Wikipedia

Certification path validation algorithm: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
No edit summary
Reorganized references; added reference to "New Tricks For Defeating SSL In Practice".
Line 3:
Path validation is necessary for a relying party to make an informed trust decision when presented with any certificate that is not already explicitly trusted. For example, in a hierarchical PKI, a certificate chain starting with a web server certificate might lead to a small CA, then to an intermediate CA, then to a large CA whose trust anchor is present in the relying party's web browser. In a bridged PKI, a certificate chain starting with a user at Company A might lead to Company A's CA certificate, then to a bridge CA, then to company B's CA certificate, then to company B's trust anchor, which a relying party at company B could trust.
 
RFC 3280 <ref>RFC 3280 (2002), chapter 6., a standardized path validation algorithm for [[X.509]] certificates.</ref> defines a standardized path validation algorithm for [[X.509]] certificates, given a certificate path. (Path discovery, the actual construction of a path, is not covered.) The algorithm takes the following inputs:
* The certificate path to be evaluated;
* The current date/time;
Line 18:
* Name constraints are checked, to make sure the subject name is within the permitted subtrees list of all previous CA certificates and not within the excluded subtrees list of any previous CA certificate;
* The asserted [[Certificate Policy]] [[Object identifier|OIDs]] are checked against the permissible OIDs as of the previous certificate, including any policy mapping equivalencies asserted by the previous certificate;
* Policy constraints and basic constraints are checked, to ensure that any explicit policy requirements are not violated and that the certificate is a CA certificate, respectively. This step is crucial in preventing some man in the middle attacks <ref>Moxie Marlinspike, [http://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf New Tricks For Defeating SSL In Practice], [[Black Hat Briefings|Black Hat]] DC Briefings 2009 conference.</ref>;
* The path length is checked to ensure that it does not exceed any maximum path length asserted in this or a previous certificate;
* The key usage extension is checked to ensure that is allowed to sign certificates; and
Line 27:
== External references ==
 
{{reflist}}
* RFC 3280 (2002), chapter 6., defines a standardized path validation algorithm for [[X.509]] certificates.
 
== Implementations ==
Retrieved from "https://en.wikipedia.org/wiki/Certification_path_validation_algorithm"