[rsyslog] TLS certificates
Rainer Gerhards
rgerhards at hq.adiscon.com
Tue Dec 2 17:00:43 CET 2008
> -----Original Message-----
> From: rsyslog-bounces at lists.adiscon.com [mailto:rsyslog-
> bounces at lists.adiscon.com] On Behalf Of RB
> Sent: Tuesday, December 02, 2008 4:57 PM
> To: rsyslog-users
> Subject: Re: [rsyslog] TLS certificates
>
> On Tue, Dec 2, 2008 at 06:55, Juan Miscaro <jmiscaro at gmail.com> wrote:
> > "neither the client nor the server are authenticated. So while the
> > message transfer is encrypted, you can not be sure which peer you
are
> > talking to"
>
> I'm hoping Rainer will jump in and clarify precisely how much
> handshake validation he's implemented. The fact that the client must
> have a copy of the CA's public material seems to indicate he is at
> least verifying that the server's certificate was issued by the CA.
> It's possible to not do so, but the result is rather susceptible to
> MITM.
Just a quick note, I am quite busy at the moment (guess what ;)). If the
auth is set to "anon" nothing at all is validated and MITM *is*
absolutely possible. That's why the doc does not recommend to use that
mode. I posted a link to the long TLS setup guide, which creates a
fairly safe scenario (but your milage may vary... ;)).
>
> > Also, how can client encrypt without having any keys specified in
its
> config?
>
> This isn't the forum to discuss the particulars of the SSL handshake,
> but suffice it to say that SSL incorporates a challenge/response
> mechanism (using the server's presented certificate) followed by
> negotiation of an ephemeral session key. See also: public-key
> cryptography.
>
> > $DefaultNetstreamDriverCAFile /path/to/contrib/gnutls/ca.pem
> > $ActionSendStreamDriverAuthMode anon # server is NOT authenticated
> >
> > 2nd question: Why is the server not authenticated?
>
> Without looking at the code, I presume the 'anon' AuthMode is the
> switch used to tell the SSL library whether or not to check the server
> certificate against the CA. If so, it should make specifying the CA
> public key redundant - the client just accepts whatever certificate
> the server (or MITM) presents and starts encrypting to it.
The modes are mostly rooted in the upcoming RFC5225 (or 5226, don't
remember correctly). Anon is an insecure extension. While being
insecure, it is a mode that allows low end devices deployed in
no-knowledge environmebnt (hopefully read: home users) to have at least
the benefit of encryption (obfuscation would be more precise) but
nothing (nothing!) above that.
Rainer
> _______________________________________________
> rsyslog mailing list
> http://lists.adiscon.net/mailman/listinfo/rsyslog
> http://www.rsyslog.com
More information about the rsyslog
mailing list