x509 v1 certificate

Simon Josefsson jas at extundo.com
Mon Sep 25 10:58:04 CEST 2006

Kazu Yamamoto (山本和彦) <kazu at iij.ad.jp> writes:

> Hello,
>> The missing basicContraints ("chainLength" above) is another reason
>> why this certificate is not valid (rfc3280,
>>    This extension MUST appear as a critical extension in all CA
>>    certificates that contain public keys used to validate digital
>>    signatures on certificates.  [...]
>> The question whether version 1 is supported is thus non-relevant
>> because we are validating certificates.  In this case PKIX requires
>> extensions and following from that version should be 3 as per
> I have asked this to a specialist of X.509 and he said that Werner's
> interpretation is not correct.
> Yes, RFC3280 is not readable but the "certificates" in Section 4
> refers "intermediate" CA's ones only, dos not refer to root CA's ones.

I wouldn't agree to that.  Section 4.2 says:

   Conforming CAs MUST support key identifiers (sections and, basic constraints (section, key usage (section, and certificate policies (section extensions.  If

The document doesn't generally distinguish between "root CA" and
"intermediate CA".

However, I do agree with you, and a perfectly reasonable
interpretation is that CA certificates (including root CAs) MUST have
key usage extensions, but a conforming verifier of certificates chains
should permit certificates without key usage extensions.  This is also
consistent with section 6.

> Please read Section 6 carefully. First, trusted anchor is to be set.
> Practically speaking, the trusted anchor is taken from a root CA's
> certificate. But it is trusted anchor, not certificate in the
> varification algorithm.
> Thus the root CA's certificate is NOT treated as a certificate, thus
> it need not include the extensions above. It's OK even if the root
> CA's certificate is v1.
> Intermediated CA's certificates are treated as certificates. Since
> they MUST include the extensions above, it MUST be v3.

I agree with you here.

It is confusing, but certificate 1 in Section 6 doesn't refer to a
Root CA aka trusted anchor, but to a certificate issued by a Root CA
aka trusted anchor.


More information about the Gnupg-devel mailing list