badssl.com icon indicating copy to clipboard operation
badssl.com copied to clipboard

Published 20 hours ago verified publisher icon chromium

More tests with AIA

Open hydrargyrum opened this issue 5 years ago • 2 comments

There's a test with an incomplete chain cert, relying on AIA TLS extension. Certificate "A" has an incomplete chain but points to its certificate issuer B.

It would be good to have additional invalid certs:

  • incomplete cert chain A points to the URL of a certificate issuer B, but where B is NOT the issuer of A
  • incomplete cert chain A points to the URL of its true certificate issuer B, but B is untrusted by the browser

hydrargyrum avatar Jul 10 '18 13:07 hydrargyrum

Interesting ideas!

Some questions:

incomplete cert chain A points to the URL of a certificate issuer B, but where B is NOT the issuer of A

How would you get a valid cert for this? Or would the certificate also be untrusted?

incomplete cert chain A points to the URL of its true certificate issuer B, but B is untrusted by the browser

Does it matter here if B is an intermediate vs. a root? Also, do you know if badssl.com can stand up its own location for AIA fetching? Or do would have to go through an existing (untrusted) CA?

lgarron avatar Jul 10 '18 22:07 lgarron

Unfortunately, I'm not very knowledgeable on the AIA chasing subject. I'm trying to implement its support in a project but I don't know if an RFC details conditions for accepting or rejecting certificates using AIA.

incomplete cert chain A points to the URL of a certificate issuer B, but where B is NOT the issuer of A

How would you get a valid cert for this? Or would the certificate also be untrusted?

I believe it should be untrusted in this case, because A failed to prove it should be trusted, by not giving its trust path. But again, don't take my word.

incomplete cert chain A points to the URL of its true certificate issuer B, but B is untrusted by the browser

Does it matter here if B is an intermediate vs. a root?

I think it's a separate issue. I think (again, just my newbie opinion) A should point to the intermediate, not only the root, else the trust path can't be fully checked. So if A only points to the root, it should be rejected.

If A points to an intermediate B whose root is untrusted, the whole chain should be rejected too.

Also, do you know if badssl.com can stand up its own location for AIA fetching? Or do would have to go through an existing (untrusted) CA?

Not sure to understand the question. badssl already has a test for untrusted CA, but without AIA involved: https://untrusted-root.badssl.com/

hydrargyrum avatar Jul 11 '18 19:07 hydrargyrum