial number in authenticated in formation, Denis Pinkas
Indexes:  [Date] [Thread] [Top] [All Lists]