Re: [TLS] Verifying X.509 Certificate Chains out of order

[pgut001 at cs.auckland.ac.nz (Peter Gutmann)]

Dr Stephen Henson <lists at drh-consultancy.demon.co.uk> writes:

>This raises a point I've wondered about for a while... Various PKIX
>standards allow more than one chain between a root and EE certificate
>(cross certification et al) so the (possibly almost) complete one a
>server presents may not be the one a client will trust. CRLs can have
>distinct paths too.

That's the spaghetti PKI model.  Anyone who wants to get involved in that 
madness pretty much deserves what they get :-).

>The CMS standards for example don't have the ordering requirement they
>merely allow a set of "useful certificates" which may contain more or
>less certificates than necessary to build a chain.

I think they were bowing to the inevitable, people will stuff whatever they 
feel like into these things no matter what the spec requires.  Having said 
that I've never encountered a bunch of certs in a CMS object that didn't have 
an obvious path from the EE to some top-level CA cert.

Peter.
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls