Strength in Complexity?

Mon Jul 7 05:07:15 EDT 2008

Paul Hoffman <paul.hoffman at vpnc.org> end:

>Wrong. There is no requirement to "ignore everything else in the 
>cert". There is simply no requirement to use that material.

I suspect we're in violent agreement over this, just from two different 
persepectives.  From a security threat-modelling view I have to look at what 
the worst is that can happen if I deploy a cert (or whatever else it is I'm 
deplying).  Since the spec says that an implementation is free to ignore every 
single extension in a trust anchor/root cert then I have to assume that no 
extension I put in a root cert will ever be enforced (it *might* be, but it's 
not safe to rely on it).  From an optimist's point of view the spec is 
guaranteeing that extensions will be enforced.  From a paranoid security 
person's point of view the spec is guaranteeing that no extensions will be 
enforced.  I'm in the latter camp.

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com