Re: [TLS] Verifying X.509 Certificate Chains out of order

pgut001@cs.auckland.ac.nz (Peter Gutmann) Tue, 07 October 2008 03:12 UTC

Return-Path: <tls-bounces@ietf.org>
X-Original-To: tls-archive@ietf.org
Delivered-To: ietfarch-tls-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 505F33A6A8F; Mon, 6 Oct 2008 20:12:18 -0700 (PDT)
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A05893A6A8F for <tls@core3.amsl.com>; Mon, 6 Oct 2008 20:12:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.474
X-Spam-Level:
X-Spam-Status: No, score=-5.474 tagged_above=-999 required=5 tests=[AWL=1.125, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uBWDnlpg0kEg for <tls@core3.amsl.com>; Mon, 6 Oct 2008 20:12:15 -0700 (PDT)
Received: from mailhost.auckland.ac.nz (moe.its.auckland.ac.nz [130.216.12.35]) by core3.amsl.com (Postfix) with ESMTP id CDE2C3A684D for <tls@ietf.org>; Mon, 6 Oct 2008 20:12:14 -0700 (PDT)
Received: from localhost (localhost.localdomain [127.0.0.1]) by mailhost.auckland.ac.nz (Postfix) with ESMTP id 435264816B1; Tue, 7 Oct 2008 16:12:51 +1300 (NZDT)
X-Virus-Scanned: by amavisd-new at mailhost.auckland.ac.nz
Received: from mailhost.auckland.ac.nz ([127.0.0.1]) by localhost (moe.its.auckland.ac.nz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bBDwm-By9YoP; Tue, 7 Oct 2008 16:12:51 +1300 (NZDT)
Received: from iris.cs.auckland.ac.nz (iris.cs.auckland.ac.nz [130.216.33.152]) by mailhost.auckland.ac.nz (Postfix) with ESMTP id DEE8D48168E; Tue, 7 Oct 2008 16:12:49 +1300 (NZDT)
Received: from wintermute01.cs.auckland.ac.nz (wintermute01.cs.auckland.ac.nz [130.216.34.38]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by iris.cs.auckland.ac.nz (Postfix) with ESMTP id 9EA6119EC0BA; Tue, 7 Oct 2008 16:12:46 +1300 (NZDT)
Received: from pgut001 by wintermute01.cs.auckland.ac.nz with local (Exim 4.63) (envelope-from <pgut001@wintermute01.cs.auckland.ac.nz>) id 1Kn30A-0007Qt-Gs; Tue, 07 Oct 2008 16:12:46 +1300
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: martin.rex@sap.com
In-Reply-To: <200810061909.m96J9axT010938@fs4113.wdf.sap.corp>
Message-Id: <E1Kn30A-0007Qt-Gs@wintermute01.cs.auckland.ac.nz>
Date: Tue, 07 Oct 2008 16:12:46 +1300
Cc: simon@josefsson.org, tls@ietf.org
Subject: Re: [TLS] Verifying X.509 Certificate Chains out of order
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tls-bounces@ietf.org
Errors-To: tls-bounces@ietf.org

Martin Rex <Martin.Rex@sap.com>; writes:

>All implementations that seriously care about (server) performance ought to
>fail with an unordered certificate_list (and not try to reorder themselves).
>Our OEM implementation does care.

Wow, how on earth did you manage to come up with an implementation where the
overhead of doing this even registers?  It's not as if you're bubble-sorting a
million-entry database, it's typically three certs and the "sort" is swapping
a '->nextCert' pointer.

Another issue is that some implementations aren't purely SSL but are general- 
purpose security libraries that handle bag-o-certs as an abstraction for 
several security protocols.  In my code for example it's actually more work 
not to sort than to sort because I'd have to include special-case handling for 
situations where the certs might already be sorted, passing around extra 
parameters to control this, more code-flow paths to test, etc.

Peter.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls