[Cryptech Tech] Restricting CA signing

Rob Austein sra at hactrn.net
Fri Jan 30 23:17:11 UTC 2015


At Fri, 30 Jan 2015 17:56:32 -0500, Rob Austein wrote:
> 
> At Fri, 30 Jan 2015 17:39:55 -0500, Sean Turner wrote:
> > 
> > Should it also include KU and CP which are critical?  I?d be
> > concerned if a DH key was used to sign stuff.  I?m less sure about
> > CP though.
> 
> I would class KU and CP as extensions for which errors would cause
> immediate validation failure, and which thus need not be checked by
> the HSM itself.  I could be wrong.

On further analysis: one could make a case that the HSM should check
CP, on the grounds that it's the magic RPKI OID in a critical CP
extension that makes it an RPKI certificate, thus subject to all the
other RPKI constraints, and since the content of this extension is an
invariant, the code specific to the CP check is basically just a
single memcmp() against a static value.  So yeah, maybe check CP.


More information about the Tech mailing list