Re: RFC: Handling of certificates in Debian

To: Neil Spring <nspring@cs.washington.edu>
Cc: debian-devel@lists.debian.org
Subject: Re: RFC: Handling of certificates in Debian
From: Andrew McDonald <andrew@mcdonald.org.uk>
Date: Sat, 31 Aug 2002 00:18:04 +0100
Message-id: <[🔎] 20020830231803.GB19478@mcdonald.org.uk>
In-reply-to: <[🔎] 20020830215708.GA10758@cs.washington.edu>
References: <[🔎] 20020830001131.A15775@stargate.galaxy> <[🔎] 20020829223936.GA12632@khazad-dum> <[🔎] 20020830175717.GB19306@mcdonald.org.uk> <[🔎] 20020830215708.GA10758@cs.washington.edu>

On Fri, Aug 30, 2002 at 02:57:12PM -0700, Neil Spring wrote:
> On Fri, Aug 30, 2002 at 06:58:00PM +0100, Andrew McDonald wrote:
> > On a similar subject, there seem to be more than a few applications
> > that have had "SSL/TLS support" added, but don't do any hostname
> > checking against the certificate - leaving you open to
> > man-in-the-middle attacks.
> 
> (speaking as an offender)

ditto at times - if someone who knows more about GNOME than me wants
to look at libgnomevfs2 please do, the code there was a quick
replacement of the existing openssl implementation to solve the licence
issues - it fails to do any checking.

> Why is it that TLS libraries don't handle a lot of this
> simple validation on behalf of applications?
> 
> Why is it that the sample gnutls code doesn't seem to
> include this check?

Some sample code, based on my implementation for mutt, is now included
in the documentation for gnutls in CVS, as of earlier today. ;-)

> It seems like you've contributed a lot of mutt-specific code
> to handle certificate validation in the-right-way, but that
> the procedure is both generally useful and error-prone so
> should be centralized.

One of the problems of automating the complete set of certificate
checking (hostname on cert, expiration date, validity of signatures,
etc) is that it often requires user interaction.

Users are likely to complain if they can't access their POP3 server
because the certificate expired yesterday, but they should be warned
about it so they can make the choice (inevitably they'll probably just
click 'accept'...)

Even the hostname check can be problematic - does the user really need
to accept the certificate every time because the name doesn't match?
(I've solved this for mutt by using a cache where I save the hostname
against the certificate fingerprint, mozilla does something similar.)

You also have to be careful with STARTTLS (upgrading to TLS on a
connection) if you want to rely on using TLS through this method.
(e.g. see http://bugs.guug.de/db/12/1284.html).

I'm still missing CRL checking in my mutt/gnutls patch (that's
something that very few people seem to implement, or have enabled when
it is available).

I'm not sure what the summary of this e-mail is, probably that it's
not as easy as it might first look.

-- 
Andrew McDonald
E-mail: andrew@mcdonald.org.uk
http://www.mcdonald.org.uk/andrew/

Reply to:

Follow-Ups:
- Re: RFC: Handling of certificates in Debian
  - From: Brian May <bam@debian.org>

References:
- RFC: Handling of certificates in Debian
  - From: Torsten Landschoff <torsten@debian.org>
- Re: RFC: Handling of certificates in Debian
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: RFC: Handling of certificates in Debian
  - From: Andrew McDonald <andrew@mcdonald.org.uk>
- Re: RFC: Handling of certificates in Debian
  - From: Neil Spring <nspring@cs.washington.edu>

Prev by Date: Re: Bug#158683: ITP: oggasm -- MP3 to Ogg converter
Next by Date: Re: Packages.bz2, Sources.bz2, Contents-*.bz2, oh my
Previous by thread: Re: RFC: Handling of certificates in Debian
Next by thread: Re: RFC: Handling of certificates in Debian
Index(es):
- Date
- Thread