On Thursday, April 06, 2017 18:39:26 Kai Engert wrote: > On Thu, 2017-04-06 at 09:29 -0700, Adam Williamson wrote: > > On Thu, 2017-04-06 at 18:22 +0200, Kai Engert wrote: > > > I would like to make you aware that the certificate validation of > > > openssl > > > isn't > > > as complete as in NSS. > > > > > > For example, NSS is able to handle the blacklisted/distrusted CAs, which > > > have > > > been published by Mozilla, and are being made available as part of the > > > ca- > > > certificates package, while I believe openssl isn't. > > > > > > In addition, a few CA distrust mechanisms have been implemented at the > > > NSS > > > code > > > level, and no equivalent mechanisms are currently being implemented at > > > the > > > openssl level [1]. > > > > I don't believe this is accurate. There is an extended certificate > > format which OpenSSL will accept which allows you to indicate specific > > trust or *dis*trust of a given certificate for specific purposes. You > > could, I think, use this format to produce a certificate file which > > basically says "I distrust this CA certificate for all purposes". > > > > I wrote a bit about this at > > https://www.happyassassin.net/2015/01/16/openssl-trust-and-purpose/ . > > > > Corrections welcome, of course... > > The ca-certificates package indeed produces two versions of the PEM format > files, one as a simple list of CAs, and another version that uses the BEGIN > TRUSTED CERTIFICATE file format, which includes the distrust flags. > > A couple of year ago, I had filed a bug to request that the openssl library > default is switched to make use of this advanced format: > https://bugzilla.redhat.com/show_bug.cgi?id=873373 > > However, that bug is still in NEW state, so I guess it depends on the > individual applications, if they use the list that includes distrust > information. > > Which one is libcurl using? Although we build libcurl against NSS now, it loads the same CA bundle as if we built it against OpenSSL: /etc/pki/tls/certs/ca-bundle.crt So I doubt it could actually take advantage of those extra flags. If you have a reproducer at hand, you can give it a try. > Even if you switch that to the distrust list, you still don't get the > partial distrust, which may be implemented at the NSS code level (such as > date based distrust for StartCom/WoSign roots, and the domain constraints > for some CA). You say "may be implemented at the NSS code level". Do I understand it correctly that NSS currently does not implement the date based distrust and the domain constraints? Kamil > Kai _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
