On Sat, Oct 27, 2012 at 11:00 AM, Alban D. <blan...@gmail.com> wrote: > Hi everyone, > > iSEC Partners just released a paper that provides detailed guidelines > and sample code on how to properly do certificate validation with > OpenSSL: > http://www.isecpartners.com/blog/2012/10/14/the-lurking-menace-of-broken-tls-validation.html > > It is not trivial and so I thought this reference material could be > useful to people on this mailing list.
] Most applications only have to connect to one or a few application ] servers. Therefore, the trust store should only contain the CA ] certificates needed to connect to those servers. Restricting the list ] of trusted CA certificate in such way is a security practice called ] certificate pinning." I don't believe this is correct. One does not "pin" a CA's certificate when using SSL/TLS (and VPN) with a Public CA Hierarchy. Suppose you are pinning a CA that gets compromised. The bad guy can the (1) generate spurious certificate for a legitimate site, and (2) sign with the compromised CA. Your program would accept the site's certificates as valid. Or suppose a CA decides to issue a Subordinate CA to allow SSL/TLS traffic interception. Again, your program would chose to accept. We've already seen these things happen with Diginotar (http://en.wikipedia.org/wiki/DigiNotar) and Trustwave (http://blog.spiderlabs.com/2012/02/clarifying-the-trustwave-ca-policy-update.html and https://bugzilla.mozilla.org/show_bug.cgi?id=724929).). When discussing pinning with a public ca hierarchy, one pins either (1) the host's public key, or (2) the host's X509 certificate. Pinning a host's public key is nearly the same as StrictHostKeyChecking in SSH. Note: Google rotates its certificates regularly, but does not rotate its public keys. So you would definetly wnt to pin public keys (rather than certificates) for encrypted.google.com, gmail.com, etc. Pinning the public key (or certificate) leverages the pre-exsiting relationship to identify the host in question (this is all about identity). Jeff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
