Skip to content
This repository has been archived by the owner on Jun 19, 2020. It is now read-only.

Show an error when a DEFAULT value is explicitly encoded #11

Open
robstradling opened this issue Jan 28, 2016 · 3 comments
Open

Show an error when a DEFAULT value is explicitly encoded #11

robstradling opened this issue Jan 28, 2016 · 3 comments

Comments

@robstradling
Copy link
Contributor

Example: GoDaddy used to explicitly encode basicConstraints.cA=FALSE, even though FALSE is the default. This caused issues with mozilla::pkix - see https://bugzilla.mozilla.org/show_bug.cgi?id=988633

https://crt.sh/?id=605153&opt=cablint shows what cablint currently makes of the www.digitalocean.com cert mentioned in that Bugzilla bug.
@pzb
Copy link
Contributor

pzb commented Jan 29, 2016

Turns out asn1c has a bug and is emitting default values in DER. I'll see what I can do to work around it.

@pzb
Copy link
Contributor

pzb commented Jan 29, 2016

Checks added for Extension:critical and BasicConstraints:cA. Leaving this open until the root cause is fixed.

@sleevi
Copy link

sleevi commented Aug 17, 2017

vlm/asn1c#181 will resolve this bug in asn1c - seems it particularly affected BOOLEANs with default values in DER mode

@briansmith briansmith mentioned this issue Aug 24, 2017
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pzb @robstradling @sleevi