Document EKU inclusion (letsencrypt#5055)

rolandshoemaker · web-flow · commit 75dc93db0168 · 2020-08-27T13:40:16.000-07:00
diff --git a/cmd/ceremony/README.md b/cmd/ceremony/README.md
@@ -129,6 +129,8 @@ certificate-profile:
 
 This config generates an intermediate certificate signed by a key in the HSM, identified by the object label `root signing key` and the object ID `ffff`. The subject key used is taken from `/home/user/intermediate-signing-pub.pem` and the issuer is `/home/user/root-cert.pem`, the resulting certificate is written to `/home/user/intermediate-cert.pem`.
 
+Note: Intermediate certificates always include the extended key usages id-kp-serverAuth as required by 7.1.2.2.g of the CABF Baseline Requirements. Since we also include id-kp-clientAuth in end-entity certificates in boulder we also include it in intermediates, if this changes we may remove this inclusion.
+
 ### OCSP Signing Certificate ceremony
 
 - `ceremony-type`: string describing the ceremony type, `ocsp-signer`.
diff --git a/cmd/ceremony/cert.go b/cmd/ceremony/cert.go
@@ -272,6 +272,11 @@ func makeTemplate(randReader io.Reader, profile *certProfile, pubKey []byte, ct
 	case crlCert:
 		cert.IsCA = false
 	case intermediateCert:
+		// id-kp-serverAuth and id-kp-clientAuth are included in intermediate
+		// certificates in order to technically constrain them. id-kp-serverAuth
+		// is required by 7.1.2.2.g of the CABF Baseline Requirements, but
+		// id-kp-clientAuth isn't. We include id-kp-clientAuth as we also include
+		// it in our end-entity certificates.
 		cert.ExtKeyUsage = []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth, x509.ExtKeyUsageServerAuth}
 		cert.MaxPathLenZero = true
 	}
