On 24.01.2011 19:36, Marsh Ray wrote:
The correct solution would be to fix the certificate on the server.
No, actually, that would be a security bug. XMPP (better known as "Jabber", "Google Talk" etc.) uses DNS SRV lookups to find the hostname of a server. For the user, the connection just goes to "foo.com". We make a DNS SRV lookup of _xmpp-client._tcp.foo.com, and find "5 0 5222 jabber.bar.com", so we connect to jabber.bar.com:5222. Yet, the SSL cert of the server is for "foo.bar", because that's what the user originally wanted to connect to. This is how SSL is intended to be used, and how XMPP works, and how all the servers are set up.
Otherwise, I would have the DNS SRV lookup as insecure step in between, and the SSL would be violated.
In fact, I have to *prevent* PSM from letting the socket hostname pass the check. A cert for jabber.bar.com is *not* valid and could be an attack. It *must* be for "foo.com".
Here are some incorrect solutions, which may ... be ... [impractical]
Indeed, none of them is really practical. I need to *set* the hostname that's being checked by PSM, for this connection.
Remember, as I said initially, that the idea of SSL is that the cert is for the service that the user intended to go to, not where you end up technically via possibly insecure lookups.
Ben -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
