Continuation of a dialog between Dr. Stephen Henson and Charles B Cranston:
B: These are some of the ones we found: B: Netscape 4 will not tolerate an ExtendedKeyUsage extension.
S: Hmmm. What makes you think that? EKU is *required* to handle "step up" S: (aka SGC, magic, 128 bit [yuck]) and Netscape 4 handled that.
B: Based on a dialog that came up that said B: "unknown critical extension" when I had a critical EKU extension B: and that dialog not coming up when I made it a noncritical B: extension or left it out entirely. I don't think this had B: anything to do with stepup, but correct me if I'm missing B: something
S: Well not setting it to critical might have worked unless you specifically
S: wanted any client that didn't recognize the extension to reject it.
S: Setting anything to critical may cause problems for older clients because at
S: least one version of IE rejects anything that's critical even if it does
S: recognize it.
B: Gee, Steve, I'm sorry, I didn't completely read (or comprehend B: at least) your earlier remark. You are saying that NS calls it an B: unknown critical extension even though it knows about it in the B: context of stepup??? That's just broken. The standard clearly B: states that if you don't know about an extension and it's critical B: you fail. If it knows about it how can it be unknown? Yeah left B: hand doesn't know what right hand is doing I guess. Thanks for the B: additional data point. Guess we didn't test it as completely as we B: thought we did. And if IE rejects anything that is critical even B: if it does recognize it (absent the critical bit) then IMHO it is B: broken too. Grump.
S: It shouldn't be necessary to alter the default extensions for a simple SSL
S: server certificate.
B: Yes, I believe this to be the case, but note that software rot B: might affect this. We have some Java client code that REQUIRES B: a BasicConstraints extension, for example, and while I believe B: the distributed cnf does put one in, in slight violation of B: PKIX/RFC3380 (and this is well and truly disclosed and documented B: in the commentary!) it may someday come to pass that some client B: requires something above and beyond.
S: IIRC RFC2459 frowned upon basicConstraints (but didn't forbid it) in end user
S: certificates whereas RFC3280 now specifically allows it.
B: Hmm, missed that change, alligators and swamps...
Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage.
-- Charles B (Ben) Cranston mailto: [EMAIL PROTECTED] http://www.wam.umd.edu/~zben
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
