On Open Source

From: Henrick Hellström (henrick.hellstrm_at_telia.com)
Date: 05/23/04 

Date: Sun, 23 May 2004 11:44:20 GMT

It has come to my attention that OpenSSL defaults to not validating the
server certificate against root certificates when used for client side
SSL/TLS. I argue that this is a major design flaw with serious security
implications, and furthermore that this is a kind of issue that is not
likely to be caught be the mechanisms (i.e. peer-review) that are
normally considered to make de facto standard open source software more
likely to be secure than non-standard or closed source software.

Premise 1. Client side authentication of the remote host identity is THE
security service you would normally use SSL/TLS for. Getting a
confidential communication channel with message integrity is pointless
unless you have equally strong proof of the identity of the remote peer.
I am tempted to say that using client side SSL/TLS without root
certificates is like buying a Volvo for safety and driving it in 200
km/h without fastening your seat belt.

Premise 2. This kind of issue is likely to be caught by trained
professionals, by professional support/consultancy and in sufficiently
large and active communities consisting of users, possibly with
different backgrounds, but with access to the source code.

Premise 3. This kind of issue is not likely to be caught by open
sourcing the software and relying on peer-review. My argument for this
is that the people that are likely to spot the problem (i.e. the trained
professionals) are not necessarily interesting in seeing it fixed: They
can use the software securely anyway since they know what to do, and it
is not unlikely that they make a living from knowing this kind of
things. The latter might even entail a direct interest in the problem
NOT being fixed.

Conclusion: Recommending non-experts to use a de facto standard Open
Source solution for cryptographic services is not necessarily good
advice. Recommending them to learn more/hire an expert (or better yet
more than one expert)/participate in relevant community groups is good
advice.

Relevant Pages

  • Re: WSE 3.0 CertSrv Request
    ... ASP.NET Development Server caching info like IIS would if it were running ... Client OutputTrace looks clean. ... X509 security use our in house Cert Authority with teh CertSrv wizard. ... I have not found any good documentation on what type of certificates ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Re: SSL and Client Authentication
    ... First I go on my client and I do a browser request from a CA, ... After issuing a cert. ... install (where I verify that this certification was installed ... > It definitely does not sound like the right way to do client certificates. ...
    (microsoft.public.inetserver.iis.security)
  • Re: WSE 3.0 CertSrv Request
    ... You can also find the response message in the Response ... Client OutputTrace looks clean. ... X509 security use our in house Cert Authority with teh CertSrv wizard. ... I have not found any good documentation on what type of certificates ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Re: security header is not present in the incoming message
    ... One certificate "Client Private.pfx" to Certificates - Current User, Personal, Certificates. ... One certificate "Server Private.pfx" to Certificates - Current User, Other People, Certificates and the third one "Server Public.cer" to Certificates, Personal, Certificates. ... And this goes for services run in IIS och in ASP.NET Development Server. ...
    (microsoft.public.dotnet.security)
  • Re: On Open Source
    ... > server certificate against root certificates when used for client side ... authorities that the user may want to trust for server authentication. ... OpenSSL is a software library, not a complete application, so it would ... records and the like to start with); but the option to use SSL/TLS ...
    (sci.crypt)