Re: [TLS] Verifying X.509 Certificate Chains out of order

To: pgut001 at cs.auckland.ac.nz (Peter Gutmann)
Subject: Re: [TLS] Verifying X.509 Certificate Chains out of order
From: Martin Rex <Martin.Rex at sap.com>
Date: Tue, 7 Oct 2008 12:20:56 +0200 (MEST)
Cc: simon at josefsson.org, tls at ietf.org
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
In-reply-to: <E1Kn30A-0007Qt-Gs at wintermute01.cs.auckland.ac.nz> from "Peter Gutmann" at Oct 7, 8 04:12:46 pm
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Reply-to: martin.rex at sap.com
Sender: tls-bounces at ietf.org

Peter Gutmann wrote:
> 
> Martin Rex <Martin.Rex at sap.com> writes:
> 
> >All implementations that seriously care about (server) performance ought to
> >fail with an unordered certificate_list (and not try to reorder themselves).
> >Our OEM implementation does care.
> 
> Wow, how on earth did you manage to come up with an implementation where the
> overhead of doing this even registers?

(It's an OEM implemenation I happen to support, not my implementation.)

In a sensible PKI implementation there are distinct datatypes for
unordered bags of certs and an ordered certificate chain, and
the certificate chain verifier operates only on the ordered chain.
better modularisation of code, less bugs, less code, faster.

It makes perfect sense to require ordered lists in procotols such as in an
SSL certificate_list and X509PKIPathv1 in WS-Security and use unordered
lists only where performance has low importance (PKCS7/CMS) or usability
is desired (User interfaces).

-Martin
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

References:
- Re: [TLS] Verifying X.509 Certificate Chains out of order
  - From: Peter Gutmann

Prev by Date: Re: [TLS] Verifying X.509 Certificate Chains out of order
Next by Date: Re: [TLS] Verifying X.509 Certificate Chains out of order
Previous by thread: Re: [TLS] Verifying X.509 Certificate Chains out of order
Next by thread: Re: [TLS] Verifying X.509 Certificate Chains out of order
Index(es):
- Date
- Thread

Re: [TLS] Verifying X.509 Certificate Chains out of order

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.