Rainer I wonder how a similar problem is handled.
Every so often, I see the performance of https: access go to pot, and when I look, yes there is a multi-megabyte CRL being downloaded before the authentication can complete. I assume that you cannot know what certs you will get, so cannot preload the CRLs so this is an inevitable part of PKI (and one I suspect will become a significant problem). Any idea what happens? Does the TLS exchange get held up? Tom Petch ----- Original Message ----- From: "Rainer Gerhards" <[EMAIL PROTECTED]> To: "Joseph Salowey (jsalowey)" <[EMAIL PROTECTED]>; <[email protected]> Sent: Thursday, May 29, 2008 9:45 AM Subject: Re: [Syslog] Fingerprint/handshake Inline... > -----Original Message----- > From: Joseph Salowey (jsalowey) [mailto:[EMAIL PROTECTED] > Sent: Thursday, May 29, 2008 2:32 AM > To: Rainer Gerhards; [email protected] > Subject: RE: [Syslog] Fingerprint/handshake > > Hi Rainer, > > A TLS alert could be sent by the server indicating the error condition. > Would this help? That's an interesting idea. Let me give it a try. Will provide feedback when I have done this. In any case, if it turns out to be a problem with one library, we may be better of mandating that all verification is done during the handshake... > > Joe > > > -----Original Message----- > > From: Rainer Gerhards [mailto:[EMAIL PROTECTED] > > Sent: Sunday, May 25, 2008 11:46 PM > > To: Joseph Salowey (jsalowey); [email protected] > > Subject: RE: [Syslog] Fingerprint/handshake > > > > Hi Joe, > > > > inline > > > > > -----Original Message----- > > > From: Joseph Salowey (jsalowey) [mailto:[EMAIL PROTECTED] > > > Sent: Friday, May 23, 2008 8:21 PM > > > To: Rainer Gerhards; [email protected] > > > Subject: RE: [Syslog] Fingerprint/handshake > > > > > > The fingerprint check should be done where certificate validation > > would > > > be done. This is typically done within the handshake itself, > > > > I agree to this, but have found this to be problematic with > > some TLS libraries. Of course, that doesn't mean the standard > > needs to change, but I would still like to provide some > > implementation feedback. > > > > With GnuTLS, for example, you can do the final authentication > > only after the handshake [1]. With NSS, it can be done during > > the handshake. As of my understanding, OpenSSL does support > > it after the handshake only (but I have not actually used > > OpenSSL, this is based on my understanding after reading > > doc). This brings me to the conclusion that, at least in some > > environments I may be forced to delay the authentication > > check to after the handshake. > > > [Joe] Its been a while since I used OpenSSL, but if I remember > correctly > they do have hooks in the certificate validation code. [Rainer] >From what I have seen in the doc, this does not permit to do all checks. Most importantly, it looked like I am not able to check the fingerprint and subject name. But fortunately Martin Schütte is using openSSL for his implementation and I hope he can provide feedback on this in the not so distant future. Rainer _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
