Re: x509

To: Damien Miller <djm%mindrot.org@localhost>
Subject: Re: x509
From: nisse%lysator.liu.se@localhost (Niels Möller)
Date: 31 Jan 2002 13:01:04 +0100

nisse%lysator.liu.se@localhost (Niels Möller) writes:

> > string "ssh-rsa-x509v3"
> > mpint e
> > mpint n
> > string der_encoded_certificate
> > 
> > This scales nicely to the other certificate (SPKI, OpenPGP) methods. 
> 
> This has one big advantage: The ssh(d) program can verify the
> signature, and delegate processing of the certificates to an external
> program or library, which doesn't need to know the SSH protocol data
> that was signed.

But on second thought, this beautiful separation of SSH things from
x.509 things doesn't quite work. Somebody *has* to check that the e
and n above equals the key that is somewhere inside the ASN.1
certificate chain, otherwise, the certificate checking has a hole you
can drive a 20 ton truck right through.

So now I think it's best to *not* duplicate crucial security
information like this. If we do, I'm sure some implementation will
forget to check that the information is consistent.

Regards,
/Niels

Follow-Ups:
- Re: x509
  - From: Damien Miller

References:
- Re: x509
  - From: Damien Miller
- Re: x509
  - From: Niels Möller

Prev by Date: Re: x509
Next by Date: Re: x509
Previous by Thread: Re: x509
Next by Thread: Re: x509
Indexes:

Home | Main Index | Thread Index | Old Index