On 09/07/12 13:27, Sven Dreyer wrote:
Am 09.07.2012 14:18, schrieb Phil Mayers:
- The phones have the Sub CA certificate locally installed as "trustworthy" (NOT the Root CA certificate!) - The RADIUS server must only send its server certificate (not the whole chain)
Why?
Not my decision - our customer said something like "that's the way it works in our network". I suggested to send the whole chain, but their answer was like "no RFC forces anyone to send the whole chain, so it must work that way".
RFC 2246, section 7.4.2 says: certificate_list This is a sequence (chain) of X.509v3 certificates. The sender's certificate must come first in the list. Each following certificate must directly certify the one preceding it. Because certificate validation requires that root keys be distributed independently, the self-signed certificate which specifies the root certificate authority may optionally be omitted from the chain, under the assumption that the remote end must already possess it in order to validate it in any case. This intent of this paragraph seems plain. Send the server cert, followed by all intermediate certs, followed optionally by the root CA cert. Unfortunately, 2246 does not make use of RFC 2119 language to indicate this is mandatory in the usual way, and this text remains unchanged in 4346 (TLS 1.1); however it was updated in 5246 (TLS 1.2), and the wording is far clearer. In short, my reading of the TLS RFCs suggests that sending the server and all intermediate certs is mandatory. Clearly the OpenSSL authors agree. But "the customer is always right" ;o)