CC'ing openssl developers for their opinions, since I think this behavior better to have consistent or configurable. Description of the problem is here:
http://thread.gmane.org/gmane.network.gnutls.general/1383 В Птн, 03/10/2008 в 17:51 +0200, Simon Josefsson пишет: > Peter Volkov <[EMAIL PROTECTED]> writes: > > [EMAIL PROTECTED] ~ $ /usr/bin/gnutls-cli -V \ > --x509cafile /usr/share/ca-certificates/mozilla/ValiCert_Class_2_VA.crt \ > metasploit.com > gnutls-cli.out > > The certificate chain returned by that server appears to be: > > cert[0] > # Subject's DN: O=metasploit.com,OU=Domain Control > Validated,CN=metasploit.com > # Issuer's DN: C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\, > Inc.,OU=http://certificates.godaddy.com/repository,CN=Go Daddy Secure > Certification Authority,serialNumber=07969287 > > cert[1] > # Subject's DN: C=US,O=The Go Daddy Group\, Inc.,OU=Go Daddy Class 2 > Certification Authority > # Issuer's DN: L=ValiCert Validation Network,O=ValiCert\, Inc.,OU=ValiCert > Class 2 Policy Validation Authority,CN=http://www.valicert.com/,[EMAIL > PROTECTED] > > cert[2] > # Subject's DN: C=US,ST=Arizona,L=Scottsdale,O=GoDaddy.com\, > Inc.,OU=http://certificates.godaddy.com/repository,CN=Go Daddy Secure > Certification Authority,serialNumber=07969287 > # Issuer's DN: C=US,O=The Go Daddy Group\, Inc.,OU=Go Daddy Class 2 > Certification Authority > > As far as I can tell, that isn't a valid certificate chain. The issuer > of the first, end-entity, certificate isn't the subject of the middle > certificate in the chain. It seems as if the final two certificates in > the chain are swapped. > > According to RFC 4346 (earlier TLS specifications contains similar > wording): > > certificate_list > This is a sequence (chain) of X.509v3 certificates. The sender's > certificate must come first in the list. Each following > certificate must directly certify the one preceding it. Because > ^^^^ > certificate validation requires that root keys be distributed > independently, the self-signed certificate that specifies the root > certificate authority may optionally be omitted from the chain, > under the assumption that the remote end must already possess it > in order to validate it in any case. > > So I'd say this is a server configuration error. Simon, I agree that this is configuration issue. But since openssl does validates this chain and people use openssl to check server configuration, I'm not sure what should be done here. Possibly openssl should report about this wrong certificate chain. Or may be gnutls should have option to warn but still validate this chain? Or may be openssl should not validate such chains at all (seems best solution as it's always good to follow RFC's)? P.S. since both openssl and gnutls mailing lists require subscription here are links to subscription forms: http://lists.gnu.org/mailman/listinfo/help-gnutls http://www.openssl.org/support/ -- Peter. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
