On 17/11/16 13:45, Gervase Markham wrote:
On 17/11/16 12:42, Rob Stradling wrote:
Gerv, why must the EKU extension be critical?
Are you saying that making it critical causes problems?
I was mostly just wearing my "please don't create unnecessary extra work
for CAs" hat.
However, let's not forget that it's arguably a violation of RFC5280 to
(ab)use the EKU extension in intermediate certs as a constraint
mechanism. It's definitely conceivable that there are some modern
applications that don't process the EKU extension in intermediate certs,
but which do blow up when they encounter a critical extension that they
don't process.
I don't remember ever seeing an intermediate cert with a critical EKU
extension. It would be unfortunate if your "further restrictions" lead
to CAs reissuing their SHA-1 intermediates!
I don't see much risk in a CA reissuing a SHA-1 intermediate /per se/,
because I am assuming that CAs are not trying to engineer collisions.
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
_______________________________________________
Public mailing list
[email protected]
https://cabforum.org/mailman/listinfo/public
