On Thu, Oct 24, 2013 at 07:59:46AM +0200, Tobias Reckhard wrote:
> > Support for public key fingerprints was added in Postfix 2.9, ...
>
> This is stated at the beginning of the section dealing with
> fingerprints. Further down, where the actual openssl commands are noted,
> there is no such note. I'm not saying there should be one there, but had
> there been one, I probably wouldn't have picked the wrong set of commands.
I'll keep that in mind for the next documentation review. You can
submit documentation patches (as I was recently reminded, after
passing the final documents through an HTML validator).
> >> [...] certificate fingerprint [...] and public-key fingerprints being
> >> [...] mutually exclusive.
> >
> > They are not mutually exclusive.
>
> Ah, OK, thanks for the clarification.
That is a "match=..." attribute in a tls policy table fingerprint
entry will match either the peer public key or the peer certificate.
Assuming that 2nd-preimage attacks on your digest function are
computationally infeasible (still true IIRC even for md5), there
is no risk of confusion. An attacker should not be able to
independently construct a certificate with the same digest as a
given public key or a public key with the same digest as a given
certificate. All known collision attacks against md5 are I believe
extension attacks where two messages are built with a common prefix.
--
Viktor.
