[openssl-project] FW: Certificate fractional time processing in upcoming openssl releases

Salz, Rich rsalz at akamai.com
Sat Aug 11 13:50:07 UTC 2018 

FYI.  Quietly ignoring fractional seconds makes sense to me.

From: David McGrew <mcgrew at cisco.com>
Date: Saturday, August 11, 2018 at 9:45 AM
To: Rich Salz <rsalz at akamai.com>, "Barry Fussell (bfussell)" <bfussell at cisco.com>
Cc: "Marty Loy (mloyjr)" <mloyjr at cisco.com>, "Jonathan Felten (jfelten)" <jfelten at cisco.com>, "Bill Sulzen (bsulzen)" bsulzen at cisco.com<mailto:bsulzen at cisco.com>
Subject: Re: Certificate fractional time processing in upcoming openssl releases

Hi Barry and Rich,

Thanks for this.   I think that having the rejection of fractional seconds be part of the “—strict” option makes sense.

As I understand it, there are fielded certs with fractional seconds in GeneralizedTime, which violates the RFC5280 profile but doesn’t introduce any vulnerability.   That RFC aims to promote interoperability by making a profile of X509 formats and semantics, and fractional seconds is only formatting, and not semantics.   So it seems counter to the spirit of the RFC to prevent openSSL from being able to interoperate with certs issued by IAIK or whatever noncompliant systems.

Thanks,

David

From: "Salz, Rich" <rsalz at akamai.com<mailto:rsalz at akamai.com>>
Date: Friday, August 10, 2018 at 12:24 PM
To: "Barry Fussell (bfussell)" <bfussell at cisco.com<mailto:bfussell at cisco.com>>
Cc: "Marty Loy (mloyjr)" <mloyjr at cisco.com<mailto:mloyjr at cisco.com>>, "Jonathan Felten (jfelten)" <jfelten at cisco.com<mailto:jfelten at cisco.com>>, mcgrew <mcgrew at cisco.com<mailto:mcgrew at cisco.com>>, "Bill Sulzen (bsulzen)" <bsulzen at cisco.com<mailto:bsulzen at cisco.com>>
Subject: Re: Certificate fractional time processing in upcoming openssl releases

Please post to openssl-project at openssl.org<mailto:openssl-project at openssl.org>  It’s a moderated list, but the posting will get approved very quickly.


From: "Barry Fussell (bfussell)" <bfussell at cisco.com<mailto:bfussell at cisco.com>>
Date: Friday, August 10, 2018 at 9:34 AM
To: Rich Salz <rsalz at akamai.com<mailto:rsalz at akamai.com>>
Cc: "Marty Loy (mloyjr)" <mloyjr at cisco.com<mailto:mloyjr at cisco.com>>, "Jonathan Felten (jfelten)" <jfelten at cisco.com<mailto:jfelten at cisco.com>>, David McGrew <mcgrew at cisco.com<mailto:mcgrew at cisco.com>>, "Bill Sulzen (bsulzen)" <bsulzen at cisco.com<mailto:bsulzen at cisco.com>>
Subject: Certificate fractional time processing in upcoming openssl releases

Rich,

My team was recently made aware of a change in the time comparison
logic in openssl to adhere to RFC5280 requirements . This change will be in
the upcoming 1.0.2p and 1.1.0i releases. We’ve had discussions regarding
the impact to legacy devices in the field and feel the change could be
detrimental if enabled by default.

We've seen fractional time used in many cases, for example the IAIK
crypto library generated fractional times for quite a while. I believe the
issue with the IAIK library has been fixed, but products still have those certs
embedded in them today.

In reading the discussion linked below it seems the only impetus for
this change was to meet RFC5280, not that allowing fractional times
was any specific vulnerability.

https://github.com/openssl/openssl/issues/2620<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_openssl_openssl_issues_2620&d=DwMFAg&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=Lwc9LOtfM8pc8gkaABxWdUutvh8gwoL2KvhYe2d4y3Q&s=7DMTtQYOol3SGlQwP-5nyNTMX8ulbcaYRt5_PF8ol7g&e=>

Is there any option for this going forward, removal, compile-time
enabled or part of the strict checks ?

Thanks !

Barry Fussell



[http://www.cisco.com/web/europe/images/email/signature/tomorrow_anthem_H.png]



Barry Fussell
Technical Leader
Security & Trust Organization
bfussell at cisco.com<mailto:bfussell at cisco.com>
Phone: +1 919 392 2920

Cisco Systems, Inc.
7025-2 Kit Creek Road
Research Triangle Park, NC 27709
United States
Cisco.com<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.cisco.com_&d=DwMFAg&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=Lwc9LOtfM8pc8gkaABxWdUutvh8gwoL2KvhYe2d4y3Q&s=jiXJrK_CCjJLudysdejd12bdgw7_tY1mj_o-AtgDeLw&e=>




[http://www.cisco.com/assets/swa/img/thinkbeforeyouprint.gif]Think before you print.
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender by reply email and delete all copies of this message.
Please click here<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.cisco.com_web_about_doing-5Fbusiness_legal_cri_index.html&d=DwMFAg&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=Lwc9LOtfM8pc8gkaABxWdUutvh8gwoL2KvhYe2d4y3Q&s=gfKgERtaAUVlAA0GHdXitfmhgtPbojPDaeFPm99y5SU&e=> for Company Registration Information.






-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-project/attachments/20180811/bea27636/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 7272 bytes
Desc: image001.jpg
URL: <http://mta.openssl.org/pipermail/openssl-project/attachments/20180811/bea27636/attachment-0002.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 954 bytes
Desc: image002.jpg
URL: <http://mta.openssl.org/pipermail/openssl-project/attachments/20180811/bea27636/attachment-0003.jpg>

More information about the openssl-project mailing list