diff --git a/salt/utils/verify.py b/salt/utils/verify.py
index 5e320c3b59..db513ba675 100644
--- a/salt/utils/verify.py
+++ b/salt/utils/verify.py
@@ -481,12 +481,21 @@ def clean_path(root, path, subdir=False):
     return ''
 
 
+def clean_id(id_):
+    '''
+    Returns if the passed id is clean.
+    '''
+    if re.search(r'\.\.{sep}'.format(sep=os.sep), id_):
+        return False
+    return True
+
+
 def valid_id(opts, id_):
     '''
     Returns if the passed id is valid
     '''
     try:
-        return bool(clean_path(opts['pki_dir'], id_))
+        return bool(clean_path(opts['pki_dir'], id_)) and clean_id(id_)
     except (AttributeError, KeyError) as e:
         return False