SSL/TLS certificate verification

[ioerror]

It appears that as an example, Pidgin will complain when connecting to jabber.ccc.de or jabber.calyxinstitute.org - their respective .onion is not a proper SAN for either service.

Is this a reasonable thing to do? Should we assume that the name that matters is the name included in the user ID and that the .onion doesn't matter at all?

How are we feeling about SSL/TLS cert verification in xmpp-client generally? What improvements might be useful?

[agl]

When connecting for foo@example.com, the name that must be matched is "example.com" as that's the only string entered by the user. The DNS SRV records might direct to some other server name, but DNS isn't secure so we can't depend on that.

I believe that xmpp-client gets it right in this case. The certificate match is always done against the domain part of the user id and the server only matters for transport. (Pidgin does it differently and generates a constant series of certificate warnings :( )

For .onion addresses, of course, the certificate verification is fairly superfluous. Otherwise, I think the verification is ok. There's no revocation checking, which could be implemented, although that doesn't gain you much when considering the spread of attack scenarios.

[csoghoian]

I'm now getting a cert error when connecting to the CCC jabber server (but not with riseup):

"Failed to connect to XMPP server: x509: certificate signed by unknown authority"

[schulze]

I would guess that this is because the CCC (and the CCC jabber server) are using CACert certificates and you don't have their root certificates: http://web.jabber.ccc.de/?page_id=44

Another "solution" is to add the line

"ServerCertificateSHA256": "630FF62F262E2ED3524E031F391B7296FD099ECA1064768874C449526F94A541"

to your .xmpp-client configuration file to sidestep verifivation using the CACert certificates.

[agl]

Chris: perhaps because Debian is pulling CACert from its root set? https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718434#129 Perhaps you got an updated package.

[agl]

I don't think that there's any action pending on this bug. Golang verifies against the system certificate set and, if that doesn't include CACert, then there will be an error for servers that use CACert, as expected.

If this is affecting people and CACert is a real problem then I could be persuaded to skip TLS verification when connecting to a .onion, or else to hack CACert into xmpp-client. But, for the moment, the level of user pain is unclear.