Replacing SECLEVEL with AUTHSECLEVEL and TLSSECLEVEL
Armen Babikyan
armen.babikyan at gmail.com
Tue Apr 7 21:18:52 UTC 2020
Hello,
I was wondering if there was any effort to make progress in separating the
SECLEVEL directive into AUTHSECLEVEL and TLSSECLEVEL as described in
$openssl/ssl/ssl_cert.c's ssl_verify_cert_chain() function. I found a post
from 2016 on this mailing list about this:
https://mta.openssl.org/pipermail/openssl-users/2016-May/003768.html
I have a use case where I need to enable Mutual TLS authentication for
hardware clients that have immutable manufacturer-signed certificates.
Some of those certificates are signed with MD5, but I don't know which ones
beforehand, and I'd rather not have SECLEVEL=0 compromise the allowable
ciphers in the TLS connection.
[re MD5 insecurity in auth: I already have application-layer authentication
(e.g. HTTPS Bearer auth), and I'm not looking to replace that with Mutual
TLS - I do need to opportunistically gather other information from the
client certs though.]
In the meantime, if my only option is to use SECLEVEL=0, I think I'd need
to do some application-layer enforcement of TLS parameters. I suppose I
could enforce ciphers by using SSL_get_cipher_name(). Are there other
parameters that you recommend I enforce at the application layer? Is it
possible to reach parity with "SECLEVEL=1" behavior this way? Are there
any other downsides or issues to be aware of with this approach?
Many thanks!
Armen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200407/b34234ac/attachment.html>
More information about the openssl-users
mailing list