On 18/11/16 14:02, Gervase Markham via Public wrote:
On 18/11/16 13:48, Doug Beattie wrote:
* Do you propose that CAs
create new CA certificates every time a new EKU needs to be supported
in an end entity certificate?
If we are going to avoid having SHA-1-issuing intermediates out there
which can also issue server certs, then they are all going to need to be
EKU-constrained, and so this particular bullet is going to be necessary.
Please reconsider the EKU requirement in CA certificates (SHA-1 and
SHA-256). It's too bad we can't say: AnyEKU except id-kp-serverAuth
or id-kp-codeSigning
I can see the issue you are raising, but I wonder if there is a middle
ground between the current position and "anything in any combination as
long as no serverAuth". Particularly as, if Erwann is right, the
pathlen=0 constraint can be bypassed. I'm particularly concerned about
email, that being the other thing Mozilla's root store now cares about.
What EKUs are commonly combined in an EE cert with
id-kp-emailProtection, other than id-kp-clientAuth?
crt.sh currently has 302 CA certificates that contain the
id-kp-clientAuth EKU OID and that are trusted by Microsoft and/or
Mozilla and/or Apple.
Here's a summary of the EKU OIDs contained in those 302 intermediate certs:
count | x509_extkeyusages | purpose
-------+--------------------------+--------------------------------
302 | 1.3.6.1.5.5.7.3.4 | id-kp-emailProtection
284 | 1.3.6.1.5.5.7.3.2 | id-kp-clientAuth
104 | 1.3.6.1.5.5.7.3.1 | id-kp-serverAuth
60 | 1.3.6.1.5.5.7.3.9 | id-kp-OCSPSigning
40 | 1.3.6.1.4.1.311.21.5 | szOID_KP_CA_EXCHANGE
37 | 1.3.6.1.5.5.7.3.3 | id-kp-codeSigning
32 | 1.3.6.1.4.1.311.20.2.2 | szOID_KP_SMARTCARD_LOGON
29 | 1.3.6.1.4.1.311.10.3.4 | szOID_EFS_CRYPTO
28 | 1.3.6.1.4.1.311.21.6 | szOID_KP_KEY_RECOVERY_AGENT
26 | 1.3.6.1.4.1.311.20.2.1 | szOID_ENROLLMENT_AGENT
25 | 1.3.6.1.5.5.7.3.8 | id-kp-timeStamping
20 | 1.3.6.1.4.1.311.10.3.4.1 | szOID_EFS_RECOVERY
20 | 1.3.6.1.4.1.311.10.3.11 | szOID_KP_KEY_RECOVERY
20 | 1.3.6.1.4.1.311.21.19 | szOID_DS_EMAIL_REPLICATION
17 | 1.3.6.1.4.1.311.10.3.12 | szOID_KP_DOCUMENT_SIGNING
16 | 1.3.6.1.5.5.7.3.7 | id-kp-ipsecUser
15 | 1.3.6.1.5.5.7.3.5 | id-kp-ipsecEndSystem
15 | 1.3.6.1.5.5.7.3.6 | id-kp-ipsecTunnel
8 | 1.3.6.1.4.1.311.10.3.1 | szOID_KP_CTL_USAGE_SIGNING
6 | 1.3.6.1.5.5.8.2.2 | IP security IKE intermediate
5 | 1.3.6.1.5.5.7.3.14 | id-kp-eapOverLAN
4 | 1.3.6.1.5.5.7.3.17 | id-kp-ipsecIKE
3 | 1.3.6.1.5.2.3.5 | id-pkinit-KPKdc
3 | 1.3.6.1.5.5.7.3.10 | id-kp-dvcs
3 | 1.3.6.1.5.5.7.3.11 | id-kp-sbgpCertAAServerAuth
3 | 1.3.6.1.5.5.7.3.13 | id-kp-eapOverPPP
3 | 1.3.6.1.5.5.7.3.15 | id-kp-scvpServer
3 | 1.3.6.1.5.5.7.3.16 | id-kp-scvpClient
3 | 1.3.6.1.5.5.7.3.20 | id-kp-sipDomain
2 | 1.3.6.1.4.1.16082.2.3.5 | ? Bechtel Corporation
2 | 1.3.6.1.4.1.16082.2.3.6 | ? Bechtel Corporation
2 | 2.16.840.1.114027.40.3 | ? Entrust Technologies
2 | 1.3.6.1.4.1.311.10.3.9 | szOID_ROOT_LIST_SIGNER
1 | 1.3.6.1.4.1.29452.1.1 | ? DigitalPersona, Inc.
1 | 1.2.840.113583.1.1.5 | Adobe Authentic Document
1 | 2.16.840.1.114027.40.11 | ? Entrust Technologies
1 | 2.16.840.114027.40.4 | ? Entrust Technologies
1 | 2.16.840.1.114027.40.4 | ? Entrust Technologies
Useful links:
https://support.microsoft.com/en-gb/kb/287547
https://tools.ietf.org/html/draft-housley-pkix-oids-03
https://www.iana.org/assignments/enterprise-numbers/enterprise-numbers
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
_______________________________________________
Public mailing list
[email protected]
https://cabforum.org/mailman/listinfo/public
