Re: I-D Action: draft-thomson-postel-was-wrong-01.txt

I think a better example is what does a TLS client (or IKE initiator/responder) 
do when it receives a certificate chain (OK, it’s a certificate pile that the 
receiver is supposed to sort) with 17 certificates?

It’s fair to assume that most normal chains will have a root CA, one or two 
intermediaries and an EE certificate, so a chain of three because the root does 
not need to be transmitted. Setting an application limit of 5 or 7 or 10 seems 
reasonable, because reasonable senders don’t have longer chains. AFAICT the 
only limit set by RFC 5246 is 16 MB for the entire chain, enough for thousands 
of certificates. Thousands of certificates is either a bug or a DoS attack, but 
a shorter chain, like 17 certs is not.

By the Postel principle, the receiver should accept this chain. In practice I 
might limit it to a lower number, because I assume nobody does that. I think 
it’s best for the specification to say that “MUST support a chain of at least 7 
and MUST NOT send a chain longer than 7”, and of course you’d have to say that 
profiles may further reduce this number (for IoT).

Yoav

signature.asc
Description: Message signed with OpenPGP