Bug#691864: libgnutls28: gnutls does not sort certificate chain to be verified
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Oct 30 16:22:00 UTC 2012
Control: severity 691864 wishlist
Control: retitle 691864 please allow mis-ordered certificate chains
Control: fixed 691864 3.1.3-1
On 10/30/2012 10:00 AM, Michal Suchanek wrote:
> eg. server has certificate S which is signed by intermediate I which is
> signed by CA root R. The server supplies chain S R I which is verified
> by gnutls 3.1 but not 3.0. Such servers exist in the wild so this is
> clearly an interoporebility issue.
it is clearly an interoperability issue, but the peers that are causing
it are the peers with the mis-ordered certificates, not GnuTLS.
GnuTLS 3.0 is following the RFC, which states:
https://tools.ietf.org/html/rfc5246#section-7.4.2
The sender's
certificate MUST come first in the list. Each following
certificate MUST directly certify the one preceding it.
> In gnutls 3.1.3 GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN flag is available and
> defaults to on. When this flag is set such chain is verified without
> issues.
The fact that GnuTLS 3.1 is willing to work around this situation does
not indicate that strict RFC-compliance is a bug in GnuTLS 3.0, much
less a bug of severity: important.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20121030/f73113e9/attachment.pgp>
More information about the Pkg-gnutls-maint
mailing list