cert bootstrap script change: no more MD5?
Hi, the bootstrap script uses ca.cnf, server.cnf and client.cnf for the generated certificates. All of these set the default_md = md5. iOS 5 is the first OS to condemn certificates which are signed by MD5. So, the default certificates generated by this script will not be compatible with recent iOS. Does anything speak against up'ing the default_md to sha1? Otherwise I can see questions on -user coming up saying EAP doesn't work - and this time with a particularly difficult to diagnose issue. Greetings, Stefan Winter
On 10/17/2011 01:53 PM, Stefan Winter wrote:
Hi,
the bootstrap script uses ca.cnf, server.cnf and client.cnf for the generated certificates. All of these set the default_md = md5.
iOS 5 is the first OS to condemn certificates which are signed by MD5. So, the default certificates generated by this script will not be compatible with recent iOS.
Does anything speak against up'ing the default_md to sha1? Otherwise I can see questions on -user coming up saying EAP doesn't work - and this time with a particularly difficult to diagnose issue.
FWIW, we've been patching the config files to use sha1 instead of md5 in our Fedora and RHEL RPM's for the last couple of years. -- John Dennis <jdennis@redhat.com> Looking to carve out IT costs? www.redhat.com/carveoutcosts/
On 17 Oct 2011, at 20:16, Alan DeKok wrote:
John Dennis wrote:
FWIW, we've been patching the config files to use sha1 instead of md5 in our Fedora and RHEL RPM's for the last couple of years.
OK. Then the future releases will use sha1.
Though it looks like were out of time... http://support.apple.com/kb/HT4999 Arran Cudbard-Bell a.cudbardb@freeradius.org Betelwiki, Betelwiki, Betelwiki.... http://wiki.freeradius.org/ !
Hi,
the bootstrap script uses ca.cnf, server.cnf and client.cnf for the generated certificates. All of these set the default_md = md5.
iOS 5 is the first OS to condemn certificates which are signed by MD5. So, the default certificates generated by this script will not be compatible with recent iOS.
Does anything speak against up'ing the default_md to sha1? Otherwise I can see questions on -user coming up saying EAP doesn't work - and this time with a particularly difficult to diagnose issue.
is it worth just going straight to eg default_md = sha256 ? NIST have already rail-roaded SHA1 out of use..... though I note that openssl < 0.9.8 seem to not like any real crypto for Message Digest :-( alan
Hi,
the bootstrap script uses ca.cnf, server.cnf and client.cnf for the generated certificates. All of these set the default_md = md5.
iOS 5 is the first OS to condemn certificates which are signed by MD5. So, the default certificates generated by this script will not be compatible with recent iOS.
Does anything speak against up'ing the default_md to sha1? Otherwise I can see questions on -user coming up saying EAP doesn't work - and this time with a particularly difficult to diagnose issue.
is it worth just going straight to eg default_md = sha256 ?
NIST have already rail-roaded SHA1 out of use..... though I note that openssl < 0.9.8 seem to not like any real crypto for Message Digest :-(
I'm aware of NISTs specs. What I'm not aware of is the corresponding client device support. Is SHA-256 really out on all kinds of EAP-capable devices? It would be not so nice to a sizable fraction of (oldish) user devices failing authentication because they can't validate the chain due to unknown algorithm. I really have no idea here - anyone aware of studies, or people already running with SHA-256 signatures? Greetings, Stefan
alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
-- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg Tel: +352 424409 1 Fax: +352 422473
On 18 Oct 2011, at 07:37, Stefan Winter wrote:
Hi,
the bootstrap script uses ca.cnf, server.cnf and client.cnf for the generated certificates. All of these set the default_md = md5.
iOS 5 is the first OS to condemn certificates which are signed by MD5. So, the default certificates generated by this script will not be compatible with recent iOS.
Does anything speak against up'ing the default_md to sha1? Otherwise I can see questions on -user coming up saying EAP doesn't work - and this time with a particularly difficult to diagnose issue.
is it worth just going straight to eg default_md = sha256 ?
NIST have already rail-roaded SHA1 out of use..... though I note that openssl < 0.9.8 seem to not like any real crypto for Message Digest :-(
I'm aware of NISTs specs. What I'm not aware of is the corresponding client device support. Is SHA-256 really out on all kinds of EAP-capable devices? It would be not so nice to a sizable fraction of (oldish) user devices failing authentication because they can't validate the chain due to unknown algorithm.
I really have no idea here - anyone aware of studies, or people already running with SHA-256 signatures?
Greetings,
Stefan
Didn't we try this before and it broke things? I'm pretty sure this isn't the first time the subjects come up... Arran Cudbard-Bell a.cudbardb@freeradius.org Betelwiki, Betelwiki, Betelwiki.... http://wiki.freeradius.org/ !
participants (5)
-
Alan Buxey -
Alan DeKok -
Arran Cudbard-Bell -
John Dennis -
Stefan Winter