[NNTP] STARTTLS diffs

Eric Rescorla ekr at networkresonance.com
Sat Jun 25 19:19:22 PDT 2005 

Russ Allbery <rra at stanford.edu> writes:

> Ken Murchison <ken at oceana.com> writes:
>> EKR wrote:
>
>>> In some sense this is fine, as it embodies the RFC 2818 model of the
>>> universe. However, it doesn't really match up so well with a self-signed
>>> cert model, in which it doesn't really matter what
>>> the DN is, b/c you're trusting it explicitly anyway... I mean,
>>> you *can* check the domain name, but why bother....
>>> I'm not sure what model you expect people to be using...
>
>> I'm expecting the NNTP STARTTLS implementation to be as close as
>> possible to IMAP, POP3 and SMTP.  All three of these specs have similar
>> wording.  In fact, I took this wording from either RFC 3501 or RFC
>> 2595. Is there something different about NNTP that makes the above text
>> silly/useless or are you saying that its silly/useless for all of the
>> messaging protocols?
>
>> Would you completely remove the above text from the NNTP STARTTLS
>> document?
>
> After reviewing this, I think Ken's text makes sense for NNTP.  Currently,
> most of the NNTP clients that do TLS are reusing the same code from a mail
> component that also does TLS, and I know from experience that they do
> verify certificates, including self-signed ones.  I'm not sure that we're
> realistically going to have a choice about the cert verification model;
> vendors are going to strongly tend towards reusing the cert verification
> model they're already using for other protocols, which does the domain
> name checking.
>
> As you mention, for self-signed certificates it doesn't really matter
> whether you check it or not -- it's not difficult to get the domain name
> correct in the certificate.  Since for certain other trust models, it
> *does* matter, I would rather just require that clients check.
>
> Ken, could you go ahead and submit the revised draft for publication as an
> I-D?  Eric, if you object given the above, please do let us know; I don't
> mean to cut off discussion, but since my guess is that we won't need to
> change this text, I'd rather get the revised draft into the queue so that
> we don't have to worry about it later.
This seems fine to me. Someone needs to write a "how to use self-signed
certs" doc, but I haven't gotten to it yet... :)

-Ekr

More information about the ietf-nntp mailing list