I agree with Ryan on this. From a policy perspective, we should be encouraging [and eventually requiring] EKU constraints, not making it easier to exclude them.
On Mon, Mar 25, 2019 at 1:03 PM Ryan Hurst via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > While it may be true that the certificates in question do not contain > SANs, unfortunately, the certificates may still be trusted for SSL since > they do not have EKUs. > > For an example see "The most dangerous code in the world: validating SSL > certificates in non-browser software" which is available at > https://crypto.stanford.edu/~dabo/pubs/abstracts/ssl-client-bugs.html > > What you will see that hostname verification is one of the most common > areas applications have a problem getting right. Often times they silently > skip hostname verification, use libraries provide options to disable host > name verifications that are either off by default, or turned off for > testing and never enabled in production. > > One of the few checks you can count on being right with any level of > predictability in my experience is the server EKU check where absence is > interpreted as an entitlement. > > Ryan Hurst > (writing in a personal capacity) > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
