Re: [TLS] Verifying X.509 Certificate Chains out of order

To: pgut001 at cs.auckland.ac.nz (Peter Gutmann)
Subject: Re: [TLS] Verifying X.509 Certificate Chains out of order
From: Martin Rex <Martin.Rex at sap.com>
Date: Tue, 7 Oct 2008 17:17:57 +0200 (MEST)
Cc: tls at ietf.org
Delivered-to: ietfarch-tls-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
In-reply-to: <E1KnDKN-0005hN-Q8 at wintermute01.cs.auckland.ac.nz> from "Peter Gutmann" at Oct 8, 8 03:14:19 am
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Reply-to: martin.rex at sap.com
Sender: tls-bounces at ietf.org

Peter Gutmann wrote:
> 
> Martin Rex <Martin.Rex at sap.com> writes:
> 
> >Would a zero-length ASN.1 SEQUENCE not require that DistinguishedName have a
> >zero length?
> 
> A zero-length BER encoding of a SEQUENCE would be 30 81 00, which meets the
> minimum-length requirements of 3 bytes.
> 
> (I'd always assumed that the limit of 3 bytes was specifically to allow this
> encoding of an empty DN, since it's not possible to get a DN that fits into 3
> bytes).

That interpretation appears quite confused to me.

First of all, the 3 bytes minimum is listed for the sequence of
DistinguishedName, and that includes a 2-byte length field for
the certificate_authorities<3..2^16-1> vector.

The zero-length BER encoding of a SEQUENCE would apply to the
DistinguishedName element only, but there the minimum length
ist listed as 1, not 3. (I was also mistaken about the actual encoding
of structure elements in TLS when I wrote my first posting on this).

But I really dislike the idea of expecting an empty DName (i.e.
one that contains no RDName elements in the ASN.1 SEQUENCE) should
have the same meaning as _NO_ DName at all!  Are you sure that
this notion is interoperable with other implementations?

-Martin
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] Verifying X.509 Certificate Chains out of order
  - From: Peter Gutmann

References:
- Re: [TLS] Verifying X.509 Certificate Chains out of order
  - From: Peter Gutmann

Prev by Date: Re: [TLS] Verifying X.509 Certificate Chains out of order
Next by Date: Re: [TLS] Verifying X.509 Certificate Chains out of order
Previous by thread: Re: [TLS] Verifying X.509 Certificate Chains out of order
Next by thread: Re: [TLS] Verifying X.509 Certificate Chains out of order
Index(es):
- Date
- Thread

Re: [TLS] Verifying X.509 Certificate Chains out of order

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.