Confirm
300
edits
Changes
no edit summary
# We can use OpenSSL's certificate verification routine. Apparently it is buggy as well.
# We can start over from scratch and write another entirely new verification library. This would set us back a year.
# Finally, we can use the new verification library known as "mozilla::pkix" (formerly known as "insanity::pkix").
=== insanitymozilla::pkix Design ===As a library, insanitymozilla::pkix uses the notion of a "trust domain" provided by the application to build a trusted chain from an end-entity certificate to a root. The trust domain is responsible for saying what trust level a certificate has, finding potential issuers of a certificate, and checking the revocation for a certificate. A certificate can be a trust anchor, it can inherit its trust, or it can be actively distrusted. Given an end-entity certificate and a trust domain, the library will perform issuer-independent checks on that certificate (e.g. expiration, appropriate key usages), get a list of potential issuers, and perform a depth-first traversal. If it encounters a distrusted certificate, it abandons searching that path. If it finds a trust anchor, it returns that successful path (here is where we will add a callback to the trust domain interface that checks the otherwise good chain for application-specific features, such as the presence of a specific key).
Unlike the NSS libraries, insanitymozilla::pkix is written in C++. As a result, we can use scoped data types that automatically clean up after themselves rather than having to manually manage memory. This reduces memory-safety bugs as well as error-handling bugs.
=== Progress ===
We have been working on this project for a long time. Last year, progress was slower than everyone would have liked. However, starting in late January, development picked up considerably to the point where we had landed a working implementation (albeit with no OCSP checking) within a month. Since then, we have landed OCSP checking and test improvements, and we are about to land the OCSP cache.
The library code is here: https://mxr.mozilla.org/mozilla-central/source/security/insanity/ and the trust domain is here: https://mxr.mozilla.org/mozilla-central/source/security/certverifier/
=== Tests ===
=== The Plan ===
Some work remains on insanitymozilla::pkix. We have broken this work into two parts: prerequisites for it to be enabled by default on Nightly, and prerequisites for it to be enabled by default on Beta and then Release. There is not enough bake time left on Nightly 30, so Nightly 31 will be the first version with this on by default.
To turn insanitymozilla::pkix on in Nightly, we need to:
# Add low-level OCSP unit tests: {{Bug|916629}} (:briansmith, :st3fan)
These items should be done by the end of next week.
To turn insanitymozilla::pkix on in Beta/Release, we need to:
# Add backoff for OCSP requests when the responder fails: {{bug|977865}} (:keeler) [this may take a week or two]
* Keeler/Camilo continue landing prefing on in Nightly and Aurora only, not in release/Beta
* Richard/Doug/Ekr work on collaboration with Google's openssl efforts to see if there's anything to do in the immediate term
* Doug to talk to Bob Relyea about reviewing insanitymozilla::pkix
* Richard or Ekr evaluate openssl certificate verification path
* Ekr to reach out to rsleevi to start collaboration
|----
|true
| insanitymozilla::pkix| insanitymozilla::pkix
|----
|}
