I may later regret saying this, but I think back-porting that change from 1.1.0 to 1.0.2 would be the right thing to do. Maybe after back-porting we could ?give a "waiting period" to let users collect experience with it, and either leave it in, or if the complaints are too multiple and too bitter - remove it? Sent?from?my?BlackBerry?10?smartphone?on?the Verizon?Wireless?4G?LTE?network. ? Original Message ? From: Viktor Dukhovni Sent: Saturday, March 12, 2016 14:21 To: openssl-users at openssl.org Reply To: openssl-users at openssl.org Cc: openssl-dev at openssl.org Subject: [openssl-dev] Question: Make X509_V_FLAG_TRUSTED_FIRST default in 1.0.2? On Fri, Mar 11, 2016 at 05:54:57AM +0000, Viktor Dukhovni wrote: > Absent augmentation as a "trusted certificate" for a given purpose, > and with the application not enabling "partial chain" semantics, > intermediate certs from the store just augment missing certificates > from the wire, and should be verified in the same manner. The > changes I want to backport from 1.1.0 ensure identical treatment > of untrusted intermediates regardless of provenance. I have an important question for the list. At present the pending patches to backport from 1.1.0 to 1.0.2 do not change the default chain construction strategy to X509_V_FLAG_TRUSTED_FIRST commit ca9051b136284a96ea6c10ac4efd355cfc4716a0 Author: Viktor Dukhovni <openssl-users at dukhovni.org> Date: Thu Feb 4 01:04:02 2016 -0500 Check chain extensions also for trusted certificates This includes basic constraints, key usages, issuer EKUs and auxiliary trust OIDs (given a trust suitably related to the intended purpose). Note, for this to work consistently, the X509_V_FLAG_TRUSTED_FIRST flag must be set. This is the default in 1.1.0-dev, but is likely too big a change for the 1.0.2 stable release. (Backport from 1.1.0-dev) What this means is that treatment of auxiliary trust "decorations" for intermediate CAs is not predictable unless that flag is explicitly set by the application. IIRC some people have been asking for this flag to become the default (or at least requested its creation). So I'd like to hear whether the above mentioned (pending) commit is the right judgement call, or whether I should go ahead and update X509_V_FLAG_TRUSTED_FIRST to be the default also in the next 1.0.2 release. -- Viktor. -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 4350 bytes Desc: not available URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160313/687c79b4/attachment-0001.bin>
