On https://pki.goog, all 5 of Google's newer subCAs have Extended Key Usage extension of serverAuth and clientAuth, unusual for CAs but not forbidden I guess. Their Key Usage extension contains the expected cert and CRL sign bits. Put together though they appear to be noncompliant with RFC 5280 4.2.1.12, which states that if both extensions are present then the certificate should not be used for any purpose unless that purpose is consistent across both extensions. The digitalSignature key usage that might make them consistent with the above EKU is clearly not present.
I'm posting this here because 1) not sure where else; 2) as of FF 45, the test sites offered on https://pki.goog using certs from the potentially broken chains do not trigger any validation errors, which implies that FF's path validation algorithm is not RFC compliant. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy