Trusting certificates with the same subject name and overlapping validity periods

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Trusting certificates with the same subject name and overlapping validity periods

JordanBrown

Q:  Does OpenSSL's trust-list verification support trusting multiple certificates with the same subject name and overlapping validity periods?

In more detail:

We have customers who issue replacement certificates with the same subject name and different validity periods.  We'd like to be able to straightforwardly add the new certificates to the trust list and have them work, but seem to find that certificate verification doesn't handle the case.  (Mozilla NSS does seem to handle it.)

-- 
Jordan Brown, Oracle Solaris

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Trusting certificates with the same subject name and overlapping validity periods

OpenSSL - User mailing list
On 20.09.2017 18:33, Jordan Brown wrote:

Q:  Does OpenSSL's trust-list verification support trusting multiple certificates with the same subject name and overlapping validity periods?

do these replacement certificates have the same serial number and the same private key?


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

smime.p7s (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Trusting certificates with the same subject name and overlapping validity periods

JordanBrown
On 9/20/2017 10:28 AM, Walter H. via openssl-users wrote:
On 20.09.2017 18:33, Jordan Brown wrote:

Q:  Does OpenSSL's trust-list verification support trusting multiple certificates with the same subject name and overlapping validity periods?

do these replacement certificates have the same serial number and the same private key?

I'll check with my colleague who is doing the actual work, but...

I assume that they do not have the same serial number, since they are new certificates.

I don't know whether they have the same private key.  For discussion purposes, let's say that they might or might not have the same key.

Remember that these are customer-controlled certificates; I don't get to tell them how the certificates should be structured.

Note that this would be easy if each successive certificate had a different Subject, because then the trust list could contain all of them and there would be no possibility for confusion.  But they don't.

-- 
Jordan Brown, Oracle Solaris

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Trusting certificates with the same subject name and overlapping validity periods

Viktor Dukhovni
In reply to this post by JordanBrown

> On Sep 20, 2017, at 12:33 PM, Jordan Brown <[hidden email]> wrote:
>
> Q:  Does OpenSSL's trust-list verification support trusting multiple certificates with the same subject name and overlapping validity periods?
>
> In more detail:
>
> We have customers who issue replacement certificates with the same subject name and different validity periods.  We'd like to be able to straightforwardly add the new certificates to the trust list and have them work, but seem to find that certificate verification doesn't handle the case.  (Mozilla NSS does seem to handle it.)

Generally speaking, if the latest certificate has the same key, then
it should cover the older ones, which can be dropped from the trust list.

If, however, the newer certificates have a different key, then everything
should work, provided the certificates issued under the new key carry
an "authority key identifier" extension, which matches the corresponding
"subject key identifier" in the issuer CA certificate.

The above also works with "authorityCertSerialNumber", see

   https://tools.ietf.org/html/rfc5280#section-4.2.1.1

If, however, the newer certificate has a different key, and the same
subject DN, but does not place matching distinct subject key identifiers
in the certificates it issues, then OpenSSL will not correctly handle
multiple candidate issuers that differ in the public key, but provide
no hints in the issued certificates which issuer to use.

--
        Viktor.

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Trusting certificates with the same subject name and overlapping validity periods

JordanBrown
On 9/20/2017 2:25 PM, Viktor Dukhovni wrote:

      
On Sep 20, 2017, at 12:33 PM, Jordan Brown [hidden email] wrote:

Q:  Does OpenSSL's trust-list verification support trusting multiple certificates with the same subject name and overlapping validity periods?

In more detail:

We have customers who issue replacement certificates with the same subject name and different validity periods.  We'd like to be able to straightforwardly add the new certificates to the trust list and have them work, but seem to find that certificate verification doesn't handle the case.  (Mozilla NSS does seem to handle it.)
Generally speaking, if the latest certificate has the same key, then
it should cover the older ones, which can be dropped from the trust list.

If, however, the newer certificates have a different key, then everything
should work, provided the certificates issued under the new key carry
an "authority key identifier" extension, which matches the corresponding
"subject key identifier" in the issuer CA certificate.

The above also works with "authorityCertSerialNumber", see

   https://tools.ietf.org/html/rfc5280#section-4.2.1.1

If, however, the newer certificate has a different key, and the same
subject DN, but does not place matching distinct subject key identifiers
in the certificates it issues, then OpenSSL will not correctly handle
multiple candidate issuers that differ in the public key, but provide
no hints in the issued certificates which issuer to use.

I'm not familiar with those extensions and will need to do more research.

However, it sounds like you're assuming a CA-issued certificate where we have the CA certificate in the trust list.

That's not the case.  These are (in the most relevant cases) self-signed certificates or CA-issued certificates where we have only the leaf certificate in the trust list.

I suspect that they are indeed falling into that last case, where the only way to know which certificate in the trust list is "right" is to try the crypto verification on each trusted certificate until one succeeds.  (Or just compare the certificate presented with the ones in the trust list.)
-- 
Jordan Brown, Oracle Solaris

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Trusting certificates with the same subject name and overlapping validity periods

Jeffrey Walton-3
On Wed, Sep 20, 2017 at 5:48 PM, Jordan Brown
<[hidden email]> wrote:

> ...
> The above also works with "authorityCertSerialNumber", see
>
>    https://tools.ietf.org/html/rfc5280#section-4.2.1.1
>
> If, however, the newer certificate has a different key, and the same
> subject DN, but does not place matching distinct subject key identifiers
> in the certificates it issues, then OpenSSL will not correctly handle
> multiple candidate issuers that differ in the public key, but provide
> no hints in the issued certificates which issuer to use.
>
> I'm not familiar with those extensions and will need to do more research.

I believe the controlling IETF document is "Internet X.509 Public Key
Infrastructure: Certification Path Building",
https://tools.ietf.org/html/rfc4158.

Jeff
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users