On Thu, Oct 26, 2017 at 09:35:34PM -0400, Viktor Dukhovni wrote:
> > On Oct 26, 2017, at 9:21 PM, Jim Fenton <[email protected]> wrote:
> >
> > The question I have is: Why are we matching the certificate against the
> > policy rather than against the hostname, and is that done in any other
> > context? Does that offer any additional flexibility?
>
> This was discussed when the change was made, and again in response
> to Ivan's questions just in the past week or so. The flexibility
> in question allows the policy to specify that the certificate will
> match (say) the recipient domain and not the MX hostname, or either,
> or some unspecified hostname in a domain, leaving the match somewhat
> fuzzy, which you describe as "wildcard to wildcard".
Note that according to the analysis linked by Daniel [1], "only
0.6% of domains present trusted certificates that match their domain
name, while 34.2% present trusted certificates that match their MX
server".
So to me you are arguing to add a non trivial amount of complexity to
certificate validation, and make it differ significantly from widely
used and tested logic; in exchange for making it easier for <1% of the
hosts to potentially adopt STS.
I think that is a terrible tradeoff: the implementation complexity and
security risks are not worth the marginal benefit.
Thanks,
Alberto
[1]: http://conferences.sigcomm.org/imc/2015/papers/p27.pdf
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
