Re: ocsp check problem: sec_error_bad_database
On 2010-03-15 05:25 PST, Rafa M wrote: Hi all, I'm testing some SSL sites in order to check SSL cert chains up to new root certificate from FNMT-RCM (Spanish Mint). I've tried to connect several Official sites (https://www.agenciatributaria.gob.es https://sedemeh.gob.es/) and I got this response: Error code: sec_error_bad_database. OK, here's the story. The OCSP response says that its signer cert bears a subject name that is: SEQUENCE { SET { SEQUENCE { OBJECT IDENTIFIER commonName (2 5 4 3) (2 5 4 3) PrintableString 'DESCRIPCION SERVIDOR OCSP APE - ENTIDAD FNMT-RCM' ' - CIF Q2826004J' } } SET { SEQUENCE { OBJECT IDENTIFIER organizationalUnitName (2 5 4 11) (2 5 4 11) PrintableString 'AC APE' } } SET { SEQUENCE { OBJECT IDENTIFIER organizationName (2 5 4 10) (2 5 4 10) PrintableString 'FNMT-RCM' } } SET { SEQUENCE { OBJECT IDENTIFIER countryName (2 5 4 6) (2 5 4 6) PrintableString 'ES' } } } } But the certificate's subject name is actually this: SEQUENCE { SET { SEQUENCE { OBJECT IDENTIFIER commonName (2 5 4 3) (2 5 4 3) UTF8String 'DESCRIPCION SERVIDOR OCSP APE - ENTIDAD FNMT-RCM' ' - CIF Q2826004J' } } SET { SEQUENCE { OBJECT IDENTIFIER organizationalUnitName (2 5 4 11) (2 5 4 11) UTF8String 'AC APE' } } SET { SEQUENCE { OBJECT IDENTIFIER organizationName (2 5 4 10) (2 5 4 10) UTF8String 'FNMT-RCM' } } SET { SEQUENCE { OBJECT IDENTIFIER countryName (2 5 4 6) (2 5 4 6) PrintableString 'ES' } } } And they don't match, so NSS cannot find the certificate by that name. Sadly, NSS's lame error code for that is bad database. :( NSS could return a better error code, but fundamentally, the error is in the OCSP response. The response gives the wrong name for the signer certificate. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: ocsp check problem: sec_error_bad_database
On 2010-04-18 01:49 PST, Nelson B Bolyard wrote: On 2010-03-15 05:25 PST, Rafa M wrote: Hi all, I'm testing some SSL sites in order to check SSL cert chains up to new root certificate from FNMT-RCM (Spanish Mint). I've tried to connect several Official sites (https://www.agenciatributaria.gob.es https://sedemeh.gob.es/) and I got this response: Error code: sec_error_bad_database. OK, here's the story. Here's another issue. The RDNs in all those names are exactly backwards. They're encoded in the certificate in the wrong order. In the certificate the RDNs appear in this order: CN OU O C Which is from most specific to most general, but that's exactly the opposite of the right order for RDNs in a certificate. The RDNs should be encoded from most general to most specific. They should appear in the DER encoded certificate in this order: C O OU CN -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Alerts on TLS Renegotiation
On Fri, 2010-04-09 at 02:45 +0200, Kai Engert wrote: On 09.04.2010 00:41, Matt McCutchen wrote: On Thu, 2010-04-08 at 09:59 -0700, Robert Relyea wrote: The yellow larry is a good proposal, and probably implementable much sooner than noisy warnings. I'm glad you like it. I guess the next thing needed is for someone to actually implement it, perhaps me if I can figure out how. I wrote about this 3 months ago: https://bugzilla.mozilla.org/show_bug.cgi?id=535649#c3 Option (d) invent a new notification is the same as your proposal to show yellow. We'd have to do everything that I described there, related to (d), which is more work than simply switching to broken security or adding console output. In short, security level detection and GUI display are done at different layers of the software, so we'd have to add new signaling between layers. I understand. In addition, color should never be the only notification mechanism, because some people are color blind. So, if your proposed change is to only switch Larry to yellow, I believe it would be not sufficient. Users who cannot see hue may still notice the difference in brightness of the background compared to the text, at least on Linux where the blue background is dark. On Mac, I believe it is lighter. To help all users, even users who only get the text (e.g., using a screen reader), I propose to also add a question mark at the end of the text, e.g., mattmccutchen.net ? . -- Matt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Alerts on TLS Renegotiation
On Sat, 2010-04-10 at 08:10 -0700, johnjbarton wrote: On 4/9/2010 6:06 PM, Matt McCutchen wrote: Are you saying that Mozilla shouldn't encourage users to bother their server operators because if the problem were real, the server operators would already have fixed it? I think you give the server operators way too much credit. People are lazy. I trust Mozilla much more than the average sysadmin to properly assess vulnerabilities. Your assessment of the relative commitment and competence of these two groups of people is unjustified by facts. Indeed, but do you have facts supporting the opposite conclusion? I appreciate your commitment to improving Web security. Please channel this passion in a respectful fashion. Rather than arrogantly asserting superiority over server admins and irresponsibly exhorting users to harass them, build a clearer case for the potential dangers here. Then contact the communications people in Mozilla, large international Web service companies, professional organizations of server administrators, news organizations, slash.dot, and so forth. Explain the problem and the fix. This procedure will prepare you and the people you contact for future similar problems and strengthen our entire system. A coordinated PR effort led by Mozilla would be great. However, I don't see what is wrong with users contacting their sysadmins individually to advocate that a vulnerability be patched, just as they would make any other request of the sysadmins. If the sysadmins want to make an argument that it isn't important in their particular case, fine, but the users have every right to ask. -- Matt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
Re: Alerts on TLS Renegotiation
On 4/18/2010 10:36 AM, Matt McCutchen wrote: On Sat, 2010-04-10 at 08:10 -0700, johnjbarton wrote: On 4/9/2010 6:06 PM, Matt McCutchen wrote: Are you saying that Mozilla shouldn't encourage users to bother their server operators because if the problem were real, the server operators would already have fixed it? I think you give the server operators way too much credit. People are lazy. I trust Mozilla much more than the average sysadmin to properly assess vulnerabilities. Your assessment of the relative commitment and competence of these two groups of people is unjustified by facts. Indeed, but do you have facts supporting the opposite conclusion? I assume this groups are equally committed, based on personal experience with both groups and common sense. I appreciate your commitment to improving Web security. Please channel this passion in a respectful fashion. Rather than arrogantly asserting superiority over server admins and irresponsibly exhorting users to harass them, build a clearer case for the potential dangers here. Then contact the communications people in Mozilla, large international Web service companies, professional organizations of server administrators, news organizations, slash.dot, and so forth. Explain the problem and the fix. This procedure will prepare you and the people you contact for future similar problems and strengthen our entire system. A coordinated PR effort led by Mozilla would be great. However, I don't see what is wrong with users contacting their sysadmins individually to advocate that a vulnerability be patched, just as they would make any other request of the sysadmins. If the sysadmins want to make an argument that it isn't important in their particular case, fine, but the users have every right to ask. I see nothing wrong with users contacting sysadmins. I object to using the browser as a platform for badgering Web developers to contact sysadmins on your behalf. jjb -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto