Re: Big CA certificate bundle causes problems with GnuTLS 3.0.11

[Nikos Mavrogiannopoulos]

On 05/29/2012 11:17 PM, Janne Snabb wrote:

> On 2012-05-30 03:37, Michal Suchanek wrote:
>> Now what I do not get is how a pile of CA certificates is fragmenting
>> the packets.
>>
>> Sounds like a security hole. CA cert piles should be local to either
>> side, only one CA cert relevant for the session. Technically there can
>> be more than one cert in the trust chain but not pile of them.
> 
> If the *server* chooses to trust a pile of CA's in the same way as web
> browsers (clients) typically do, this will happen, see:
> 
> https://tools.ietf.org/html/rfc5246#section-7.4.4
> 
> It also says:
> 
> "If the certificate_authorities list is empty, then the client MAY send
> any certificate of the appropriate ClientCertificateType, unless there
> is some external arrangement to the contrary."
> 
> ...which suggests that in cases like this it might be a good idea or at
> least acceptable *not* to put anything in the certificate_authorities
> list when the server sends the Certificate Request. It is unclear how
> various client side implementations implement the "MAY" part of the
> above RFC quote. Do they send a client certificate if the CA list is
> empty? Which one will they send if they have several?

Most send any certificate selected by the user.


> It feels like there should be a way in the GnuTLS API to define whether
> the list of trusted CAs is to be advertised in Certificate Request or
> not. (Maybe there is a way but I am missing it?)


There is. Check client certificate authentication at:
http://www.gnu.org/software/gnutls/manual/html_node/Certificate-credentials.html#Certificate-credentials

regards,
Nikos