in Gajim you can trust a self signed cert that a server offers
lovetox
what Gajim does is, it adds it to a kind of cert store (not the system one)
lovetox
and later if it gets UNKNOWN_CA, it just checks the store if the user trusts this cert
lovetox
now if someone knows i trust a specific self signed cert, could the creator of that cert impersonate another server?
lovetox
i think no, because changing stuff like domain within the cert, would change the fingerprint of the cert, and then the certs are not equal anymore, hence new trust decision
lovetox
is this correct?
Zash
Is that trust store per account or 'global'?
lovetox
global
lovetox
basically a server offers a cert, and i get the fingerprint and look if there is a cert with that fingerprint in the trust store
lovetox
question is, changing the domain a cert is valid for, changes the fingerprint
lovetox
or not?
Zash
the fingerprint for the entire cert would cover the entire cert
Zash
including all the names
Zash
it sounds like it may be possible for such a server to impersonate another server you have an account on, if you connect there somehow?
Zash
do you verify the names in self-signed certs tho?
lovetox
no, thats just one step in the verify process
lovetox
of course i let the ssl lib first verify the cert normally
lovetox
afterwards it offers me errors
lovetox
like UNKNOWN_CA
lovetox
if UNKNOWN_CA is the *only* error on the cert
lovetox
i check the trust store
Zash
in prosody there are no name checks if the CA is untrusted, I don't know how your code works
pulkomandyhas left
lovetox
of course if htere are other errors like, BAD_IDENTITY or other stuff
pulkomandyhas joined
lovetox
this is shown to the user
Yagizаhas left
Yagizаhas joined
lovetox
hence if the someone manipulates the trusted cert, so it links to another domain, to circumvent a BAD_IDENTITY error
lovetox
it would change the fingerprint of the cert
lovetox
hence Gajim would not find it anymore in the trust store
lovetox
and raise UNKNOWN_CA
Zash
You know, since this is security related, it might be best to quietly test whether it's exploitable before talking about it in public :)
test2has left
test2has joined
lovetox
i dont think this is exploitable, and even if, nobody is forced to accept self signed certs
lovetox
but i wouldnt know how otherwise i can support self signed certs
lovetox
without presenting the user on every connect with a cert error dialog
Zash
What happens if the server later switches to a CA-issued cert?
Zash
IMO it would make sense to have such trust decisions be saved per account, just to be sure.
lovetox
its verified ok and user is not notified about it
lovetox
yes Zash thats what i was thining about
lovetox
i have no concrete reason, but if feels a bit better
pulkomandyhas left
pulkomandyhas joined
Zash
Some users would probably want a warning if the certificate changed from a self-signed to a CA-issued one.
Zash
Depending on why a self-signed cert was in used at all.
Zash
If it's just a temporary cert until a CA issued one can be gotten, then it probably doesn't matter.
Zash
If it's someone who doesn't trust CAs at all running the server, then it'd be suspicious if it suddenly had a CA-issued one.
Yagizаhas left
lovetox
yeah probably right
lovetox
but i dont care about that one guy that wants that thing