[cabfpub] Mozilla SHA-1 further restrictions

Erwann Abalea Erwann.Abalea at docusign.com
Fri Nov 18 16:09:05 UTC 2016


> Le 18 nov. 2016 à 16:34, Rob Stradling via Public <public at cabforum.org> a écrit :
> 
> On 18/11/16 15:26, Gervase Markham wrote:
>> On 18/11/16 15:04, Rob Stradling wrote:
>>> crt.sh currently has 302 CA certificates that contain the
>>> id-kp-clientAuth EKU OID
>> 
>> I think you mean id-kp-emailProtection here, from your figures...
> 
> Yeah, I did.  Sorry about that.
> 
>>> and that are trusted by Microsoft and/or> Mozilla and/or Apple.
>>> 
>>> Here's a summary of the EKU OIDs contained in those 302 intermediate certs:
>>> 
>>> count |    x509_extkeyusages     |            purpose
>>> -------+--------------------------+--------------------------------
>>>   302 | 1.3.6.1.5.5.7.3.4        | id-kp-emailProtection
>>>   284 | 1.3.6.1.5.5.7.3.2        | id-kp-clientAuth
>>>   104 | 1.3.6.1.5.5.7.3.1        | id-kp-serverAuth
>> 
>> People make certs usable for both serverAuth and email/clientAuth? :-|
> 
> Sadly.  Do you want any more details?
> 
>>>    60 | 1.3.6.1.5.5.7.3.9        | id-kp-OCSPSigning
>> 
>> Wait, what?
> 
> Depressing, isn't it.

This is a Microsoft issue. I don’t remember the exact details, but either Microsoft PKI can’t generate a dedicated OCSP responder out of a CA if the CA certificate is « EKU-constrained » without containing the id-kp-OCSPSigning, or Microsoft relying parties can’t validate an OCSP response signed by such a responder.
A consequence of the « EKU constraints ».

Cordialement,
Erwann Abalea



More information about the Public mailing list