| 1 |
Mick <michaelkintzios@×××××.com> writes: |
| 2 |
|
| 3 |
> On Sunday 06 Sep 2015 03:45:26 lee wrote: |
| 4 |
>> Mick <michaelkintzios@×××××.com> writes: |
| 5 |
>> > On Saturday 05 Sep 2015 14:06:27 lee wrote: |
| 6 |
> |
| 7 |
>> >> What's the solution for a server which can be reached by different fqdns |
| 8 |
>> >> and IPs? What if the fqdns and IPs it can be reached by change over the |
| 9 |
>> >> lifetime of the certificates? |
| 10 |
>> > |
| 11 |
>> > If we are talking about changing subdomains, e.g. |
| 12 |
>> > mailserver1.mydomain.com and mailserver2.mydomain.com then you could use |
| 13 |
>> > a wildcard CN field descriptor in your certificate: *.mydomain.com |
| 14 |
>> |
| 15 |
>> just different fqdns and IPs with which the server can be reached during |
| 16 |
>> the lifetime of the certificate (which is only 10 years) |
| 17 |
>> |
| 18 |
>> Can you foresee all possible fqdns and IPs it might have in the next 10 |
| 19 |
>> years? |
| 20 |
> |
| 21 |
> OK, 10 years is rather long for a common certificate. In this case you should |
| 22 |
> consider setting up your own CA key and CA certificate, with which you sign |
| 23 |
> the server certificates. Server certificates can expire and/or be revoked, |
| 24 |
> you can update and publish a CRL, but the CA certificate will remain valid for |
| 25 |
> 10 years. |
| 26 |
|
| 27 |
I made it 10 years because you have to set a duration, and I didn't want |
| 28 |
to be bothered with certificates expiring. But I understand that I've |
| 29 |
been doing it kinda wrong because it would have been better to make a CA |
| 30 |
certificate which could be valid for a long time and sign certificates |
| 31 |
with it which don't last that long. |
| 32 |
|
| 33 |
Can I somehow deploy some sort of centralized infrastructure for clients |
| 34 |
to automatically get the CA certificates from? Otherwise, I would need |
| 35 |
to import the CA certificate for every user manually. |
| 36 |
|
| 37 |
> [...] |
| 38 |
> |
| 39 |
>> I think it would be retarded to bind a certificate to a fqdn or IP. Both |
| 40 |
>> can change at any time. It's the certificate that counts and which can |
| 41 |
> [...] |
| 42 |
> |
| 43 |
> Sure, but (although you could) gpg is not usually used to secure the |
| 44 |
> connection to a server. A server's identity is interlinked with its domain |
| 45 |
> name, or IP address. The identity for gpg is linked to the email address of |
| 46 |
> its owner. You wouldn't sign/encrypt your work's email with the gpg key for |
| 47 |
> your private email address. |
| 48 |
|
| 49 |
With gpg, the linkage to an email address was introduced a long time ago |
| 50 |
to make it easy to determine from an email address which key to use. |
| 51 |
Back then, people usually did have no more than one email address, |
| 52 |
perhaps another one at their work place, and most people didn't have any |
| 53 |
email addresses at all. |
| 54 |
|
| 55 |
That has changed. However, even back then, the email address wasn't |
| 56 |
used to identify a person. You could only know that, with a great deal |
| 57 |
of likelyness, an email --- sent from whatever email address --- was |
| 58 |
sent by a particular person when it was signed or encrypted with the key |
| 59 |
you definitely knew was that particular person's key. |
| 60 |
|
| 61 |
That has *not* changed. The same principle applies to certificates. |
| 62 |
|
| 63 |
So what sense does it make for a certificate to be linked to an FQDN or |
| 64 |
IP? None of those necessarily identify a particular server. If they |
| 65 |
did, the only purpose of certificates would be to assist encryption, and |
| 66 |
they wouldn't have anything to do with identification. --- You're using |
| 67 |
gmail (which I won't because of privacy concerns): Can you be sure that |
| 68 |
you connect to the same server every time you receive or send your |
| 69 |
emails? You probably don't. |
| 70 |
|
| 71 |
The underlying idea is trust. If you trust a CA --- and I don't see any |
| 72 |
particular reason to trust any of the CAs seamonkey knows by default and |
| 73 |
most, if not all of which, I've never even heard about --- a certificate |
| 74 |
signed by it is accepted without asking you. |
| 75 |
|
| 76 |
Is that good or bad? Back then, when I used gpg, I had my key signed by |
| 77 |
people I met personally and signed theirs. We would know by the fact |
| 78 |
that the key was used, not by any particular email address. |
| 79 |
|
| 80 |
So the identity for gpg is *not* linked to the email address of its |
| 81 |
owner. Nobody prevents you from encrypting or signing an email with your |
| 82 |
key and sending it from an arbitrary email address. Recipients may only |
| 83 |
conclude that it was you who sent the email by verifying that your key |
| 84 |
was used, and first they have to trust that this key is actually yours. |
| 85 |
You may need to explicitly specify the key-ID or an email address to |
| 86 |
tell gpg which key to use when you do that. |
| 87 |
|
| 88 |
Same goes for certificates, and there's no point in linking them to |
| 89 |
FQDNs/IPs. If they are linked for the practical reason to figure out |
| 90 |
which certificate to use, like gpg can use an email address to figure |
| 91 |
out which key to use, then I'd say that a better way needs to be found |
| 92 |
to do that. Similar to a key-ID specific to a key, certificates could |
| 93 |
have a certificate-ID --- perhaps they already do. |
| 94 |
|
| 95 |
>> > If we are talking about a multidomain certificate, then you would have |
| 96 |
>> > the main domain name in CN and add all the remaining domain names in the |
| 97 |
>> > subjectAltName field. |
| 98 |
>> > |
| 99 |
>> > For example: |
| 100 |
>> > |
| 101 |
>> > [req] |
| 102 |
>> > req_extensions = v3_req |
| 103 |
>> > |
| 104 |
>> > [ v3_req ] |
| 105 |
>> > |
| 106 |
>> > # Extensions to add to a certificate request |
| 107 |
>> > [snip...] |
| 108 |
>> > |
| 109 |
>> > subjectAltName = @alt_names |
| 110 |
>> > |
| 111 |
>> > [alt_names] |
| 112 |
>> > DNS.1 = mydomain.com |
| 113 |
>> > DNS.2 = mydomain.net |
| 114 |
>> > DNS.3 = www.mydomain.com |
| 115 |
>> > DNS.4 = mx.sub.mydomain.com |
| 116 |
>> > DNS.5 = mx.someotherdomain.com |
| 117 |
>> > IP.1 = 123.456.78.9 |
| 118 |
>> > IP.2 = 987.654.32.1 |
| 119 |
>> > |
| 120 |
>> > You could specify the same on the CLI when you are generating the self |
| 121 |
>> > signed certificate. |
| 122 |
>> |
| 123 |
>> At least that's possible. How would I add that without changing the |
| 124 |
>> existing certificate? I don't want to irritate the users, don't want to |
| 125 |
>> have the phone calls about it and don't want trouble with the odd client |
| 126 |
>> which happens to have been updated and refuses to accept the certificate |
| 127 |
>> ... |
| 128 |
>> |
| 129 |
>> See what I mean? It's impractical. |
| 130 |
> |
| 131 |
> Yes. It could be impractical at this stage, because the architecture of your |
| 132 |
> PKI has to change. |
| 133 |
> |
| 134 |
> However, you can treat your existent self-signed certificate as a CA and use |
| 135 |
> it to sign other certificates which contain different IP addresses, fqdns, |
| 136 |
> etc. depending on the server(s) in question. |
| 137 |
> |
| 138 |
> If your clients have accepted your self-signed certificate as a CA, then it |
| 139 |
> should not cause a problem. |
| 140 |
|
| 141 |
When I look at one of the CA certificates seamonkey shows me, I don't |
| 142 |
see any specific FQDN or IP involved. Am I to understand that a CA |
| 143 |
certificate is like what I kinda wanted in the first place, i. e. something |
| 144 |
like a certificate which identifies an organization (rather than a |
| 145 |
device operated by the organization)? And that the CA certificate can |
| 146 |
be used (by the organization) to, well, certify that a particular device |
| 147 |
it operates is operated by the organisation by creating a certificate |
| 148 |
for the device and signing it with the CA certificate? |
| 149 |
|
| 150 |
If that is so, then why should I need or use one certificate for each |
| 151 |
device --- or for each service? I'm certifying myself that this is the |
| 152 |
particular organisation and that everything is fine, one way or |
| 153 |
another. So far, the true and only purpose of these certificates is to |
| 154 |
assist encryption. Unless I am able to give users, in a secure way, |
| 155 |
some means of verifying that a certificate they accept is actually from |
| 156 |
the organization, the certificates cannot be used for identification |
| 157 |
anyway. |
| 158 |
|
| 159 |
|
| 160 |
-- |
| 161 |
Again we must be afraid of speaking of daemons for fear that daemons |
| 162 |
might swallow us. Finally, this fear has become reasonable. |
Archives