[gnutls-devel] Incorrect implementation of path length constraints?
kurt at roeckx.be
Wed Dec 9 23:29:21 CET 2015
When trying to connect to a website that has a pathlength
constraint I'm getting an error message while it works with
OpenSSL and NSS. I think there might be a misinterpretation of
the pathlength contraint. From rfc5280:
The pathLenConstraint field is meaningful only if the cA boolean is
asserted and the key usage extension, if present, asserts the
keyCertSign bit (Section 188.8.131.52). In this case, it gives the
maximum number of non-self-issued intermediate certificates that may
follow this certificate in a valid certification path. (Note: The
last certificate in the certification path is not an intermediate
certificate, and is not included in this limit. Usually, the last
certificate is an end entity certificate, but it can be a CA
certificate.) A pathLenConstraint of zero indicates that no non-
self-issued intermediate CA certificates may follow in a valid
certification path. Where it appears, the pathLenConstraint field
MUST be greater than or equal to zero. Where pathLenConstraint does
not appear, no limit is imposed.
I think GnuTLS currently doesn't allow the intermediate CA to sign
the end entity certificte when the length is set to 0.
A test site it www.abb.com.
More information about the Gnutls-devel