[cabfpub] CT Precertificates and the BRs
rob.stradling at comodo.com
Tue Dec 17 13:18:24 UTC 2013
RFC6962 (Certificate Transparency) permits a Precertificate to be signed
by the same CA Name/Key that signs the corresponding Certificate, and
for the Precertificate and Certificate to share the same Serial Number.
However, BRs Appendix B (4) says:
"All other fields and extensions MUST be set in accordance with RFC
Although the title of Appendix B is "Certificate Extensions", I think
"fields and extensions" must surely imply that "fields" are the
non-extension parts of a certificate (such as the serial number).
And since certificate serial numbers are not explicitly mentioned in
Appendix B, I have to conclude that certificate serial numbers "MUST be
set in accordance with RFC 5280".
RFC 5280 Section 22.214.171.124 says:
"The serial number...MUST be unique for each certificate issued by a
given CA (i.e., the issuer name and serial number identify a unique
It seems that the practice of using the same CA Name/Key to sign both a
Precertificate and Certificate is currently _illegal_ under the BRs.
RFC6962 also permits a Precertificate to be signed by a subordinate
Precertificate Signing Certificate. This approach doesn't violate
RFC5280 or the BRs, but some CAs will want to avoid the burden of
managing a Precertificate Signing Certificate for every subordinate CA
they operate. So, Ben Laurie and I have been working on some other
possible solutions, but our preferred outcome would be for both of the
Precertificate signing options in RFC6962 to be made legal.
Therefore, I would like to propose updating Appendix B of the BRs so
that CAs are permitted to sign a Precertificate and a Certificate
(sharing the same serial number) using the same CA Name/Key.
Would anybody have a problem with that?
Senior Research & Development Scientist
COMODO - Creating Trust Online
More information about the Public