Confirmed users, Administrators
5,526
edits
SecurityEngineering/mozpkix-testing: Difference between revisions
→Behavior Changes
| Line 74: | Line 74: | ||
= Behavior Changes = | = Behavior Changes = | ||
Mozilla::pkix includes some changes in support of current best practices and policies, as listed below. If you notice an issue due to any of these changes, please feel free to [https://groups.google.com/d/msg/mozilla.dev.tech.crypto/EbWse7Ryj8I/mgNRW4yGAwUJ let us know]. However, we believe that in most cases, the simplest resolution will be to update the SSL certificate in your webserver. | Mozilla::pkix includes some changes in support of current best practices and policies, as listed below. If you notice an issue due to any of these changes, please feel free to [https://groups.google.com/d/msg/mozilla.dev.tech.crypto/EbWse7Ryj8I/mgNRW4yGAwUJ let us know]. However, we believe that in most cases, the simplest resolution will be to update the SSL certificate in your webserver. | ||
# End-entity certificates used in TLS servers: | |||
## Are not allowed to have basic constraints asserting isCA=TRUE. | |||
## When the EKU extension is specified, must assert the serverAuth bit. | |||
## Are no longer allowed to include the OCSPSigning EKU. | |||
# Mozilla::pkix does not allow x509 version 2 certificates in any position (root, intermediate or End-Entity (EE)) and version 1 certificates are only allowed as trust anchors. {{Bug|969188}} | # Mozilla::pkix does not allow x509 version 2 certificates in any position (root, intermediate or End-Entity (EE)) and version 1 certificates are only allowed as trust anchors. {{Bug|969188}} | ||
# Version 3 certificates used as trust anchors or intermediates are now required to have the basic constraints extention and assert the isCA bit. | # Version 3 certificates used as trust anchors or intermediates are now required to have the basic constraints extention and assert the isCA bit. | ||
# Mozilla::pkix performs chaining based on issuer name alone, and does not require that issuer's subject key match the authority key info (AKI) extension in the certificate. Classic verification enforces the AKI restriction. | # Mozilla::pkix performs chaining based on issuer name alone, and does not require that issuer's subject key match the authority key info (AKI) extension in the certificate. Classic verification enforces the AKI restriction. | ||
# If an intermediate certificate contains the EKU extension, and that intermediate certificate will be used to issue SSL/TLS certificates, then the EKU must include the id-kp-serverAuth (1.3.6.1.5.5.7.3.1) bit or the Netscape Server Gated Crypto bit (support for NSGC is provided temporarily for backward compatibility). {{Bug|982292}} | # If an intermediate certificate contains the EKU extension, and that intermediate certificate will be used to issue SSL/TLS certificates, then the EKU must include the id-kp-serverAuth (1.3.6.1.5.5.7.3.1) bit or the Netscape Server Gated Crypto bit (support for NSGC is provided temporarily for backward compatibility). {{Bug|982292}} | ||