[gnutls-devel] SSL certificate validation bugs in GnuTLS

Nikos Mavrogiannopoulos nmav at gnutls.org
Tue Feb 18 13:30:27 CET 2014

On Tue, Feb 18, 2014 at 12:46 AM, Antoine Delignat-Lavaud
<antoine at delignat-lavaud.fr> wrote:
>> I've implemented this functionality in master, but not added it in the
>> verification process.
>> The only certificate in my trusted root which contained this extension
>> had:
>> 1. Marked it as non-critical (RFC5280 requires this is critical)
>> 2. DNSNames listed in the wrong format (e.g., '.com' instead of 'com').
> The CA/B forum has made an exception to allow the use of a non-critical name
> constraints extension because of poor implementation support in TLS
> libraries. This is also one of the reasons why CAs are reluctant to enable
> name constraints - thus if you are waiting for this feature to be widely
> used before implementing it, it will never see the light of day.

Interesting document, but I see that they haven't restricted the
profile to some reasonable options (e.g., only DNS and IP). They still
allow pretty much anything to be present in such a constraint.

> Also, you'll find attached a list of CA certificates found in the wild that
> use name constraints.

Could you send them to me? I'd be interested to see which options they support.


More information about the Gnutls-devel mailing list