On certificates and validation

Michael Lazar lazar.michael22 at gmail.com
Thu Nov 26 18:41:11 GMT 2020

Previous message (by thread): On certificates and validation
Next message (by thread): On certificates and validation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Nov 26, 2020 at 6:02 AM Björn Wärmedal <bjorn.warmedal at gmail.com>
wrote:
>
> > Ssh doesn't expire its keys, and isn't worse for that.
>
> This is the analogue I was looking for. SSH doesn't care about Common
> Name or other cruft in the cert, either.
>
> I agree that some sort of sanity check is nice, but at the same time I
> have trouble finding a philosophical or practical reason for doing any
> sort of validation on first use, and any beyond "same as last time" on
> subsequent visits.
>
> Yes, Drew says I should. But are there any arguments supporting that
position?
>

I fully agree that the expiration date is useless in TOFU schemes. I brought
this up on the mailing list a while ago and I didn't see any rebuttals that
really convinced me otherwise. The mailing list settled on recommending a
long
expiration times of several years, but that was just dodging the fundamental
problem IMO. I think it will still take folks a while to come around to this
conclusion. Thank you for giving me some hope :)

I didn't make the logical jump at the time, but certificate hostnames are
similarly useless in TOFU for the same reason. They don't verify anything
since
they can be trivially forged.

On Thu, Nov 26, 2020 at 8:04 AM Drew DeVault <sir at cmpwn.com> wrote:
> These are configurable parameters. If they are configured incorrectly,
> then we should reject the certificate. Someone may have configured them
> with an expiration, for example, by design, knowing that their server
> would soon disappear, and that certificate reuse signals that something
> stinky is going on.

The expiration date does not protect against anything in this scenario. An
attacker can trivially generate a new certificate to send to the client if
they see the old one has expired.

> Or the common name could be set because the admin
> has chosen to set up their own certificate authority, perhaps complete
> with signed client-side certificates, and the common name is used to
> strongly identify the server.

Now you're talking about CA verified certificates. There's nothing wrong
with
using self-signed CAs, but it's a completely different security model than
TOFU and shouldn't be confused with it.

- Michael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.orbitalfox.eu/archives/gemini/attachments/20201126/f8b64432/attachment-0001.htm>

Previous message (by thread): On certificates and validation
Next message (by thread): On certificates and validation
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list