Re: [xmpp] Clarification of TLS Identity checking in draft-ietf-xmpp-3920bis
Kevin Smith <kevin@kismith.co.uk> Wed, 16 March 2011 09:50 UTC
Return-Path: <k.i.smith@gmail.com>
X-Original-To: xmpp@core3.amsl.com
Delivered-To: xmpp@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E74403A690E for <xmpp@core3.amsl.com>; Wed, 16 Mar 2011 02:50:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.377
X-Spam-Level:
X-Spam-Status: No, score=-2.377 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, J_CHICKENPOX_83=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eIiQ879h5yDn for <xmpp@core3.amsl.com>; Wed, 16 Mar 2011 02:50:26 -0700 (PDT)
Received: from mail-qw0-f44.google.com (mail-qw0-f44.google.com [209.85.216.44]) by core3.amsl.com (Postfix) with ESMTP id ED6BD3A68FC for <xmpp@ietf.org>; Wed, 16 Mar 2011 02:50:25 -0700 (PDT)
Received: by qwg5 with SMTP id 5so1325581qwg.31 for <xmpp@ietf.org>; Wed, 16 Mar 2011 02:51:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:reply-to:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to:cc :content-type:content-transfer-encoding; bh=HTTnOfPLUlHLDFzuDJlaeZeFoxIQgevH7rOBrQnkaIk=; b=AMTL03hbJekHTaPz9hpCQb5VmGfSNvVaHNoSKsIJf+uiLUcGnhOhhAZiPJVwcykZ6V /O3y8vO55tSTAISNgdh5q/BvcUE/j6phdNaw1nKViSh840JQ28xpUyL3gj+ENzAz0mPL km1/86eSOFBUIn/AE+1kv/zrtbUSsD4ji9xUY=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:reply-to:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=dyT0bkf13ArZQB/tnpVl9mp3STTyFF1Ugl0Jvsz0rRbwKxI16AGz6AO3+KbLRogQa5 8EBbVewi78V+Z1W0ziGAuHIZk+QNI6iXrwzuyPMrQqlkxOj6BxMT1qtzCA8II8PgPUnC 7WHDojOTlL2xq4uiF6nZJEvkxexAeZajnNr9s=
MIME-Version: 1.0
Received: by 10.229.45.3 with SMTP id c3mr364472qcf.249.1300268665607; Wed, 16 Mar 2011 02:44:25 -0700 (PDT)
Sender: k.i.smith@gmail.com
Received: by 10.229.238.129 with HTTP; Wed, 16 Mar 2011 02:44:25 -0700 (PDT)
In-Reply-To: <4D808570.20405@collabora.co.uk>
References: <C9A3FBEC.4D471%joe.hildebrand@webex.com> <4D7EA297.1020304@babelmonkeys.de> <4D7ED1C8.4050201@stpeter.im> <4D808570.20405@collabora.co.uk>
Date: Wed, 16 Mar 2011 09:44:25 +0000
X-Google-Sender-Auth: icgBPs0vKzTxAVZBFC_FJw_K6iE
Message-ID: <AANLkTin2AYwdfJxydea4p=Joq=nqWdiF7wGyheKeoJV7@mail.gmail.com>
From: Kevin Smith <kevin@kismith.co.uk>
To: Stef Walter <stefw@collabora.co.uk>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: xmpp@ietf.org
Subject: Re: [xmpp] Clarification of TLS Identity checking in draft-ietf-xmpp-3920bis
X-BeenThere: xmpp@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: kevin@kismith.co.uk
List-Id: XMPP Working Group <xmpp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/xmpp>, <mailto:xmpp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/xmpp>
List-Post: <mailto:xmpp@ietf.org>
List-Help: <mailto:xmpp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/xmpp>, <mailto:xmpp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2011 09:50:27 -0000
On Wed, Mar 16, 2011 at 9:40 AM, Stef Walter <stefw@collabora.co.uk> wrote: > Hmmm, thunderbird hid this thread inside of an unrelated one :/ > > On 03/15/2011 03:41 AM, Peter Saint-Andre wrote: >> So yes, it is true that in some circumstances a user might configure his >> IM client with two things: >> >> 1. The domain name of the application service, which is the domainpart >> of his JID, such as romeo@montague.lit => montague.lit; this is the >> "source domain". >> >> 2. A "hardcoded" hostname that he has explicitly assocated with the >> domainpart of your JID, such as apps.shakespeare.lit; this is the >> "target domain". >> >> However, for the purposes of checking the identity of the application >> service when connecting via TLS, Romeo's client would check to see that >> the service presents a certificate that says it is "montague.lit" >> (unless he overrides the checks or explicitly approve of connecting to >> "apps.shakesepeare.lit"). >> >> Please understand that 99% of users will never see such a configuration >> option and that they don't know anything about apps.shakespeare.lit or >> some special hostname that they're connecting to -- all that they know >> is that they're trying to connect to montague.lit (if they even know >> this, because lots of people just think that they're trying to connect >> to "Shakespeare" or even "that IM thing" -- if you doubt it, I recommend >> that you run your own public IM service, because it can be quite >> enlightening). > > Sadly this isn't a corner case. It's the case with widely deployed XMPP > systems such as Google talk, which uses virtual hosting extensively as > part of google apps. And it seems that many XMPP clients take a > "hardcoded" or configured hostname into account when verifying the > certificate. > > The Google Talk certificate does not contain the domainpart of the JID > at all, and contains the "hardcoded" hostname instead. In this setup > there are tens of thousands of different XMPP domains all using the same > certificate. > > This may seem strange, broken or annoying but represents a massive > deployment. So it turns out that far more users than you might expect > will see such a configuration option, and will see these certificate > warnings. > > From a security perspective the hardcoded or configured hostname is user > input and can be used in identity checks. So client app developers have > two options: > > * Throwing up a "cop out" certificate dialog and tossing the entire > security decision in the lap of the user. > > * Using all the user's input (not just the JID) to generate reference > identifiers to use to verify the certificate. > > If these were corner cases, and 99% of users would never run into this, > then I'd tend to agree with you, but this is a widely deployed > configuration on virtually hosted XMPP servers. This is mixing two ideas - yes, GTalk has many many hosted domains and isn't presenting 'valid' certificates for them. However, in none of these cases should the user be specifying a hard-coded hostname - that just implies that their DNS setup is broken. Virtual hosting - common Manually specifying connection hosts - rare. /K
- [xmpp] Clarification of TLS Identity checking in … Stef Walter
- Re: [xmpp] Clarification of TLS Identity checking… Florian Zeitz
- Re: [xmpp] Clarification of TLS Identity checking… Peter Saint-Andre
- Re: [xmpp] Clarification of TLS Identity checking… Joe Hildebrand
- Re: [xmpp] Clarification of TLS Identity checking… Florian Zeitz
- Re: [xmpp] Clarification of TLS Identity checking… Florian Zeitz
- Re: [xmpp] Clarification of TLS Identity checking… Justin Karneges
- Re: [xmpp] Clarification of TLS Identity checking… Peter Saint-Andre
- Re: [xmpp] Clarification of TLS Identity checking… Peter Saint-Andre
- Re: [xmpp] Clarification of TLS Identity checking… Peter Saint-Andre
- Re: [xmpp] Clarification of TLS Identity checking… Florian Zeitz
- Re: [xmpp] Clarification of TLS Identity checking… Florian Zeitz
- Re: [xmpp] Clarification of TLS Identity checking… Peter Saint-Andre
- Re: [xmpp] Clarification of TLS Identity checking… Florian Zeitz
- Re: [xmpp] Clarification of TLS Identity checking… Stef Walter
- Re: [xmpp] Clarification of TLS Identity checking… Stef Walter
- Re: [xmpp] Clarification of TLS Identity checking… Kevin Smith
- Re: [xmpp] Clarification of TLS Identity checking… Stef Walter