[cabfpub] Mozilla SHA-1 further restrictions
Rob Stradling
rob.stradling at comodo.com
Thu Nov 17 13:58:15 UTC 2016
On 17/11/16 13:45, Gervase Markham wrote:
> On 17/11/16 12:42, Rob Stradling wrote:
>> Gerv, why must the EKU extension be critical?
>
> Are you saying that making it critical causes problems?
I was mostly just wearing my "please don't create unnecessary extra work
for CAs" hat.
However, let's not forget that it's arguably a violation of RFC5280 to
(ab)use the EKU extension in intermediate certs as a constraint
mechanism. It's definitely conceivable that there are some modern
applications that don't process the EKU extension in intermediate certs,
but which do blow up when they encounter a critical extension that they
don't process.
>> I don't remember ever seeing an intermediate cert with a critical EKU
>> extension. It would be unfortunate if your "further restrictions" lead
>> to CAs reissuing their SHA-1 intermediates!
>
> I don't see much risk in a CA reissuing a SHA-1 intermediate /per se/,
> because I am assuming that CAs are not trying to engineer collisions.
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
More information about the Public
mailing list