- From: Joseph M. Reagle Jr. <reagle@w3.org>
- Date: Tue, 24 Oct 2000 16:03:51 -0400
- To: "Tom Gindin/Watson/IBM" <tgindin@us.ibm.com>, <kent@trl.ibm.co.jp>
- Cc: "IETF/W3C XML-DSig WG" <w3c-ietf-xmldsig@w3.org>
Thank you Tom. I'll use this point to qualify the resolution of this issue in the last call document [1] but will not introduce any new text into the specification. [1] http://www.w3.org/Signature/20000228-last-call-issues.html At some point Gindin wrote: >>>[TG] The effective rule is that any certificate whose subject name >>>matches the issuer name of any of the other certificates included is a CA >>>from one of the included chains, and thus signature verification should >>>only run on the remaining certificates. All of the remaining certificates >>>(normally EE certificates) should have the SAME public key, or they will >>>confuse verifiers. Does anyone think there should be a restriction to >>>only one EE certificate? Can anyone think of a way in which two EE >>>certificates with different keys can both be "related to that single key" >>>in a KeyInfo? At some point Reagle wrote: >>Ok, I'll reference that in the last call document. Does this rule follow >>from PKCS, or does it need to be represented in our text? At 12:26 10/24/2000 -0400, Tom Gindin/Watson/IBM wrote: > It has little to do with PKCS, but it does follow PKIX. For example, >PKCS#6 does not even contain the word "chain". However, RFC 2459 section >3.2 contains the following: "In general, a chain of multiple certificates >may be needed, comprising a certificate of the public key owner (the end >entity) signed by one CA, and zero or more additional certificates of CAs >signed by other CAs." This statement does not include the statement that a >chain may be constructed by lining up issuer and subject names, but that >requirement that they be aligned is one of the conditions for validating a >path (a term used almost interchangeably with chain) in RFC 2459 section >6.1- see processing item a-4: "the subject and issuer names chain correctly >(that is, the issuer of this certificate was the subject of the previous >certificate.)" I haven't checked for citations in TLS or S/MIME, which >might well also exist and specify how to construct a chain rather than >simply how to verify one. __ Joseph Reagle Jr. W3C Policy Analyst mailto:reagle@w3.org IETF/W3C XML-Signature Co-Chair http://www.w3.org/People/Reagle/
Received on Tuesday, 24 October 2000 16:04:43 UTC