From owner-freebsd-security@FreeBSD.ORG Tue Apr 5 06:50:03 2011 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D4F46106566C for ; Tue, 5 Apr 2011 06:50:03 +0000 (UTC) (envelope-from Dan.VanPelt@wwu.edu) Received: from Exch2010Edge-2.cms.wwu.edu (exch2010edge-2.cms.wwu.edu [140.160.248.53]) by mx1.freebsd.org (Postfix) with ESMTP id 9E2F38FC08 for ; Tue, 5 Apr 2011 06:50:03 +0000 (UTC) Received: from EXCH2010HT-2.univ.dir.wwu.edu (140.160.248.91) by Exch2010Edge-2.cms.wwu.edu (140.160.248.53) with Microsoft SMTP Server (TLS) id 14.1.270.1; Mon, 4 Apr 2011 23:39:10 -0700 Received: from EXCH2010MB-3.univ.dir.wwu.edu ([140.160.248.56]) by Exch2010HT-2.univ.dir.wwu.edu ([140.160.248.91]) with mapi id 14.01.0270.001; Mon, 4 Apr 2011 23:37:31 -0700 From: Dan Van Pelt To: Garrett Wollman Thread-Topic: SSL is broken on FreeBSD Thread-Index: AQHL8H2AHgxhZDBfkUu9WF170P0l0pRKpgkAgAQECYCAACP1gIAAMF8A///Yfhg= Date: Tue, 5 Apr 2011 06:39:18 +0000 Message-ID: References: <1301729856.5812.12.camel@w500.local> <20110404205705.GA52172@server.vk2pj.dyndns.org> <20110404230546.GA25778@richh-desktop.boxdice.com.au>, <19866.30558.24345.112771@hergotha.csail.mit.edu> In-Reply-To: <19866.30558.24345.112771@hergotha.csail.mit.edu> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailman-Approved-At: Tue, 05 Apr 2011 12:50:14 +0000 Cc: richo , "freebsd-security@freebsd.org" Subject: Re: SSL is broken on FreeBSD X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Apr 2011 06:50:03 -0000 On Apr 4, 2011, at 7:39 PM, "Garrett Wollman" wrot= e: > < said: >=20 >> On 05/04/11 06:57 +1000, Peter Jeremy wrote: >>> It has occurred to me that maybe the FreeBSD SO should create a root >>> cert and distribute that with FreeBSD. That certificate would at >>> least have the same trust level as FreeBSD. >>>=20 >>> --=20 >>> Peter Jeremy >=20 >> But what would that CA trust? >=20 > The certificates he also generates for services like freebsd-update > and portsnap. And probably also a certificate for use in email to the > security-officer role, so that those benighted people who only have > access to S/MIME email can still send him private messages. Ideally > it would also be used to sign the CHECKSUMS files on the FTP site, so > that the installer could check whether it was talking to an authentic > mirror site and ask the user what to do. >=20 Not ideally, but rather critically, should the CHECKSUMS files be signed wi= th some well guarded and official public key. Not to sound paranoid or any= thing... I would welcome having a 'FreeBSD' root certificate ship with the OS but wo= uld leave the other certs to the domain of a port that I install when neede= d. FWIW (and forgive me if this is already the case) it would be nice to h= ave a port equivalent to security/ca_root_nss that would allow the user to = select which certs get installed during configuration. Cheers, Dan van Pelt