On Mon, Nov 10, 2014 at 04:46:17PM +0000, Viktor Dukhovni wrote:
> Speaking of testing, the Deploy360 site's list of test servers is
> in need of ongoing maintenance. A noticeable fraction behave
> differently than advertised.
> ;; Passed(depth 1, hostname fedoraproject.org): fedoraproject.org. IN TLSA 0
> 0 1 19400BE5B7A31FB733917700789D2F0A2471C0C9D506C0E504C06C16D7CB17C0
> ;; Passed(depth 0): www.freebsd.org. IN TLSA 3 0 1
> 3F86A1FA85F6E5169CB27BF25C863805EBFD3225A16AADB75587804680992096
> ;; Passed(depth 0): torproject.org. IN TLSA 3 1 1
> 578582E6B4569A4627AEF5DFE876EEC0539388E605DB170217838B10D2A58DA5
> ;; Passed(depth 0): good.dane.verisignlabs.com. IN TLSA 3 0 1
> 0332AA2D58B3E0544B65656438937068BA44CE2F14469C4F50C9CC6933C808D3
> ;; Passed(depth 0): nohats.ca. IN TLSA 3 1 1
> 462573195C86E861ABAB8ECCFBC7F0486958EFDFF9449AC10729B3A0F906F388
> ;; Passed(depth 0): www.nlnetlabs.nl. IN TLSA 3 1 1
> F7DB964ED80ED0773F82A21997B2DCBAE434AE821AB1E3E337AD0CCFBFE2359F
> ;; Passed(depth 0): www.huque.com. IN TLSA 3 0 1
> 0013BEF11B875A58F3B0B1D7A0D439A608277F58433BBB12245B2A28B398C281
As advertised. Mind you there should perhaps be a distinction in
the classification of test sites between sites whose TLSA RRs
actually leverage the CA they're signed by "usage 0, 1 or 2" vs.
sites with a valid CA cert, but DANE-EE TLSA records. This would
separate fedora and freebsd into separate categories.
> ;; Passed(depth 3, hostname jhcloos.com): jhcloos.com. IN TLSA 1 1 1
> 597CC279D90F0FB950B540921C4A76916590A2B7DEDDDDBC353C65337160E1A8
> ;; Passed(depth 0): jhcloos.com. IN TLSA 3 1 1
> 597CC279D90F0FB950B540921C4A76916590A2B7DEDDDDBC353C65337160E1A8
> ;; Passed(depth 4, hostname *.kumari.net): www.kumari.net. IN TLSA 1 0 1
> 8D930A464843E08660E3FD1DDCE8ED4269CC0CD9CD53A8A306BCE8ABCF47AEF5
> ;; Passed(depth 3, hostname dougbarton.us): dougbarton.us. IN TLSA 1 0 2
> F994F42839BE5C864F143A037D4E96BB0F559AD7284C57EA09BF6A69D37C1D8359E57C604BB42A9A56586DB21E700404C38B8152365C03543BBF210A4FE30E08
The jhcloos site is however, in both camps. Above, my code is
misreporting the match depth for usage PKIX-EE(1) reporting the
depth of the cert chain, not the match, I'll fix that shortly.
> ;; Failed: rogue.nohats.ca. IN TLSA 3 0 1
> 0000000000000000000000000000000000000000000000000000000000000000: unable to
> get local issuer certificate: (20)
> ;; Failed: bad-hash.dane.verisignlabs.com. IN TLSA 3 0 1
> 9999999999999999999999999999999999999999999999999999999999999999: certificate
> not trusted: (27)
> ;; Failed: bad-params.dane.verisignlabs.com. IN TLSA 3 119 1
> 0332AA2D58B3E0544B65656438937068BA44CE2F14469C4F50C9CC6933C808D3: error
> processing TLSA RR
> ;; Failed: bad-params.dane.verisignlabs.com. IN TLSA 51 0 1
> 0332AA2D58B3E0544B65656438937068BA44CE2F14469C4F50C9CC6933C808D3: error
> processing TLSA RR
> ;; Failed: bad-params.dane.verisignlabs.com. IN TLSA 3 0 17
> 0332AA2D58B3E0544B65656438937068BA44CE2F14469C4F50C9CC6933C808D3: error
> processing TLSA RR
> DNS Lookup failed: bad-sig.dane.verisignlabs.com IN A ?: SERVFAIL
As advertised.
=== The 5 out of date sites below ===
> ;; Failed: www.statdns.net. IN TLSA 3 0 1
> C1D6431EAB897824E3A767A3CBE3B200D9160B20B0B5684C851C47782787D286: certificate
> not trusted: (27)
This site's TLSA RR asserts a certificate digest that does not
actually match the presented certificate:
$ (sleep 1) |
openssl s_client -connect www.statdns.net:443 2>&1 |
openssl x509 -subject -issuer -dates -sha256 -fingerprint -noout
subject= /C=PL/CN=www.statdns.net/[email protected]
issuer= /C=IL/O=StartCom Ltd./OU=Secure Digital Certificate
Signing/CN=StartCom Class 1 Primary Intermediate Server CA
notBefore=Oct 31 00:37:02 2014 GMT
notAfter=Nov 1 08:02:33 2015 GMT
SHA256
Fingerprint=B8:00:50:18:A6:E7:75:FD:88:76:4B:5B:1D:3D:51:9F:89:1C:01:C7:FE:77:7E:74:A2:CF:22:37:B8:4A:43:B2
Recent key rotation, no corresponding TLSA RR update.
> --- Testing hacklab.to...
> Address records insecure
The hacklab.to zone is unsigned, or if it is signed uses the ISC
DLV, which my tests don't consult. I don't expect DNSSEC resolvers
to generally support the ISC DLV service.
> ;; Failed: www.vulcano.cl. IN TLSA 3 0 1
> 5F301AD10923161E74EC4951C052C97963FEBCCB093019618964D69CAF7B5B34: unable to
> get local issuer certificate: (20)
$ (sleep 1) |
openssl s_client -connect www.vulcano.cl:443 2>&1 |
openssl x509 -subject -issuer -dates -sha256 -fingerprint -noout
subject= /CN=www.vulcano.cl
issuer= /O=CAcert Inc./OU=http://www.CAcert.org/CN=CAcert Class 3 Root
notBefore=Oct 16 13:09:01 2014 GMT
notAfter=Oct 15 13:09:01 2016 GMT
SHA256
Fingerprint=2A:84:22:B0:BE:D6:96:07:AA:EB:7C:1A:75:2A:97:8E:22:EB:3E:C6:12:2E:A0:17:C8:67:89:48:67:36:A8:B0
Recent key rotation, no corresponding TLSA RR update.
> --- Testing dane.nox.su...
> DNS Lookup failed: dane.nox.su IN A ?: SERVFAIL
$ perl ssldane.pl dane.nox.su 443
DNS Lookup failed: dane.nox.su IN A ?: SERVFAIL
Validating "unbound" resolver fails for this domain, a DNSSEC issue.
However, the A record exists, and is visible to non-validating
resolver report:
$ (sleep 1) |
openssl s_client -connect dane.nox.su:443 2>&1 |
openssl x509 -subject -issuer -dates -sha256 -fingerprint -noout
subject= /C=RU/L=Moscow/O=NOX.SU/OU=Supervisors group 7/CN=dane.nox.su
issuer= /C=RU/L=Moscow/O=NOX.SU/OU=Supervisors group 7/CN=dane.nox.su
notBefore=Jul 2 12:19:19 2014 GMT
notAfter=Jul 1 12:19:19 2016 GMT
SHA256
Fingerprint=23:58:E8:10:27:F4:9C:39:47:92:49:93:51:80:30:B3:7F:4B:D6:19:1B:09:7D:44:4E:AF:07:29:FD:61:22:B5
Which matches the published TLSA RR, if one is willing to ignore
the signature problem.
$ dig +noall +ans -t TLSA _443._tcp.dane.nox.su
_443._tcp.dane.nox.su. IN TLSA 3 0 1
2358E81027F49C3947924993518030B37F4BD6191B097D444EAF0729FD6122B5
> ;; Failed: rover.secure64.com. IN TLSA 3 0 1
> D7D680E82EDA59B910D4CF37EC8398432251650A176A20E08ABE45DA728266EF: self signed
> certificate: (18)
$ (sleep 1) |
openssl s_client -connect rover.secure64.com:443 2>&1 |
openssl x509 -subject -issuer -dates -sha256 -fingerprint -noout
subject= /CN=ubuntu
issuer= /CN=ubuntu
notBefore=May 29 21:18:25 2012 GMT
notAfter=May 27 21:18:25 2022 GMT
SHA256
Fingerprint=5D:D8:53:6B:3F:6C:0D:FB:7D:CC:14:B0:AA:18:0A:13:D1:80:05:ED:CB:45:26:18:D5:4A:01:BB:69:AC:ED:9A
Certificate unrelated to TLSA RR.
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
