zmap / zlint

X.509 Certificate Linter focused on Web PKI standards and requirements.
https://zmap.io
Apache License 2.0
361 stars 110 forks source link

Remove/adjust 2 Mozilla P-521 lints #869

Open clintwilson opened 3 months ago

clintwilson commented 3 months ago

e_mp_ecdsa_pub_key_encoding_correct and e_mp_ecdsa_signature_encoding_correct are (I believe) written based on the Mozilla Root Program Policy prohibiting P-521 keys, but this policy does not actually currently prohibit P-521 per Section 5.1:

The following curves are not prohibited, but are not currently supported: P-521, Curve25519, and Curve448.

Unfortunately this does somewhat conflict with the statement preceding this:

Root certificates in our root store, and any certificate that chains up to them, MUST use only algorithms and key sizes from the following set

However, based on discussions with Mozilla and their Issue 281 it seems absolutely clear that the intent is not to restrict certificates using P-521 curve from existing. Thus, I believe the above referenced lints can be removed -- however if they're doing more than checking for compliance with this section of the Mozilla policy, then they may instead warrant adjustment rather than removal.

Related Issues: #354 #355 #358

christopher-henderson commented 3 months ago

Thank you @clintwilson!

I suppose that the logic currently is...

if key in allowed {
    return PASS
} else {
    return FAIL
}

...when it should be a bit more nuanced and warn that you are using keys that are allowed, but that may not work...

if key in allowed {
    return PASS
} else if key in unsupported {
    return WARN
} else {
    return FAIL
}

Do you believe that this would be a more accurate lint?