[openssl-dev] [openssl.org #3502] nameConstraints bypass bug
Rich Salz via RT
rt at openssl.org
Mon May 30 18:56:17 UTC 2016
The existing code is working as designed and is basically correct.
If there is no altname and there is a CN, we cannot assume that the CN is a
hostname. Yes, for WebPKI this is true, but WebPKI has deprecated
cn-as-hostname for more than a decade and mandated SAN names.
For example, in validating a cert chain for s/mime, suppose we have a
certificate chain which includes name constraints on DNS (say restricting it to
.foo.com) and the EE certificate has no subject alternative name. Do we reject
the chain because "Fred Bloggs" violates name constraints? Clearly, no.
Leaving this open because we might be able to do some hueristics/hacks to
determine when the CN "should be" a DNS name. But the workaround is to use SAN.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3502
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list