<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 12 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.hoenzb
{mso-style-name:hoenzb;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Ryan, I agree with you. I just wanted us all to understand that the poison EKU doesn’t guarantee that the cert can’t be used for SSL somewhere by some app.<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>-Rick<o:p></o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><div style='border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt'><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> public-bounces@cabforum.org [mailto:public-bounces@cabforum.org] <b>On Behalf Of </b>Ryan Sleevi<br><b>Sent:</b> Tuesday, January 14, 2014 11:11 AM<br><b>To:</b> Rick Andrews<br><b>Cc:</b> Mads Egil Henriksveen; public@cabforum.org<br><b>Subject:</b> Re: [cabfpub] CT Precertificates and the BRs<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><div><p class=MsoNormal><o:p> </o:p></p><div><p class=MsoNormal style='margin-bottom:12.0pt'><o:p> </o:p></p><div><p class=MsoNormal>On Tue, Jan 14, 2014 at 10:35 AM, Rick Andrews <<a href="mailto:Rick_Andrews@symantec.com" target="_blank">Rick_Andrews@symantec.com</a>> wrote:<o:p></o:p></p><div><p class=MsoNormal>> -----Original Message-----<br>> From: Ben Laurie [mailto:<a href="mailto:benl@google.com">benl@google.com</a>]<br>> Sent: Tuesday, January 14, 2014 5:49 AM<br>> To: Gervase Markham<br>> Cc: Rick Andrews; Mads Egil Henriksveen; <a href="mailto:public@cabforum.org">public@cabforum.org</a><br>> Subject: Re: [cabfpub] CT Precertificates and the BRs<br>><o:p></o:p></p></div><div><p class=MsoNormal style='margin-bottom:12.0pt'>> On 14 January 2014 10:04, Gervase Markham <<a href="mailto:gerv@mozilla.org">gerv@mozilla.org</a>> wrote:<br>> > On 14/01/14 04:41, Rick Andrews wrote:<br>> >> Ben, the poison extension only ensures it can't be used in SSL with<br>> >> modern browsers. We recently had to use the poison extension to<br>> >> create a BR-incompatible SSL cert for a non-browser app.<br>> ><br>> > Surely if the non-browser app in question understands what the<br>> "poison<br>> > extension" means, then it's not a poison extension any more, it's<br>> just a<br>> > critical extension that one app understands :-)<br>><br>> Exactly, and no app should understand the CT poison extension.<o:p></o:p></p></div><p class=MsoNormal>Exactly, but my point is that there are non-browser applications out there that a) don't understand poison critical extensions, and b) don't fail on poison critical extensions that they don't understand. That's what allowed this SSL cert to work for our non-browser customer.<br><br>I'm trying to say that the poison extension is poison only to applications that correctly implement critical extension handling. There are probably even some very old browser versions that don't handle critical extensions properly. The poison extension isn't as watertight as we might like.<br><span style='color:#888888'><br><span class=hoenzb>-Rick</span></span><o:p></o:p></p><div><div><p class=MsoNormal>_______________________________________________<br>Public mailing list<br><a href="mailto:Public@cabforum.org">Public@cabforum.org</a><br><a href="https://cabforum.org/mailman/listinfo/public" target="_blank">https://cabforum.org/mailman/listinfo/public</a><o:p></o:p></p></div></div></div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>Rick,<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>I think we need to be *very* careful on how much we allow legacy to hold us back, and under what situations. There's a tricky balance between valid-but-undesirable behaviours (such as accepting hostnames in CNs) and out-and-out buggy behaviour (such as mishandling critical extensions).<o:p></o:p></p></div><div><p class=MsoNormal><o:p> </o:p></p></div><div><p class=MsoNormal>Applications that fail to implement critical extension handling have almost certainly botched many other elements of the certificate processing, so I don't think we should let them be the lower bar. I also have no doubt they're in the vast minority of SSL/TLS users - and, if not, then by God they should be, with security like that...<o:p></o:p></p></div></div></div></div></body></html>