[Openswan Users] X.509 key usage

Gregor Bethlen saphira at bethlen.de
Tue Jul 20 09:40:18 CEST 2004 

Andreas Steffen <andreas.steffen at strongsec.net> schrieb am 19.07.04 16:19:14:
> 
> Hi Gregor,
> 

Hello Andreas,

> The IETF draft document <draft-ietf-pki4ipsec-ikecert-profile-00.txt>
> 
>   "The Internet IP Security PKI Profile of IKEv1/ISAKMP, IKEv2, and PKIX"
> 
> recommends the following:
> 
> 4.1.3. X.509 Certificate Extensions
> 
>      Conforming applications MUST recognize extensions which must or may
>      be marked critical according to this specification. These extensions
>      are: KeyUsage, SubjectAltName, and BasicConstraints.
> 

So, keyUsage must be recognized (whatever that means).

>      Implementations SHOULD generate certificates such that the extension
>      criticality bits are set in accordance with PKIX and this document.
>      With respect to PKIX compliance, implementations processing
>      certificates MAY ignore the value of the criticality bit for
>      extensions that are supported by that implementation, but MUST
>      support the criticality bit for extensions that are not supported by
>      that implementation. That is, if an implementation supports (and thus
>      is going to process) a given extension, then it isn't necessary to
>      reject the certificate if the criticality bit is different from what
>      PKIX states it must be. However, if an implementation does not
>      support an extension that PKIX mandates be critical, then the
>      implementation must reject the certificate.

If an implementation does not support an extension that PKIX defines, the implementation wouldn't be PKIX-conform, would it?

> 
> [...] 
> 
> 
> 
> As you can see the matter is quite complex and it must be taken into
> consideration that not many Certification Authorities strictly conform
> to the PKIX profile. The introduction of strict keyUsage checks might
> potentially break a considerable number of existing IPsec applications.
> 

OK, didn't thought about that.

> Gregor, in your opinion, what would be the gain in terms of
> increased security by heeding the keyUsage flags? Which would be the
> most important checks you'd like to see implemented in *swan?
> 

My question about (extended)keyUsage was just for information. I haven't any wishes about checks ;-) It's just from the point of view that a generally security-tip is to forbid everything EXCEPT the things needed. For certificates, this would be (extended)keyUsage. But I must be honest, I don't have an example how this could be a security-risk ...

Thanks for information,

Gregor

> Kind regards
> 
> Andreas
> 
> Gregor Bethlen wrote:
> > Hello Andreas,
> > 
> > thank you for your response. Do you know if there are any plans to include a
> > (extended)keyUsage-check in further *swan-implementations?
> > 
> > Bye,
> > 
> > Gregor
> > 
> > Andreas Steffen <andreas.steffen at strongsec.net> schrieb am 19.07.04 13:54:15:
> > 
> > 
> >> The keyUsage and extendedKeyUsage flags are not checked by *swan.
> >> 
> >> An exception are the OCSP signing certificates introduced with the X.509
> >> patch version >= 1.5, where the OCSPSigning flag must be mandatorily set in
> >> the extendedKeyUsage field.
> >> 
> >> Intermediate CA certificates sent via PKCS#7-wrapped certificate payloads 
> >> must have the CA basicContraints field set to TRUE in order to get 
> >> accepted.
> >> 
> >> Regards
> >> 
> >> Andreas
> >> 
> >> Gregor Bethlen wrote:
> >> 
> >>> Hello list,
> >>> 
> >>> I wondered if OpenS/WAN refers to the keyUsage and
> >>> extendedKeyUsage-Fields in X.509-certificate-extensions. I found nothing
> >>> in readme.X509, and on an archived mailing-list-entry from FreeS/WAN it
> >>> said, just the DN and the Public Key are used. (I hope, the signature
> >>> gets proofed, though.) Since this mail was from somewhat 2001, I
> >>> wondered, if the keyUsage gets checked by OpenS/WAN.
> >>> 
> >>> Thanks for any answers,
> >>> 
> >>> Gregor ____________________________________________________ Aufnehmen, 
> >>> abschicken, nah sein - So einfach ist WEB.DE Video-Mail: 
> >>> http://freemail.web.de/?mc=021200
> 
> =======================================================================
> Andreas Steffen                   e-mail: andreas.steffen at strongsec.com
> strongSec GmbH                    home:   http://www.strongsec.com
> Alter Zürichweg 20                phone:  +41 1 730 80 64
> CH-8952 Schlieren (Switzerland)   fax:    +41 1 730 80 65
> ==========================================[strong internet security]===
> 


____________________________________________________
Aufnehmen, abschicken, nah sein - So einfach ist 
WEB.DE Video-Mail: http://freemail.web.de/?mc=021200

More information about the Users mailing list