[Operators] SSL certificates / private CAs / CACert issue

Dave Cridland dave at cridland.net
Mon Dec 17 10:11:36 UTC 2012


There's four things you can do with TLS:

1) Compression. This is irrelevant here.

2) Integrity - so you know the bytes that left the peer you're talking to
haven't been changed.

3) Confidentiality - so you know the bytes that left the peer you're
talking to haven't been seen by anyone else.

4) Authentication - so you know the peer you're talking to.

The XSF's list mostly cares about (4), and in the context of TLS, this
essentially means we need a trust anchor that we trust (an arbitrary and
personal choice) to be at the root of your chain. In common parlance,
that's a CA we trust.

A private CA is no different, technically, to a known public CA - the
difference is that we (arbitrarily) might trust the former and not the
latter.

(2) and (3) are irrelevant without authentication - you're completely
secure to your peer, but have no idea who that peer is.

It needn't be the same authentication as in TLS, however. Indeed, you can
use Anonymous DH, and not have a certificate at all - it's exactly the same
in security terms as RSA (or ECDSA - there's a rant for another time)
certificates that you don't trust. It's a bit more convenient to have a
cert, mind, because then you can do interesting hacks like DANE and POSH.
Parts of DANE work much better if you use a private CA, too (since you can
assert a trust anchor within a domain).

However, since certificates work in a two-step dance (do I trust the TA?
Does the TA trust the cert?), then without a TA agreed between the two
parties you're basically going to have to use DANE or POSH.

So, solutions:

1) Work with the XSF to have your private CA generally trusted.

I think this isn't going to fly, to be honest.

2) Implement DANE at jabber.sk.

You'll need to first implement DNSSEC, possibly with look-aside, though
it's not clear the XSF can accept look-aside validation for DNSSEC.

3) Implement POSH.

You'll basically need a website with a known cert, as I recall. (Note that
I've not caught up with POSH in some time).

Personally, I'd go for (2), depending on look-aside validation and/or SK's
DNSSEC implementation. You'll then need to push for this to be acceptable
to the XSF, which may involve pushing DANE within the implementation
community, but that's all good as far as I'm concerned, and I'll happily
lend my support (and push within Isode for support too).

Dave.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/operators/attachments/20121217/5535a050/attachment.html>


More information about the Operators mailing list