Add X.509 formatting validation to SECURITY.md

Clarify that strict formatting of X.509 certificates is not checked by Mbed TLS and that it therefore should not be used to construct a CA. Signed-off-by: David Horstmann <david.horstmann@arm.com>
2025-02-14 00:40:50 +00:00 · 2025-01-22 14:27:22 +00:00 · 2025-01-22 14:27:22 +00:00 · 2fe0da7947
commit 2fe0da7947
parent 5a77c230b1
1 changed files with 14 additions and 0 deletions
--- a/SECURITY.md
+++ b/SECURITY.md
@ -144,3 +144,17 @@ Policy](https://github.com/hacl-star/hacl-star/blob/main/SECURITY.md).)

 The Everest variant is only used when `MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED`
 configuration option is defined. This option is off by default.
+
+#### Formatting of X.509 certificates and certificate signing requests
+
+When parsing X.509 certificates and certificate signing requests (CSRs),
+Mbed TLS does not check that they are strictly compliant with X.509 and other
+relevant standards. In the case of signed certificates, the signing party is
+assumed to have performed this validation (and the certificate is trusted to
+be correctly formatted as long as the signature is correct).
+Similarly, CSRs are implicitly trusted by Mbed TLS to be standards-compliant.
+
+**Warning!** Mbed TLS must not be used to sign untrusted CSRs unless extra
+validation is performed separately to ensure that they are compliant to the
+relevant specifications. This makes Mbed TLS on its own unsuitable use in a
+Certificate Authority (CA).