Domain name case folding

bruncsak · September 17, 2022, 9:26am

When the boulder issues the certificate, all the domain names are folded to lowercase that is found in the associated certificate request. Is there a baseline requirement to do so, or is it just coded that way for convenience?

rmbolger · September 17, 2022, 12:27pm

The case lowering appears to be part of a larger function to "normalize" incoming CSRs. It also pulls one of the SAN values into the CN if it doesn't already have one and de-duplicates the SAN list.

github.com

letsencrypt/boulder/blob/3000339dee63f024ac5207b8445724bc8c36cf96/csr/csr.go

package csr

import (
	"context"
	"crypto"
	"crypto/x509"
	"errors"
	"strings"

	"github.com/letsencrypt/boulder/core"
	berrors "github.com/letsencrypt/boulder/errors"
	"github.com/letsencrypt/boulder/features"
	"github.com/letsencrypt/boulder/goodkey"
	"github.com/letsencrypt/boulder/identifier"
)

// maxCNLength is the maximum length allowed for the common name as specified in RFC 5280
const maxCNLength = 64

// This map is used to decide which CSR signing algorithms we consider

This file has been truncated. show original

No clue if it's part of a BR, but DNS records are conventionally lowercase even though resolvers should not be case-sensitive.

petercooperjr · September 17, 2022, 1:41pm

I believe using mixed case in a certificate would be allowed if a CA wanted to. I don't see anything specifically about case in the BR or Let's Encrypt's CP/CPS, but the BR do reference RFC 5280, which says in the Subject Alternative Name section,

When the subjectAltName extension contains a domain name system label, the domain name MUST be stored in the dNSName (an IA5String). The name MUST be in the "preferred name syntax", as specified by Section 3.5 of [RFC1034] and as modified by Section 2.1 of [RFC1123]. Note that while uppercase and lowercase letters are allowed in domain names, no significance is attached to the case.

Those are referenced RFCs seem to allow both upper and lower case as well.

I'm guessing that Let's Encrypt just normalizes to lowercase in order to ensure names are consistent, and maybe it helps them track things like unrenewed certificates and rate limits.

bruncsak · September 17, 2022, 1:47pm

Thanks, that seems to be the plausible answer. All those consistency requirements could be accomplished without folding the case, but it would cost more processing resource.

bruncsak · September 17, 2022, 2:06pm

Reading the RFC8555, there is no mention of case folding of domain names. I am wondering is it legitimate if the ACME server return JSON object such a way that the domain names in the object are folded uppercase or mixed case? Seemingly it isn't contrary to the RFC. If not yet implemented in pebble, may be a good option to quick off some ACME clients.

jvanasco · September 17, 2022, 4:29pm

IIRC it's purely for convenience.

I remembered this ticket... Randomize order of identifiers in Order objects returned to clients. · Issue #104 · letsencrypt/pebble · GitHub

bruncsak · September 17, 2022, 8:05pm

Yes, it is similar in the sense of helping the ACME client developers not relying on hidden assumption. The mentioned issue is for random object order; random domain name case folding would be my suggestion for the improvement of pebble.

jvanasco · September 17, 2022, 11:13pm

Yes, but the description from ISRG staff is that (i) Boulder normalizes to lowercase and (ii) ACME doesn’t require this… so your suggestion is compliant and would be an improvement.

system · October 17, 2022, 11:13pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.