[openssl-users] [TLS] Update spec to match current practices for certificate chain order
Viktor Dukhovni
openssl-users at dukhovni.org
Thu May 7 07:00:17 UTC 2015
On Thu, May 07, 2015 at 08:49:21AM +0300, Yoav Nir wrote:
> > I think there was also discussion on this list at some point suggesting
> > changing that "MAY" for omitting the root CA cert to a "SHOULD" or a
> > "MUST". (I think the argument for the latter was to reduce wasted bandwidth)
Sorry, this is incompatible with use of DANE TLSA records when the
ceritificate usage is DANE-TA(2). See:
https://tools.ietf.org/html/draft-ietf-dane-smtp-with-dane-16#section-3.1.2
https://tools.ietf.org/html/draft-ietf-dane-ops-07#section-5.2
The first of these is currently in IETF LC, the second in DANE WG LC.
> SHOULD is OK, MUST would imply perfect knowledge of how the other side is
> configured.
As you note, there is more than one way to verify certificates,
and the server cannot know exactly which certificates are needed
by the client. A SHOULD or MUST would be counter-productive.
> The root of trust may or may not be the self-signed certificate.
> But it?s probably always fine to omit the self-signed certificate.
No, not always.
> > Any reason this would be problematic? It'd be a simple change to add
> > for the TLS 1.3 spec that would align things better with real-world usage.
>
> None that I can think of
You won't be able to say that next time. :-)
--
Viktor.
More information about the openssl-users
mailing list