Re: [TLS] Verifying X.509 Certificate Chains out of order

[pgut001 at cs.auckland.ac.nz (Peter Gutmann)]

Martin Rex <Martin.Rex at sap.com> writes:

>All implementations that seriously care about (server) performance ought to
>fail with an unordered certificate_list (and not try to reorder themselves).
>Our OEM implementation does care.

Wow, how on earth did you manage to come up with an implementation where the
overhead of doing this even registers?  It's not as if you're bubble-sorting a
million-entry database, it's typically three certs and the "sort" is swapping
a '->nextCert' pointer.

Another issue is that some implementations aren't purely SSL but are general- 
purpose security libraries that handle bag-o-certs as an abstraction for 
several security protocols.  In my code for example it's actually more work 
not to sort than to sort because I'd have to include special-case handling for 
situations where the certs might already be sorted, passing around extra 
parameters to control this, more code-flow paths to test, etc.

Peter.
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls