On 04/02/2012 03:54 PM, Russ Allbery wrote: > You definitely want class 0 and class 2 certs hashed into the same > directory under nearly all circumstances that don't involve being very > paranoid about the CAs that you accept, since that allows the OpenSSL > CAdir directive to work properly and is WAY easier to maintain.
I'm not convinced that you want class 2 mixed with class 0 in most
cases. Class 2 certs are used for authentication of your own services;
A web server might authenticate clients via your organization's private
CA, for example, while serving your own certificate that is certified by
a member of the standard cartel to avoid "errors" in common browsers.
In this case, mixing class 0 and class 2 would be a serious mistake
(because the web server would then accept client certificates issued by
the public authority).
> It is often nice to have class 1 certs in the same location for the same
> reason, although not quite as important.
Class 1 certs almost certainly do not belong in this category, since
they are generally not intended for use as a certificate authority.
The X.509 conceptual framework is pretty confusing already, and
encouraging admins to conflate service certificates with CA
certificates. It seems like a bad idea to me to mix them.
Consider also the case of the depleted OpenSSL PRNG seed from 2008 -- if
the local machine's key was one of the vulnerable ones, and it was
trusted as a legitimate authority by being placed in this list, then
both sides of a mutually-authenticated connection could be MITMed.
--dkg
signature.asc
Description: OpenPGP digital signature
