[Top] [All Lists]

RE: [saag] [Cfrg] Further MD5 breaks: Creating a rogue CAcertificate

2009-01-01 15:01:36

I do not think canonical means only one way to represent.

Extensions have always been a SEQUENCE with their OID denoting what
extension is next and their syntax.

Actually, we find SET in the case of RDN problematic.

-----Original Message-----
From: Ben Laurie [mailto:ben(_at_)links(_dot_)org] 
Sent: Thursday, January 01, 2009 2:40 PM
To: Santosh Chokhani
Cc: Paul Hoffman; cfrg(_at_)irtf(_dot_)org; ietf-smime(_at_)imc(_dot_)org; 
ietf-pkix(_at_)imc(_dot_)org; mike-list(_at_)pobox(_dot_)com
Subject: Re: [saag] [Cfrg] Further MD5 breaks: Creating a rogue

Santosh Chokhani wrote:
We must fix X.509 since it is not broken.

I am not suggesting that we should fix X.509, I am pointing out, in my
own roundabout way, that X.509 certs are supposed to have a canonical
form. But it seems they do not.

Makes me wonder why we go to all the effort of using a supposedly
canonical encoding that isn't? If we can only rely on the original bits
in the cert when checking the signature, why bother?


"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff