[cabfpub] Are test certificates subscriber certificates?

Fri Feb 5 19:11:34 MST 2016

On Fri, Feb 5, 2016 at 5:36 PM, Peter Bowen <pzb at amzn.com> wrote:

> I’ve recently run into some confusion over the definition of Subscriber
> Certificate.
>
> If a certificate signed by a CA includes the id-kp-serverAuth key purposes
> in the extended key usage extension but has subject identity information
> that identifies the CA itself and only contains domain names that fall
> under domains registered to the CA, is the certificate a Subscriber
> Certificate?
>
> One view is that yes, it is.  This is supported by section 2.2 of the BRs
> (and Appendix A of the EVGs) which says:
>
> "The CA SHALL host test Web pages that allow Application Software
> Suppliers to test their software with Subscriber Certificates that chain up
> to each publicly trusted Root Certificate.  At a minimum, the CA SHALL host
> separate Web pages using Subscriber Certificates that are (i) valid, (ii)
> revoked, and (iii) expired.”
>
> It specifically calls out that the CA is hosting and that these must be
> Subscriber Certificates.
>
> The other view is no, it is not.  This is supported by the 9.6.1 which
> says:
>
> "That, if the CA and Subscriber are not Affiliated, the Subscriber and CA
> are parties to a legally valid and enforceable Subscriber Agreement that
> satisfies these Requirements, or, if the CA and Subscriber are Affiliated,
> the Applicant Representative acknowledged and accepted the Terms of Use”
>
> Terms of Use is defined as "Provisions regarding the safekeeping and
> acceptable uses of a Certificate issued in accordance with these
> Requirements when the Applicant/Subscriber is an Affiliate of the CA”
>
> The argument is that it does not make sense that these should be
> considered Subscriber Certificates when viewed from an information vetting
> perspective and that the CA cannot execute terms or an agreement with
> itself.
>
> I thought the answer was obvious, but I have come to learn that there is
> disagreement.  Any opinions?
>
> Thanks,
> Peter
>

That's an interesting question!

I originally started writing up an ontology of certificates, but realized
it gets messy on the edges (for example, is a certificate that is
misencoded a Valid Certificate? If something is not a Valid Certificate
misissued? What about PreCertificates - are they Valid due to the
unrecognized-but-defined poison extension, or Not-Valid due to the
unrecognized-and-critical extension, etc).

For the avoidance of doubt, however, I support the first definition - if
it's usable for TLS within the definition of RFC 5280's algorithm (and the
expected EKUs), it seems to be minimally a Subscriber certificate. I'd be
curious to hear from those who may disagree as well, to see if I've misread
or perhaps over-generalized.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20160205/9bef8d90/attachment.html 