undefined | Better HN

0 pointsdharmab5y ago0 comments

Run your own CA internally and handle the CA distribution problem with MDM tools.

0 comments

xg155y ago

I admit, that's a solution, even if a very unpleasant one: Installing a custom root CA is intentionally complicated, so this is hardly doable as an onboarding experience. The setup must be repreated for every single client device that should access the server.

There remains the question how I would get the CA certificate onto client devices in the first place.

Lastly, with asking consumers to install a CA certificate, I ask for a significantly more powerful permission than if I could just have them trust my certificate. This seems like a step backwards security-wise.

est315y ago

> Lastly, with asking consumers to install a CA certificate, I ask for a significantly more powerful permission than if I could just have them trust my certificate.

CA certificates can be constrained. https://tools.ietf.org/html/rfc5280#section-4.2.1.10

toast05y ago

Are common certificate validation libraries honoring these constraints?

When I tried to use this many moons ago, most things ignored the constraints; although I could mark the extension critical, and then some (but not all, yay) of the things that didn't understand would refuse the CA.

est315y ago

IDK NSS seems to have code to verify it:

https://searchfox.org/mozilla-central/source/security/nss/li...

As does webpki:

https://github.com/briansmith/webpki/blob/482627c40dad2148da...

But haven't tested it (or checked other libraries).

1 more reply

namibj5y ago

Can you name and shame those that ignored the critical extension? Sounds CVE-worthy. A date to guess the versions you used would also help.

1 more reply

loeg5y ago

How do you actually generate a constrained CA certificate? I have tried to do this for a long time but openssl is inscrutable.

est315y ago

There seems to be a guide for openssl here [0] but it seems kinda complicated. This discussion inspired me to add name constraints support to rcgen [2]. If you aren't afraid to write Rust, you should give using it a try.

[0] https://www.marcanoonline.com/post/2016/09/restrict-certific...

[1] https://tools.ietf.org/html/rfc5280#page-41

[2] https://github.com/est31/rcgen/commit/059cc19fcd1b8bb57feed5...

1 more reply

p2t2p5y ago

It is no more complicated than a self signed certificate. Two clicks in Firefox, 4 taps in iOS

elcritch5y ago

Every time and no tracking if device indentity changes.

lawnchair_larry5y ago

That is also an insane and unrealistic suggestion.

j / k navigate · click thread line to collapse

0 comments

xg155y ago

There remains the question how I would get the CA certificate onto client devices in the first place.

est315y ago

> Lastly, with asking consumers to install a CA certificate, I ask for a significantly more powerful permission than if I could just have them trust my certificate.

CA certificates can be constrained. https://tools.ietf.org/html/rfc5280#section-4.2.1.10

toast05y ago

Are common certificate validation libraries honoring these constraints?

est315y ago

IDK NSS seems to have code to verify it:

https://searchfox.org/mozilla-central/source/security/nss/li...

As does webpki:

https://github.com/briansmith/webpki/blob/482627c40dad2148da...

But haven't tested it (or checked other libraries).

1 more reply

namibj5y ago

Can you name and shame those that ignored the critical extension? Sounds CVE-worthy. A date to guess the versions you used would also help.