证书和CRL
CDP¶
要点:
- X509关联内容:
-
扩展CRLDistributionPoints,关联字段:
- fullName
- nameRelativeToCRLIssuer:拼接方式还未整明白
-
CRL关联内容:
- 合并CRL:
- complete CRL
- delta CRL and base CRl
-
complete CRL and delta CRL
-
扩展:
- Issuing Distribution Point
- Delta CRL Indicator
- Freshest CRL
draft¶
问题¶
- LDAP是什么?
- 如何合并CRL?
-
certificate policies extension 是什么?
-
《6.1.2. Initialization》没读懂
rfc5280¶
Operational protocols are required to deliver certificates and CRLs (or status information) to certificate-using client systems. Provisions are needed for a variety of different means of certificate and CRL delivery, including distribution procedures based on LDAP, HTTP, FTP, and X.500. Operational protocols supporting these functions are defined in other PKIX specifications. These specifications may include definitions of message formats and procedures for supporting all of the above operational environments, including definitions of or references to appropriate MIME content types.
4 证书¶
证书扩展:
- CRL Distribution Points:指示如何获取CRL信息
- 它是一个DP(DistributionPoint)序列,每个DP包含一个CRL分发点
- 不可以只有一个
reasons字段 - 如果CRL issuer跟证书的issuer不是一个,则必须包含
cRLIssuer字段;反之,不是一个的话必须省略cRLIssuer字段,并且必须包含distributionPoint字段
non-critical
OID: 31
CRLDistributionPoints ::= SEQUENCE SIZE (1..MAX) OF DistributionPoint
DistributionPoint ::= SEQUENCE {
distributionPoint [0] DistributionPointName OPTIONAL,
reasons [1] ReasonFlags OPTIONAL,
cRLIssuer [2] GeneralNames OPTIONAL }
DistributionPointName ::= CHOICE {
fullName [0] GeneralNames,
nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
ReasonFlags ::= BIT STRING {
unused (0),
keyCompromise (1),
cACompromise (2),
affiliationChanged (3),
superseded (4),
cessationOfOperation (5),
certificateHold (6),
privilegeWithdrawn (7),
aACompromise (8) }
DP是一个序列,它可以是一些通用名(general name) 或 单值nameRelativeToCRLIssuer。如果DPN包含多个值,那么这些值代表着获取相同CRL的不同获取方式。DP包含目录名(DAP/LDAP)的话,那么还要包含当前CRL关联的reasons和cRLIssuer- 如果
DPN的值是类型为URI的通用名称,那么应该有如下假设:该URI指向了关联reasons的当前CRL,并且将由被cRLIsser发布- 如果URI使用了
http或ftp,那么指向的CRl应该被 DER 编码- HTTP服务器在响应结果的时候应该在头部中插入媒体类型,值为
application/pkix-crl
- HTTP服务器在响应结果的时候应该在头部中插入媒体类型,值为
- 当URI使用了
ldap,URI- 必须包含
<dn>字段,该字段的内容是持有CRL的入口DN(Distinguished Name) - 必须包含
<attrdesc>字段,该字段的内容是CRL的属性描述 - 应该包含
<host>字段,比如:<ldap://ldap.example.com/cn=example%20CA,dc=example,dc=com? certificateRevocationList;binary>)- 该字段也可以省略,比如:
<ldap:///cn=CA,dc=example,dc=com?authorityRevocationList;binary>,省略的前提就是客户端可以通过其他方式知道服务器的地址
- 该字段也可以省略,比如:
- 必须包含
- 应该至少要有一个
ldap或httpURI
- 如果URI使用了
-
如果
DPN的值是nameRelativeToCRLIssuer,那么内容是一个DN的片段,该片段要拼接到X509的issuer DN后面来获取完整的DPN,拼接规则如下:- 如果在该
DP中有cRLIssuer字段,那么就跟它拼 - 否则就拼到证书的
issuer DN后面
- 如果在该
-
符合规范的CA应避免使用
nameRelativeToCRLIssuer来指定发布点名称。当cRLIssuer包含多个可分辨名称时,DPN不得使用nameRelativeToCRLIssuer备用方案。
5 CRL¶
CRL extensions:
- Freshest CRL(又称为 Delta CRL Distribution Point): 指示如何获取完整CRL的增量CRL(Delta CRL)信息
- 该扩展不能再增量CRL中出现(这里意味着它跟 “Delta CRL Indicator” 扩展是互斥的)
- 字段的值跟X509的 “CRL Distribution Point” 扩展值一样,但是只有
DP字段有意义,其他字段必须省略
6 验证证书路径¶
- To meet this goal, the path validation process verifies, among other things, that a prospective certification path (a sequence of n certificates) satisfies the following conditions:
- for all x in {1, ..., n-1}, the subject of certificate x is the issuer of certificate x+1;
- certificate 1 is issued by the trust anchor;
- certificate n is the certificate to be validated (i.e., the target certificate); and
-
for all x in {1, ..., n}, the certificate was valid at the time in question.
-
A certificate MUST NOT appear more than once in a prospective certification path.
A certificate is self-issued if the same DN appears in the subject and issuer fields (the two DNs are the same if they match according to the rules specified in Section 7.1). In general, the issuer and subject of the certificates that make up a path are different for each certificate. However, a CA may issue a certificate to itself to support key rollover or changes in certificate policies. These self-issued certificates are not counted when evaluating path length or name constraints.
This section presents the algorithm in four basic steps: (1) initialization, (2) basic certificate processing, (3) preparation for the next certificate, and (4) wrap-up. Steps (1) and (4) are performed exactly once. Step (2) is performed for all certificates in the path. Step (3) is performed for all certificates in the path except the final certificate:
+-------+
| START |
+-------+
|
V
+----------------+
| Initialization |
+----------------+
|
+<--------------------+
| |
V |
+----------------+ |
| Process Cert | |
+----------------+ |
| |
V |
+================+ |
| IF Last Cert | |
| in Path | |
+================+ |
| | |
THEN | | ELSE |
V V |
+----------------+ +----------------+ |
| Wrap up | | Prepare for | |
+----------------+ | Next Cert | |
| +----------------+ |
V | |
+-------+ +--------------+
| STOP |
+-------+
Figure 2. Certification Path Processing Flowchart
CRL:
6.3.1. Revocation Inputs
To support revocation processing, the algorithm requires two inputs:
(a) certificate: The algorithm requires the certificate serial
number and issuer name to determine whether a certificate is
on a particular CRL. The basicConstraints extension is used
to determine whether the supplied certificate is associated
with a CA or an end entity. If present, the algorithm uses
the cRLDistributionPoints and freshestCRL extensions to
determine revocation status.
(b) use-deltas: This boolean input determines whether delta CRLs
are applied to CRLs.
6.3.2. Initialization and Revocation State Variables
To support CRL processing, the algorithm requires the following state variables:
(a) reasons_mask: This variable contains the set of revocation
reasons supported by the CRLs and delta CRLs processed so
far. The legal members of the set are the possible
revocation reason values minus unspecified: keyCompromise,
cACompromise, affiliationChanged, superseded,
cessationOfOperation, certificateHold, privilegeWithdrawn,
and aACompromise. The special value all-reasons is used to
denote the set of all legal members. This variable is
initialized to the empty set.
(b) cert_status: This variable contains the status of the
certificate. This variable may be assigned one of the
following values: unspecified, keyCompromise, cACompromise,
affiliationChanged, superseded, cessationOfOperation,
certificateHold, removeFromCRL, privilegeWithdrawn,
aACompromise, the special value UNREVOKED, or the special
value UNDETERMINED. This variable is initialized to the
special value UNREVOKED.
(c) interim_reasons_mask: This contains the set of revocation
reasons supported by the CRL or delta CRL currently being
processed.
开源项目¶
ejbca-ce¶
CRL Distribution Points 处理代码:
引用¶
开源项目: