[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Weechat-dev] [task #12293] [enhancement] pin TLS certificates using TOF
[Weechat-dev] [task #12293] [enhancement] pin TLS certificates using TOFU model
Fri, 19 Oct 2012 13:20:50 +0000
Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4
Summary: [enhancement] pin TLS certificates using TOFU model
Submitted by: abelxluck
Submitted on: Fri 19 Oct 2012 03:20:49 PM CEST
Severity: 3 - Normal
Item Group: None
Assigned to: None
Discussion Lock: Any
== Motivation ==
In these days where we can no longer trust Certificate Authorities (CAs) yet
can't quite ditch th CA model entirely, we need to take additional precautions
to ensure the integrity of our TLS sessions.
Currently weechat supports verifying a certificate and all the certs in the
chain up to the CA. If _any_ CA is compromised, then the game is up and we
could be silently MITMed.
If we pin (i.e., store) a certificate after we see it and expect to see it
again in the future, we effectively reduce the scope of authorities who can
authenticate to us during the lifetime of the pin.
== Proposal ==
I propose augmenting this system with an *optional* additional verification
step that pins the certificate on first use, and every connection thereafter
expects the same certificate.
This is often called TOFU, for Trust On First Use
<https://en.wikipedia.org/wiki/User:Dotdotike/Trust_Upon_First_Use>. If you've
ever used SSH you've used TOFU before. The familiar prompt when you connect to
a server for the first time is TOFU+cert pinning in action.
This behavior will be optional and disabled by default. The reasoning for it
being off by default is that irc servers often use pools of servers which
could use different SSL certificates.
For example, if you connect to chat.freenode.net you could be directed to any
number of servers, each with their own certificate.
Pinning is particularly useful in these circumstances:
* self-signed certificates
* single IRC servers (non-pooled)
== Implementation ==
Add the irc plugin option irc.server.ssl_pin as a boolean option.
If this option is enabled:
* On first connection to a server, after performing the current CA chain
verification, weechat will *optionally* store the cert in a local cache.
* On subsequent connections, weechat will expect the same certificate to be in
use (unless it has been expired or revoked) and will prompt the user if this
is not the case.
=== Discussion ===
Thankfully, this is quite simple to implement using gnutls-3.0.13. It requires
the use of just two gnutls functions
The documentation explains this in more detail.
You can view the sample client
and compare it to irc_server_gnutls_callback() in irc-server.c
Of course this requires gnutls-3.0.13, which was released in Feburary 2012.
This fact alone means we cannot push this feature until most distros have
upgraded. That said, that gives us more time to implement and test it as a
Please discuss this proposal, I am more than willing to submit patches, but
only if this is agreeable.
Date: Sat 15 Dec 2007 09:49:51 PM CETBy: Robert Millan <robertmh>
Were you really using GRUB 0.94 ? Only GRUB 2 has the "ls" command.
Anyway, can you please check if this bug still applies with latest GRUB 2, and
if it does, reopen it?
Reply to this item at:
Message sent via/by Savannah
|[Prev in Thread]
||[Next in Thread]|
- [Weechat-dev] [task #12293] [enhancement] pin TLS certificates using TOFU model,
Sebastien Helleu <=