From: Nobody on 15 Jun 2010 17:32 On Tue, 15 Jun 2010 22:57:24 +0200, Antoine Pitrou wrote: > Also, following issue1589 (certificate hostname checking), I think it > would be useful at least to provide the necessary helper functions in > order to check certificate conformity, even if they aren't called > implicitly. I would encourage interested people to provide a patch for > the py3k ssl module, and will gladly review it. The main issue is with the use of SSL for HTTPS: you *must* check the hostname against the certificate *before* sending the request. Allowing the caller to discover afterwards that (potentially confidential) data has been sent to an unknown destination is not an acceptable alternative. This check shouldn't require any additional steps on the part of the caller. Simply creating an HTTPS connection or opening a connection using an "https:" URL should be sufficient. If you want to provide support for "fake SSL" (e.g. to allow connecting to hosts with self-signed certificates), *that* should require additional steps. The biggest problem with crypto is that it's very hard to tell the difference between working crypto and broken crypto. If you make it easy for developers to get it wrong, some of them *will* get it wrong, and it may take a long time before anyone discovers this.
From: Terry Reedy on 15 Jun 2010 18:36 On 6/15/2010 5:14 PM, geremy condra wrote: >> I have tried to put some effort into the py3k ssl docs, so that security >> issues get mentioned: >> http://docs.python.org/dev/py3k/library/ssl.html#security-considerations >> Any improvement or correction is welcome. > > Could similar notifications be added to urllib, etc? That's where > people really get bitten badly by this. If you have specific ideas, propose them on the tracker. ------ I think the following section " <blah> " should be added to <specific place> --------- There are people who will add .rst markup to ascii text once it is agreed on. If you want cross-references to the above added to docs for other modules, just say that. Terry Jan Reedy
From: Paul Rubin on 15 Jun 2010 20:31 Terry Reedy <tjreedy(a)udel.edu> writes: >> Could similar notifications be added to urllib, etc? That's where >> people really get bitten badly by this. > > If you have specific ideas, propose them on the tracker. urllib is basically a web client and as such it should act like a browser, with a default certificate store. It should refuse to connect to an https host that doesn't have a valid certificate, unless you override the default (supply your own CA store or validation routine). There could be some pre-written override options, such as accept expired certificate, accept certificate named "www.xyz.com" when the actual host is "abc.xyz.com", or that sort of thing. These are code changes, not doc updates.
From: geremy condra on 15 Jun 2010 21:07 On Tue, Jun 15, 2010 at 5:31 PM, Paul Rubin <no.email(a)nospam.invalid> wrote: > Terry Reedy <tjreedy(a)udel.edu> writes: >>> Could similar notifications be added to urllib, etc? That's where >>> people really get bitten badly by this. >> >> If you have specific ideas, propose them on the tracker. > > urllib is basically a web client and as such it should act like a > browser, with a default certificate store. It should refuse to connect > to an https host that doesn't have a valid certificate, unless you > override the default (supply your own CA store or validation routine). > There could be some pre-written override options, such as accept expired > certificate, accept certificate named "www.xyz.com" when the actual host > is "abc.xyz.com", or that sort of thing. These are code changes, not > doc updates. I've opened the requested bug report: http://bugs.python.org/issue9003 Just for the record, I'd rather see this fixed than note the need for a workaround. Geremy Condra
From: John Nagle on 15 Jun 2010 22:56
On 6/15/2010 1:27 PM, Antoine Pitrou wrote: > On Mon, 14 Jun 2010 19:47:49 +0100 > Nobody<nobody(a)nowhere.com> wrote: >> On Mon, 14 Jun 2010 10:43:02 -0700, John Nagle wrote: >> >>> The new SSL module in Python 2.6 >> >> There isn't an SSL module in Python 2.6. There is a module named "ssl" >> which pretends to implement SSL, but in fact doesn't. > > What do you mean by "doesn't"? > Can you point to an open bug report describing the issue? http://bugs.python.org/issue1589 Just reopened by Antoine Pitrou. Realistically, there are obscure situations where you might want to open an SSL connection without hostname validation. Those situations are unusual. (I actually do that to read the SSL certificate, without sending data, in a system which collects data from SSL certs. This is not the normal case.) The typical Python user will expect SSL checking for URL opening to behave like a browser does. They won't be up to speed on the internal mechanics of X.509 certificates. The default case should be to require a hostname match (considering certificate wildcards, multiple common names, multiple alt names, etc.). Expecting the caller to do this check is unreasonable. It's about 70 lines of python code to cover all the cases. And that's without proper support for error reporting for internationalized host names. Without a hostname check, the SSL module insures only, as someone else points out, that "you have an encrypted connection to your attacker". John Nagle |