On Tue, 6 Jun 2000, Richard Levitte - VMS Whacker wrote:
> From: "RL 'Bob' Morgan" <[EMAIL PROTECTED]>
>
> rlmorgan> There is also the delicate question of exactly what name the
> rlmorgan> app hands to the check algorithm as the target host name.
> rlmorgan> The text below is unambiguous that it must be "what the user
> rlmorgan> typed", not the canonical host name as determined via DNS.
> rlmorgan> This avoids DNS spoofing but raises some serious deployment
> rlmorgan> problems, in particular if a host has lots of aliases.
>
> Hmm? Didin't you just contradict yourself there? Say that the user
> typed in "http://www.foo.com/". www.foo.com is itself a CNAME record
> with the value "foo.com". Should the certificate have a subjectAltName
> containing "www.foo.com" or "foo.com"?
I'm always proud to contradict myself, but I don't see where I
did so in the above paragraph.
Regarding http, big sigh. RFC 2818 on https, which is Informational but
presumably describes recommended current practice, doesn't actually make
this clear. It does say that the hostname likely comes from a URI, which
implies that the name the client matches against is the one in the URI,
but it doesn't explicitly preclude using the DNS-obtained canonical
hostname. It also points out that the input URI is likely not "what the
user typed" but has itself been obtained in some untrusted way, eg
clicking a link on some other unprotected page. RFC 2817 on http/1.1
Upgrade to TLS avoids the issue completely, grumble.
Still, I think the answer to your question has to be "www.foo.com" (or
perhaps "*.foo.com"), since the client should be looking for a match to
the "www.foo.com" in the URI. If the cert says "foo.com", then that's the
name your users should use. Or the cert could say both, and you could
hope that clients know to try to match against both; whether your favorite
commercial cert service would issue one with multiple names in it is also
an interesting question.
> Anyway, for putting the check code in OpenSSL: as the code is
> currently structured, I hardly see a place where this should be. We
> can hardly make it a mandatory thing that is made automagically, since
> as you say, the requirements will vary between applications.
> However, perhaps in some kind of utility library... worth pondering.
Well ... there could be a function that would take an input DNS name and
an indication of whether to honor the wildcard character, and would dredge
thru the cert, dig out the names from subjectAltName or subject, and do
the match. An app could call this after the current verify step; or
perhaps a new verify mode could be added.
- RL "Bob"
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
