"Marcus Leech" <[EMAIL PROTECTED]> writes:
> I'd totally forgotten about SGC (Server Gated Crypto), which is why the
> Thawte
> stuff kind of surprised me. I guess I'd simply erected some kind of
> mental block about SGC or something...
I can see why you would want to do that.
> At their web site, they do talk about more recent versions of browsers
> supporting this concept.
> So: two questions (with a possible answer of "use the source, luke"):
Here's the URL for MS's description of SGC, including how Netscape does it.
http://technet.microsoft.com/cdonline/default-f.asp?target=http://technet.microsoft.com/cdonline/Content/Complete/Internet/Client/IE/reskit/ie4/part7/part7b.htm
> o What bits are set in a "super cert" to indicate that it's a SGC
> or step-up cert? Or is it simply that certs issued by a super-cert
> authority (as marked in the browser CA cert database) are always
> "step up" certs?
It's stashed in the extendedKeyUsage extension.
There are two OIDS, one for netscape and one for MS. I don't know the
official names, but here are the oids:
netscape OBJECT IDENTIFIER ::= { 2 16 840 1 113730}
netscape-server-gated-crypto OBJECT IDENTIFIER ::= { netscape 4 1 }
microsoft-server-gated-crypto OBJECT IDENTIFIER ::= { 1 3 6 1 4 1 311 10 3 3 }
> o I'm thinking that there's a bit in the CA cert database that
> Netscape and
> IE maintain that says "OK to issue SGC certs". Anyone know where
> the bit
> is?
I'm assuming it's compiled into the code, since if it were in the
cert database, it could be tampered with.
In case you're curious, there are two flavors of SGC. In Netscape's
implementation, you reegotiatione on the current connection.
In MS's you send a client_hello right after the server_hello_done.
This is technically forbidden, but is faster.
Obviously, certs for MS-style servers contain both OIDs.
Certs for Netscape-style servers contain only one the
Netscape OID. See the above URL for the full details, but this
is the idea.
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]]
