Hi all,
By default the SSLSocket does not perform any server identity checks.
This means that unless the user explicitly enables the checks, the
connection will be vulnerable to man-in-the-middle attacks. Examples
of vulnerable implementation can be found in the Java documentation,
example links:
https://docs.oracle.com/javase/jp/11/security/sample-code-illustrating-secure-socket-connection-client-and-server.html#GUID-AA1C27A1-2CA8-4309-B281-D6199F60E666
https://docs.oracle.com/javase/8/docs/technotes/guides/security/jsse/samples/sockets/client/SSLSocketClient.java
(the code samples are from older JDK releases, but even the recent
releases link to them).
Simplified version of the code from the above examples follows:
SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault();
SSLSocket socket = (SSLSocket)factory.createSocket("www.verisign.com", 443);
socket.startHandshake();
In order to enable the identity checks, the user has to add the
following code before starting the handshake:
SSLParameters params = new SSLParameters();
params.setEndpointIdentificationAlgorithm("HTTPS");
socket.setSSLParameters(params);
Without the added code, the client will happily accept server
certificates that are not related to verisign in any way, as long as
they are issued by a trusted CA. Thanks to letsencrypt.org, anyone can
get such a certificate for free.
This situation is less than ideal. It's way too easy to forget that
the identity checks are not done.
I think we should run the HTTPS-like identity checks by default, and
let the users opt out if indeed they want to run their own identity
checks. Thoughts?
Regards,
Daniel
