Re: [TLS] Eleven out of every ten SSL certs aren't valid

[Rob P Williams <rwilliams@certicom.com>]

Two comments, one on protocol, one on research...

Protcol:
========

RFC 3546 (3.1):
   If the server understood the client hello extension but does not
   recognize the server name, it SHOULD send an "unrecognized_name"
   alert (which MAY be fatal).

Asking www.goolemail.com for www.oracle.com proceeds with mail.google.com's certificate...

Martin's example of www.gmex.net sends a html forward to www.gmex.de using www.gmex.de's certificate...

SNI has the mechanism to say:
	Not me!   - which Google Mail isn't using...

SNI should have the mechanism to do what GMEX is doing - but doesn't.
	Client Hello: Give me www.gmex.de
	Server Hello: Let's use RSA!, ps: but you should try www.gmex.net 

Browsers could then make a more informed choice then just a "this site is bad" page.



Let's draft SNI(II)!!!



Research:
=========

What steps are being taken to verify that 'valid' ssl is even intended?

The www.oracle.com example is perfect. Oracle doesn't have an SSL site so you get an Akamai certificate - and your browser says, "This is not trusted" - which is correct!

I wonder how different your numbers are when the IP address is reversed and compared again to the certificate. That's one way to measure lack of intent to have an SSL site.

Test servers that we host have self signed certificates with various key sizes and curves... We do not intend for them to be trusted. A regular user who has no interest in TLS interop getting a non-trusted warning from these test servers is a good thing. All the test sites out there are skewing your numbers.

It appears like the people at www.gmex.de intend for people to access them as www.gmex.net - that's why they bought the www.gmex.net certificate...

If you are trying to prove that lots of people don't intend to have SSL on their website, or have it accessed the way your tried - then you could well be on the road to achieving that goal.

These sound like numbers intended to scare people. If you are going to publish without the first paragraph mentioning that "100% of modern browsers will alert a user to configuration issues that are detected herein" - then... what's your point?



--
rob | Team Lead, Certicom Java Toolkits
Certicom Corp. | A subsidiary of Research In Motion Limited

rwilliams@certicom.com
www.certicom.com


















-----Original Message-----
From: tls-bounces@ietf.org [mailto:tls-bounces@ietf.org] On Behalf Of Adam Langley
Sent: Tuesday, June 29, 2010 10:12 AM
To: mrex@sap.com
Cc: tls@ietf.org
Subject: Re: [TLS] Eleven out of every ten SSL certs aren't valid

On Tue, Jun 29, 2010 at 9:50 AM, Martin Rex <mrex@sap.com> wrote:
> Try "www.oracle.com", "www.googlemail.com", "www.gmx.de".
> You can get correct answers for "mail.google.com" and "www.gmx.net".

You should get a correct certificate for www.googlemail.com if you
present a Server Name Indication extension.


AGL
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

---------------------------------------------------------------------
This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.