On Thu, Jan 21, 2016 at 09:38:24PM -0500, Jehiah Czebotar wrote: > Because the server initiating the validation request is presenting the > full ServerName expected back, it is thus untrusted and can not be > used to imply any relation to the party requesting validation. It is > possible to configure a server that generates certificates on-the-fly > to match the ServerName presented, and thus passing ALL tls-sni-01 > validation attempts. An example of such a server is > https://gist.github.com/jehiah/a5b508b8f4efad08e67a
This is certainly possible, and a reason to spec tls-sni-02 to fix the issue. For purposes of scheduling deprecatio of tls-sni-01, do we know of any deployed implementations that have done things that way? Making the cert in response to the SNI request is usually going to be a bit more involved, TLS-library-wise, than making it when the socket starts listening. If nobody has deployed mid-handshake cert generation, we can be a bit more gradual with the tls-sni-01 deprecation schedule. -- Peter Eckersley [email protected] Chief Computer Scientist Tel +1 415 436 9333 x131 Electronic Frontier Foundation Fax +1 415 436 9993 _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
