Confirmed users, Administrators
5,526
edits
CA/BR Audit Guidance: Difference between revisions
Jump to navigation
Jump to search
→CA Conformance to the BRs
| Line 155: | Line 155: | ||
= CA Conformance to the BRs = | = CA Conformance to the BRs = | ||
The CA's CP or CPS documents must include a commitment to comply with the BRs, as described in BR section 8.3. | The CA's CP or CPS documents must include a commitment to comply with the BRs, as described in BR section 8.3 (section 2.2 in BR version 1.3). | ||
BR section 8.2.1 says: "The CA SHALL develop, implement, enforce, and annually update a Certificate Policy and/or Certification Practice Statement that describes in detail how the CA implements the latest version of these Requirements." | BR section 8.2.1 (section 2 in BR version 1.3) says: "The CA SHALL develop, implement, enforce, and annually update a Certificate Policy and/or Certification Practice Statement that describes in detail how the CA implements the latest version of these Requirements." | ||
It is '''not''' sufficient to simply reference section 3.2.2.4 | It is '''not''' sufficient to simply reference section 11.1.1 (section 3.2.2.4 in BR version 1.3) of the CA/Browser Forum's Baseline Requirements (BR). Section 11.1.1 (section 3.2.2.4 in BR version 1.3) lists several ways in which the CA may confirm that the certificate subscriber owns/controls the domain name to be included in the certificate. Simply referencing the BRs does not specify which of those options the CA uses, and is insufficient for describing how the CA conforms to the BRs. The CA's CP/CPS must include a reasonable description of the ways the CA can verify that the certificate subscriber owns/controls the domain name(s) to be included in the certificate. | ||
== Checking BR Compliance == | == Checking BR Compliance == | ||
Problems to look for when analyzing data of existing sites chaining up to roots being considered for inclusion. | Problems to look for when analyzing data of existing sites chaining up to roots being considered for inclusion. | ||
* BR Appendix A for Root, Sub CA, and Subscriber certs - Cryptographic Algorithm and Key Requirements (Normative) - Certificates MUST meet the following requirements for algorithm type and key size... | * BR Appendix A (section 6.1.5 in BR version 1.3) for Root, Sub CA, and Subscriber certs - Cryptographic Algorithm and Key Requirements (Normative) - Certificates MUST meet the following requirements for algorithm type and key size... | ||
* BR Appendix B for Root, Sub CA certs, and Subscriber certs – Certificate Extensions (Normative) - This appendix specifies the requirements for Certificate extensions for Certificates generated after the Effective Date. | * BR Appendix B (section 7.1.2 in BR version 1.3) for Root, Sub CA certs, and Subscriber certs – Certificate Extensions (Normative) - This appendix specifies the requirements for Certificate extensions for Certificates generated after the Effective Date. | ||
* [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/inclusion/ Mozilla CA Certificate Inclusion Policy] section 4: We reserve the right to not include a particular CA certificate in our software products. ... CAs that issue certificates that have: | * [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/inclusion/ Mozilla CA Certificate Inclusion Policy] section 4: We reserve the right to not include a particular CA certificate in our software products. ... CAs that issue certificates that have: | ||
** ASN.1 DER encoding errors; | ** ASN.1 DER encoding errors; | ||
| Line 171: | Line 171: | ||
** incorrect extensions (e.g., SSL certificates that exclude SSL usage, or authority key IDs that include both the key ID and the issuer’s issuer name and serial number); or | ** incorrect extensions (e.g., SSL certificates that exclude SSL usage, or authority key IDs that include both the key ID and the issuer’s issuer name and serial number); or | ||
** cRLDistributionPoints or OCSP authorityInfoAccess extensions for which no operational CRL or OCSP service exists. | ** cRLDistributionPoints or OCSP authorityInfoAccess extensions for which no operational CRL or OCSP service exists. | ||
* BR 9.2.1 - Subject Alternative Name Extension - SSL certs must contain at least one entry | * BR 9.2.1 (section 7.1.4.2.1 in BR version 1.3) - Subject Alternative Name Extension - SSL certs must contain at least one entry | ||
* BR 9.2.2 - Subject Common Name Field - If present, this field MUST contain a single IP address or Fully-Qualified Domain Name that is one of the values contained in the Certificate’s subjectAltName extension | * BR 9.2.2 (section 7.1.4.2.2 in BR version 1.3) - Subject Common Name Field - If present, this field MUST contain a single IP address or Fully-Qualified Domain Name that is one of the values contained in the Certificate’s subjectAltName extension | ||
* BR 9.4.1 - Subscriber Certificates - Subscriber Certificates issued after the Effective Date (1 July 2012) MUST have a Validity Period no greater than 60 months. (exceptions allowed) | * BR 9.4.1 (section 6.3.2 in BR version 1.3) - Subscriber Certificates - Subscriber Certificates issued after the Effective Date (1 July 2012) MUST have a Validity Period no greater than 60 months. (exceptions allowed) | ||
* BR Appendix A for Subscriber certs - Cryptographic Algorithm and Key Requirements (Normative) - Certificates MUST meet the following requirements for algorithm type and key size. | * BR Appendix A (section 6.1.5 in BR version 1.3) for Subscriber certs - Cryptographic Algorithm and Key Requirements (Normative) - Certificates MUST meet the following requirements for algorithm type and key size. | ||
* BR 9.6 - CAs SHOULD generate non-sequential Certificate serial numbers that exhibit at least 20 bits of entropy. | * BR 9.6 (section 7.1 in BR version 1.3) - CAs SHOULD generate non-sequential Certificate serial numbers that exhibit at least 20 bits of entropy. | ||
* BR 13.2.2 - Repository -- CRL and OCSP max expiration time, GET | * BR 13.2.2 (section 4.9.10 in BR version 1.3) - Repository -- CRL and OCSP max expiration time, GET | ||
* BR 3.2.5 OCSP Signing -- OCSP responses MUST conform to RFC2560 and/or RFC5019. | * BR 3.2.5 (section 4.9.9 in BR version 1.3) OCSP Signing -- OCSP responses MUST conform to RFC2560 and/or RFC5019. | ||
* [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/maintenance/ Mozilla CA Certificate Maintenance Policy] section 9: all new end-entity certificates must contain at least 20 bits of unpredictable random data (preferably in the serial number). | * [https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/maintenance/ Mozilla CA Certificate Maintenance Policy] section 9: all new end-entity certificates must contain at least 20 bits of unpredictable random data (preferably in the serial number). | ||
* The problems listed here: https://wiki.mozilla.org/SecurityEngineering/mozpkix-testing#Behavior_Changes | * The problems listed here: https://wiki.mozilla.org/SecurityEngineering/mozpkix-testing#Behavior_Changes | ||