Bug#691213: ncl.edu.tw vs, gnutls
jidanni at jidanni.org
jidanni at jidanni.org
Wed Oct 24 07:12:04 UTC 2012
OK. (I wonder how all the big name browsers deal with it.)
>>>>> "DKG" == Daniel Kahn Gillmor <dkg at fifthhorseman.net> writes:
DKG> On 10/22/2012 07:08 PM, jidanni at jidanni.org wrote:
>> Cannot secure the https (SSL) connection to sso.ncl.edu.tw port 443; [IO(gnutls): Key usage
>> violation in certificate has been detected.].
DKG> I think the "key usage violation" here is that the server wants to
DKG> negotiate only a diffie-hellman cipher suite and the key is marked only
DKG> as legitimate for:
DKG> Key Usage (critical):
DKG> Key encipherment.
DKG> Data encipherment.
DKG> I'm able to connect cleanly if i instruct the client to not try to
DKG> negotiate DHE-RSA cipher suites.
DKG> gnutls-cli --priority NORMAL:-DHE-RSA sso.ncl.edu.tw
DKG> The server administrators should not have their server
DKG> (Apache-Coyote/1.1?) configured to negotiate DHE cipher suites if their
DKG> key is not marked with the keyAgreement flag.
DKG> See:
DKG> https://tools.ietf.org/html/rfc5280#page-31
>>> The keyAgreement bit is asserted when the subject public key is
>>> used for key agreement. For example, when a Diffie-Hellman key is
>>> to be used for key management, then this bit is set.
DKG> So this is a bug in their server configuration (and possibly in the
DKG> non-gnutls clients which continue with the TLS session in the face of an
DKG> invalid certificate for the selected key exchange method, i they choose
DKG> a diffie-hellman ciphersuite), but not a bug in gnutls.
DKG> hth,
DKG> --dkg
More information about the Pkg-gnutls-maint
mailing list