x509-cert: Non-Repudiation set by default in builder #1281

zkonge · 2023-12-14T22:57:35Z

Line 199 in fdb711e

let mut key_usage = KeyUsages::DigitalSignature | KeyUsages::NonRepudiation;

Is there any special reason to enable it by default?

I understand that the ETSI advises against combining the Non-Repudiation and other key usages.

In section 4.3.2 Key usage
https://www.etsi.org/deliver/etsi_en/319400_319499/31941202/02.03.00_20/en_31941202v020300a.pdf

baloo · 2024-01-02T23:10:23Z

I was not aware of the ETSI document. I believe I went with the RFC5280 at the time:

For example, when an RSA key should be used only to verify signatures on
objects other than public key certificates and CRLs, the
digitalSignature and/or nonRepudiation bits would be asserted.

https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.3

I didn't see harm in putting it. That was a mistake.

I guess the Profile::Leaf should be further qualified to include the A/C/E types from the ETSI:

NAT-4.3.2-1: The key usage extension shall be present and shall contain one (and only one) of the key usage settings
defined in table 1 (A, B, C, D, E or F). Type A, C or E should be used to avoid mixed usage of keys.

I tried to abide by the ETSI policy. https://www.etsi.org/deliver/etsi_en/319400_319499/31941202/02.03.01_60/en_31941202v020301p.pdf The policy recommends to make KeyUsage bits 0, 1, (2 and/or 4) exclusive. This is meant to avoid making signing of commitments during authentication. This commit goes a bit further by making bit 2 and 4 exclusive. I don't find a use-case for requiring both at the same time (and I would think only key agreement is required. Fixes RustCrypto#1281

baloo · 2024-01-05T05:22:22Z

@zkonge I published #1306 to fix this, if you could take a look, that would be appreciated.

I tried to abide by the ETSI policy. https://www.etsi.org/deliver/etsi_en/319400_319499/31941202/02.03.01_60/en_31941202v020301p.pdf The policy recommends to make KeyUsage bits 0, 1, (2 and/or 4) exclusive. This is meant to avoid making signing of commitments during authentication. This commit goes a bit further by making bit 2 and 4 exclusive. I don't find a use-case for requiring both at the same time (and I would think only key agreement is required. Fixes RustCrypto#1281

This is now providing a trait to be implemented by the consumer. A number of implementation are available, including ones trying to abide by CABF Baseline Requirements. Fixes RustCrypto#1281

This is now providing a trait to be implemented by the consumer. A number of implementation are available, including ones trying to abide by CABF Baseline Requirements. Fixes #1281

baloo self-assigned this Jan 2, 2024

baloo mentioned this issue Jan 3, 2024

x509-cert: v0.3 release train #1289

Open

baloo mentioned this issue Jan 5, 2024

x509-cert: rework certificate builder profiles #1306

Merged

baloo closed this as completed in #1306 May 13, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

x509-cert: Non-Repudiation set by default in builder #1281

x509-cert: Non-Repudiation set by default in builder #1281

zkonge commented Dec 14, 2023

baloo commented Jan 2, 2024 •

edited

baloo commented Jan 5, 2024

x509-cert: Non-Repudiation set by default in builder #1281

x509-cert: Non-Repudiation set by default in builder #1281

Comments

zkonge commented Dec 14, 2023

baloo commented Jan 2, 2024 • edited

baloo commented Jan 5, 2024

baloo commented Jan 2, 2024 •

edited