Wayne Thayer <wtha...@mozilla.com> wrote: > Brian Smith <br...@briansmith.org> wrote: > >> Ryan Sleevi wrote: >> >>> Given that CAs have struggled with the relevant encodings, both for the >>> signatureAlgorithm and the subjectPublicKeyInfo field, I’m curious if >>> you’d >>> be open to instead enumerating the allowed (canonical) encodings for >>> both. >>> This would address open Mozilla Problematic Practices as well - namely, >>> the >>> encoding of NULL parameters with respect to certain signature algorithms. >>> >> >> > I would be happy with that approach if it makes our requirements clearer - > I'm just not convinced that doing so will eliminate the confusion I > attempted to describe. >
There are three (that I can think of) sources of confusion: 1. Is there any requirement that the signature algorithm that is used to sign a certificate be correlated in any way to the algorithm of the public key of the signed certificate? AFAICT, the answer is "no." 2. What combinations of public key algorithm (RSA vs. ECDSA vs EdDSA), Curve (N/A vs. P-256 vs P-384 vs Ed25519), and digest algorithm (SHA-256, SHA-384, SHA-512) are allowed? This is quite difficult to get *precisely* right in natural language, but easy to get right with a list of encodings. 3. Given a particular combination of algorithm, curve, and digest algorithm, which encodings of that information are acceptable? For example, when a a NULL parameter required and when is it optional. Again, this is hard to get right in natural language, and again, listing the encodings makes this trivial to get exactly right. Agreed - is someone willing to take on this task? > I could transform what I did with webpki into some text. However, first I think it would be useful if somebody could check that the encodings that webpki expects actually match what certificates in Certificate Transparency are doing. For example, does every CA already encode a NULL parameter when one is required by RFC 4055 (which is included by reference from RFC 5280)? Are there any algorithm combinations in use that aren't in webpki's list? This is something I don't have time to thoroughly check. Thanks, Brian _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy