Wireshark-bugs: [Wireshark-bugs] [Bug 2834] New: OID 2.5.29.3 not recognized by BER dissector.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Thu, 28 Aug 2008 07:03:40 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2834

           Summary: OID 2.5.29.3 not recognized by BER dissector.
           Product: Wireshark
           Version: 1.0.0
          Platform: PC
               URL: https://login.deutschebank.co.in/
        OS/Version: All
            Status: NEW
          Severity: Enhancement
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: adam.buchbinder@xxxxxxxxx


Created an attachment (id=2191)
 --> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=2191)
Certificate using OID 2.5.29.3.

Build Information:

--
The certificate for https://login.deutschebank.co.in/ has an undissected
component with OID 2.5.29.3; this should be id-ce-certificatePolicies. It is
described here, as an obsolete variant of 2.5.29.32:

http://www.alvestrand.no/objectid/2.5.29.3.html
http://www.oid-info.com/get/2.5.29.3

There's a copy of the relevant standard in a mailing list archive here:

http://gd.tuwien.ac.at/infosys/network/docs/ietf.org/concluded-wg-ietf-mail-archive/pem/1995-01

The following is copied from the relevant portion of that archive:

12.2.2.3  Certificate policies field

This field lists certificate policies that the certificate is expressly
recognized as supporting, together with optional qualifier information
pertaining to these policies.

The following ASN.1 type defines this field:

     certificatePolicies EXTENSION ::= {
          SYNTAX    PolicyInformation
          IDENTIFIED BY { id-ce 3 } }

     PolicyInformation ::= SEQUENCE OF SEQUENCE {
          certPolicyId   CERTIFICATE-POLICY.&id,
          qualifier CERTIFICATE-POLICY.&Qualifier {@certPolicyId}
                         OPTIONAL }

This extension is always non-critical.  It does not necessarily
constrain use of the certificate to the policies listed.  However, if
the certificate is used in association with one of these policies, the
information in any qualifier specified must apply.

A certificate policy may be defined by any organization with a need.
Object identifiers used to identify certificate policies shall be
assigned in accordance with CCITT Rec. X.660 | ISO/IEC 9834-1.  The
following ASN.1 object class is used in defining specific certificate
policies:

     CERTIFICATE-POLICY ::= CLASS {
          &id  OBJECT IDENTIFIER UNIQUE,
          &Qualifier OPTIONAL }
     WITH SYNTAX {
          POLICY-IDENTIFIER   &id
          [QUALIFIER-TYPE     &Qualifier] }


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.