Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Certification path validation algorithm
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{Short description|Test for a valid public key certificate}} The '''certification path validation algorithm''' is the [[algorithm]] which verifies that a given '''certificate path''' is valid under a given [[public key infrastructure]] (PKI). A path starts with the Subject certificate and proceeds through a number of intermediate certificates up to a trusted [[root certificate]], typically issued by a trusted [[certificate authority]] (CA). Path validation is necessary for a [[relying party]] to make an informed trust decision when presented with any certificate that is not already explicitly trusted. For example, in a hierarchical PKI, a certificate chain starting with a web server certificate might lead to a small CA, then to an intermediate CA, then to a large CA whose [[trust anchor]] is present in the relying party's web browser. In a bridged PKI, a certificate chain starting with a user at Company A might lead to Company A's CA certificate, then to a bridge CA, then to company B's CA certificate, then to company B's trust anchor, which a relying party at company B could trust. {{IETF RFC|5280}}<ref>{{IETF RFC|5280}} (May 2008), chapter 6., a standardized path validation algorithm for [[X.509]] certificates.</ref> defines a standardized path validation algorithm for [[X.509]] certificates, given a certificate path. (Path discovery, the actual construction of a path, is not covered.) The algorithm takes the following inputs: * The certificate path to be evaluated; * The current date/time; * The list of [[certificate policy]] object identifiers (OIDs) acceptable to the relying party (or any); * The trust anchor of the certificate path; and * Indicators whether policy mapping is allowed and how/when/whether the "any" policy [[Object identifier|OID]] is to be tolerated. In the standardized algorithm, the following steps are performed for each certificate in the path, starting from the trust anchor. If any check fails on any certificate, the algorithm terminates and path validation fails. (This is an explanatory summary of the scope of the algorithm, not a rigorous reproduction of the detailed steps.) * The public key algorithm and parameters are checked; * The current date/time is checked against the validity period of the certificate; * The [[revocation status]] is checked, whether by [[Certificate revocation list|CRL]], [[Online Certificate Status Protocol|OCSP]], or some other mechanism, to ensure the certificate is not revoked; * The issuer name is checked to ensure that it equals the subject name of the previous certificate in the path; * Name constraints are checked, to make sure the subject name is within the permitted subtrees list of all previous CA certificates and not within the excluded subtrees list of any previous CA certificate; * The asserted [[certificate policy]] [[object identifier|OIDs]] are checked against the permissible OIDs as of the previous certificate, including any policy mapping equivalencies asserted by the previous certificate; * Policy constraints and basic constraints are checked, to ensure that any explicit policy requirements are not violated and that the certificate is a CA certificate, respectively. This step is crucial in preventing some [[man in the middle attack]]s;<ref>[[Moxie Marlinspike]], [https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf New Tricks For Defeating SSL In Practice], [[Black Hat Briefings|Black Hat]] DC Briefings 2009 conference.</ref> * The path length is checked to ensure that it does not exceed any maximum path length asserted in this or a previous certificate; * The key usage extension is checked to ensure that is allowed to sign certificates; and * Any other critical extensions are recognized and processed. If this procedure reaches the last certificate in the chain, with no name constraint or policy violations or any other error condition, then the certificate path validation algorithm terminates successfully. == External links == {{reflist}} == See also == * [[Delegated Path Discovery]] * [[Delegated Path Validation]] [[Category:Cryptographic protocols]]
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)
Pages transcluded onto the current version of this page
(
help
)
:
Template:IETF RFC
(
edit
)
Template:Reflist
(
edit
)
Template:Short description
(
edit
)