Hi Folks --
0) Beware that I am not an expert in this area. What follows is
probably mostly true, but I'm still feeling my way to some extent.
1) There are actually some people who are using v3 nameConstraints.
Not a lot, but some.
An example can be found in one of the fully-trusted root certificates
that is distributed in the current Ubuntu release, and several previous
releases:
/etc/ssl/certs/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
which is a symlink to
/usr/share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt
Let's take a look at it:
openssl x509 -text -noout <
Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt
[snip]
X509v3 Name Constraints:
Permitted:
DNS:.gr
DNS:.eu
DNS:.edu
DNS:.org
email:.gr
email:.eu
email:.edu
email:.org
2) Note the leading "." in each item in the permission list.
a) This seems entirely logical and reasonable to me.
b) All the documentation and examples I've seen on the web assume
the "." should be there. It's not even a topic of discussion.
3) Desired behavior: openssl should tolerate the leading "."
Question: Does anybody think the leading "." should be mandatory?
Or should we tolerate it either way????
4) Observed behavior: As of openssl-1.0.1i the leading "." is
not tolerated. In particular:
openssl verify -verbose -check_ss_sig -CAfile $CA_NAME-cert.pem
$TARGET-cert.pem
server.example.net-cert.pem: C = US, CN = server.example.net
error 47 at 0 depth lookup:permitted subtree violation
In more detail: I added some debugging printf statements:
==== checking DNS 'www.example.net' against '.example.net' ... result: 47
==== checking DNS 'www.example.net' against 'example.net' ... result: 0
The certs I used to test this can be found at
http://www.av8n.com/openssl/namecon-ca-cert.pem
http://www.av8n.com/openssl/server.example.net-cert.pem
If somebody wants the ugly little config files I used to create those
certs, they can be provided.
5) Here is a patch that seems to make the problem go away.
http://www.av8n.com/openssl/leading-dot.patch
I do not guarantee that this is high-security industrial-strength code,
but it should suffice to let people know where I think the issue lies.
If somebody wants to take a closer look at what the code is doing,
here is a bundle of debugging printf statements:
http://www.av8n.com/openssl/namecon-printf.patch
This is not meant to be elegant.
It's quick-and-dirty experimentation.
I found it useful. YMMV.
-------------------
Let's discuss this on the -dev list for a little while to see if anybody
has any better insight as to what's going on. Then maybe we can send it
over to the request tracker.
There's more I could say about this, but I'll stop here for now.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
