crypto/x509: AuthorityKeyId on self-signed certificates

[vanbroup]

The crypto/x509 package is setting the AuthorityKeyId by default for all certificates including CA certificates. While this is not wrong according to RFC5280 section 4.2.1.1, it states that setting the authorityKeyIdentifier is optional for self-signed certificates.

The keyIdentifier field of the authorityKeyIdentifier extension MUST
be included in all certificates generated by conforming CAs to
facilitate certification path construction. There is one exception;
where a CA distributes its public key in the form of a "self-signed"
certificate, the authority key identifier MAY be omitted. The
signature on a self-signed certificate is generated with the private
key associated with the certificate's subject public key. (This
proves that the issuer possesses both the public and private keys.)
In this case, the subject and authority key identifiers would be
identical, but only the subject key identifier is needed for
certification path building.

I would like to remove the AuthorityKeyId from self-signed certificates to save about 20+ bytes in these certificates which is useful in constraint environments.

To adopt this change a small change to the following condition is required:
https://github.com/golang/go/blob/master/src/crypto/x509/x509.go#L1590

I'm happy to submit this change if agreed that this is an improvement to Go.

[bradfitz]

Feel free to send a change. @agl can review.

[gopherbot]

CL https://golang.org/cl/21895 mentions this issue.