Versions Compared

Old Version 22

changes.mady.by.user Unknown User (swinter)

Saved on

compared with

New Version 23

changes.mady.by.user Unknown User (swinter)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The most important property of the server certificate is the name of the server. Since this certificate is not for a webserver, there is no necessity to put an actual hostname into the server name. In principle, arbitrary names like "University of Foo eduroam service" are just as valid as "eduroam.foo-university.aq". Also, when an Identity Provider uses multiple servers for resilience reasons, then all these servers can and should have a certificate with the same name; and it may well be the identical certificate. Having different names for different servers means that end-user devices must be configured to trust multiple servers, which is more cumbersome than just having to configure one name string.

...

The following additional certificate properties are non-standard and are of particular interest in the eduroam context:

 

PropertyContentRemarks
server nameparses as fully-qualified domain nameServer certificates with spaces, e.g. "RADIUS Service of Foo University" are known to be problematic with some supplicants, one example being Apple iOS 6.x.
server nameSubject/CN == SubjectAltName:DNSSome supplicants only consult the CN when checking the name of an incoming server certificate (Windows 8 with PEAP); some check either of the two; some new EAP types such as TEAP will only check SubjectAltName:DNS. Keeping the desired name in both fields in sync is a safe bet for futureproofness.
server namenot a wildcard name (e.g "*.someidp.tld")Some supplicants exhibit undefined/buggy behaviour when attempting to parse incoming certificates with a wildcard. Windows 8 and 8.1 are known to choke on wildcard certificates.
signature algorithmSHA-1 or higher

Server certificates signed with the signature algorithm MD5 are considered invalid by many modern operating systems, e.g. Apple iOS 6.x and above. Having a server certificate (or an intermediate CA certificate) with MD5 signature will create problems on these operating systems.

Apparently, no operating system as of yet has an issue with the root CA being self-signed with MD5. This may change at any point in the future though, so when creating a new CA infrastructure, be sure not to use MD5 as signature algorithm anywhere.

length of public key1024 Bit or higherServer certificates with a length of the public key below 1024 bit are considered invalid by some recent operating systems, e.g. Windows 7 and above. Having a server certificate (or an intermediate CA certificate) with a too small public key will create problems on these operating systems.
Extension: Extended Key UsageTLS Web Server AuthenticationEven though the certificate is used for EAP purposes, some popular operating systems (i.e. Windows XP and above) require the certificate extension "TLS Web Server Authentication" (OID: 1.3.6.1.5.5.7.3.1) to be present. Having a server certificate without this extension will create problems on these operating systems.
Extension: CRL Distribution PointHTTP/HTTPS URI pointing to a valid CRL

Few very recent operating systems require this extension to be present; otherwise, the certificate is considered invalid. Currently, Windows Phone 8 is known to require this extension; Windows 8 can be configured to require it.

These operating systems appear to only require the extension to be present; they don't actually seem to download the CRL from that URL and check the certificate against it. One might be tempted to fill the certificate extension with a random garbage (or intranet-only) URL which does not actually yield a CRL; however this would make the certificate invalid for all operating systems which do evaluate the extension if present. So the URL should be a valid one.

Extension: BasicConstraint (critical)CA:FALSEServer certificates need to be marked as not being a CA. Omitting the BasicConstraint:CA totally is known to cause certificate validation to fail with Mac OS X 10.8 (Mountain Lion); setting it to TRUE is a security issue in itself. Always set the BasicConstraint "CA" to false, and mark the extension as critical.

...