Open Demi-Marie opened 4 years ago
Stebalien
commented
4 years ago Yes, but this should be documented. Would you mind updating the spec (tls/tls.md)?
Note: The go implementation, at least, should already reject certs with unknown critical extensions.
marten-seemann
commented
4 years ago RFC 5280 defines how unknown critical extensions are handled:
Each extension in a certificate is designated as either critical or non-critical. A certificate-using system MUST reject the certificate if it encounters a critical extension it does not recognize or a critical extension that contains information that it cannot process. A non-critical extension MAY be ignored if it is not recognized, but MUST be processed if it is recognized.
Do you think we need any text in addition to this?
Stebalien
commented
4 years ago Explicitly stating this in our spec can't hurt. It's something that TLS implementations might leave up to the application layer to enforce when the application layer is manually validating certificate chains (like we do).
Stebalien
commented
4 years ago (not critical, it just can't hurt if someone has the time)
When TLS is used with libp2p, are unknown critical extensions still considered to be fatal errors?