On 15/01/15 14:21, Matt Caswell wrote: > > > On 15/01/15 14:13, Fedor Indutny wrote: >> Hello! >> >> During the course of deprecation of stale 1024bit CA certs, >> node.js and io.js project teams have identified the problem with >> how OpenSSL client handles the server's certificate chain. It is >> quite evident that it ignores certificate store and loads issuer >> from the chain that was received. This leads to the problems with >> AWS and probably other service providers who sent the stale >> **alternative** certificate chain with same serial numbers, but >> 1024bit CA certificates. >> >> I have already tried proposing a solution to the OpenSSL team: >> >> https://www.mail-archive.com/openssl-dev@openssl.org/msg37721.html >> >> But one of the node.js contributors we have found this commit (from 2010): >> >> https://github.com/openssl/openssl/commit/db28aa86e00b9121bee94d1e65506bf22d5ca6e3 >> >> The main question that I have is: >> >> Is it safe to float this patch on top of 1.0.1k and use it? From >> my knowledge of code it appears to be pretty harmless, however >> the fact that it wasn't backported in 5 years makes me wonder if >> it was considered safe after all. > > There are some concerns about the performance of trusted_first. > Successful certificate look ups are cached, whilst failed ones are not. > Therefore using trusted_first *could* have an adverse impact. > > This issue is currently under discussion within the dev team. I have an > alternative patch that addresses the same issue in a different way. > Essentially it works in a similar way to that which you proposed in > RT3637. However I have some issues with that patch, so I've done it > slightly differently. > > RT3621 is also relevant here.
I should add that in any case this functionality would never be backported to 1.0.1 (only considered for future versions). 1.0.1 is a stable release and only sees bug fixes. This would be considered a feature and a significant change to the way certificates are verified. Matt _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
