On 01/08/2013 05:30 PM, Robert Moskowitz wrote: > I know that I would have to take this to bugzilla if my reading was > correct. And on further review, I am holding more that way. So I will > put in the bug report even without being a paying customer. Just my cred > on working on PKIX back a decade ago and being the architect of the > Bridge CA model for the US Federal and BioPharma PKIs... "cred" is frequently unrecognized by developers, so my advice would be to skip that part. Stick to a description of the problem as you see it, and what solutions are available. For example: --- When mod_ssl is installed (and possibly other openssl packages) it creates a new certificate for localhost using the following command: /usr/bin/openssl req -new -key /etc/pki/tls/private/localhost.key \ -x509 -days 365 -set_serial $RANDOM \ -out /etc/pki/tls/certs/localhost.crt In the distributed openssl configuration, this will create an x509 cert which uses the extensions included in the v3_ca section of the openssl.cfg file. If any user connects to a service using such an automatically generated certificate, and accepts installation of the self-signed certificate (the default acceptance option in Firefox), it will be stored in their trusted CA list, as its constraints specify CA:True. This creates unnecessary risk. Anyone with access to such a certificate can later sign a certificate for any hostname, and users who have accepted the self-signed cert will see no warnings. If the command is modified to specify the v3_req extensions rather than the default, the resulting certificate will be equally usable, without creating undue risk for users who accept the certificate. /usr/bin/openssl req -new -key /etc/pki/tls/private/localhost.key \ -x509 -days 365 -set_serial $RANDOM \ -extensions v3_req \ -out /etc/pki/tls/certs/localhost.crt ---- However, I have no idea how seriously anyone will take the issue unless there's a broad base of users who request such a change. The situation can be made slightly better by this change, but making it doesn't make self-signed certificates less common. As long as self-signed certificates are common, users will get into the habit of permanently accepting untrusted certs. If they do that, and the cert specifies that it is a CA, then they've installed a new CA. These certs are just a small part of a much larger and more serious design problem with SSL. User agents (especially Firefox) don't really make clear that a new cert is a CA, rather than a certificate with more limited purpose. Users can't really be expected to learn the difference, either. I really hope that the whole trust chain aspect of SSL is thrown away someday soon, replaced by some better model. Convergence.io is one I really like.