LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-25-2019, 08:59 PM   #1
slac-in-the-box
Member
 
Registered: Mar 2010
Location: oregon
Distribution: slackware64-14.2
Posts: 304

Rep: Reputation: 115Reputation: 115
Question Is josepy a weak link in letsencrypt?


I needed an acme compliant tool for automating DV SSL certificate creation and renewal, and of course came across letsencrypt, as it is the goto free CA in nearly every tutorial out there.

But when it came time to compile it from source code and use it (for slackware64-current), I noticed it has approximately 21 dependencies, of packages that weren't included with slackware, including josepy.

Dehydrated, on the other hand, purports to do the same thing as letsencrypt, however, no additional packages beyond what already came with a full installation of slackware are required.

I wondered why letsencrypt needed all the extra packages to accomplish what dehydrated could do in a zsh script, and just happened to research josepy, and learned that there is a recommendation not to use the JOSE framework, as in this article, No Way, JOSE!

And being lazy, I tried dehydrated before the letsencrypt / certbot tool, and it successfully registered an account and got some certificates signed on a mailserver! Yay! It was relatively painless.

But security is enough over my head, that I never feel secure, even when following best practices.

Dehydrated appears to have to use jose as well:
Code:
root@mail:~# grep jose /usr/bin/dehydrated 
    statuscode="$(curl ${ip_version:-} ${CURL_OPTS} -A "dehydrated/${VERSION} curl/${CURL_VERSION}" -s -w "%{http_code}" -o "${tempcont}" "${2}" -D "${tempheaders}" -H 'Content-Type: application/jose+json' -d "${3}")"
I like privacy, and want to learn more about protecting it. Is using a tool that relies on JOSE a bad practice, as Scott Arciszewski claims?

Are there any other pros or cons to using dehydrated over letsencrypt?

Last edited by slac-in-the-box; 03-25-2019 at 09:21 PM. Reason: grammar
 
Old 03-25-2019, 09:58 PM   #2
Ser Olmy
Senior Member
 
Registered: Jan 2012
Distribution: Slackware
Posts: 2,536

Rep: Reputation: Disabled
Quote:
Originally Posted by slac-in-the-box View Post
Is using a tool that relies on JOSE a bad practice, as Scott Arciszewski claims?
He's highlighting a) several serious problems with the standard itself (the whole thing looks pretty rubbish to be honest), and b) various implementation issues where clueless developers are basically misusing the entire mechanism to do something it wasn't intended for.

When it comes to a), it seems it's entirely possible to create a server-side implementation that is not vulnerable to the attacks he's describing, but such an implementation wouldn't be standards compliant. You actually have to allow for all the vulnerabilities in order to comply strictly with the RFCs, which is crazy. I don't know how the developers of the Let's Encrypt software have handled this issue.

As for b), the linked blog post (IMHO correctly) states that JSON Web Signatures should not under any circumstances be used for session management in web applications. I could be wrong, but I don't think that's an issue affecting Let's Encrypt.

In other words, the use of JOSE might mean that the server-side component of the Let's Encrypt automatic renewal mechanism could be vulnerable to certain cryptographic attacks.

I'd have to look into the actual implementation to see if there are valid reasons for concern, but if there really are issues with Let's Encrypt, it's a bit odd that none of the many security professionals involved with the initiative have commented on it.
 
3 members found this post helpful.
Old 03-27-2019, 08:44 AM   #3
ntubski
Senior Member
 
Registered: Nov 2005
Distribution: Debian, Arch
Posts: 3,429

Rep: Reputation: 1660Reputation: 1660Reputation: 1660Reputation: 1660Reputation: 1660Reputation: 1660Reputation: 1660Reputation: 1660Reputation: 1660Reputation: 1660Reputation: 1660
Quote:
Originally Posted by Ser Olmy View Post
When it comes to a), it seems it's entirely possible to create a server-side implementation that is not vulnerable to the attacks he's describing, but such an implementation wouldn't be standards compliant. You actually have to allow for all the vulnerabilities in order to comply strictly with the RFCs, which is crazy.
It doesn't look that way to me. The problems described are more that it requires a lot of care and attention to detail to implement the standard without introducing vulnerabilities (and humans are pretty much guaranteed to screw this up), e.g.,

Quote:
Encryption leaves a lot of room for potential implementation errors, ...
 
Old 03-27-2019, 03:02 PM   #4
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 11,302
Blog Entries: 8

Rep: Reputation: 2913Reputation: 2913Reputation: 2913Reputation: 2913Reputation: 2913Reputation: 2913Reputation: 2913Reputation: 2913Reputation: 2913Reputation: 2913Reputation: 2913
i smelled it right from the start, there's something wrong with the certbot scripts, maybe even letsencrypt's certificate renewal automation in general - and if there's no way to (safely) automate it, what use is a 90-day certificate...

Last edited by ondoho; 03-28-2019 at 01:09 PM. Reason: added (safely)
 
Old 03-27-2019, 05:27 PM   #5
slac-in-the-box
Member
 
Registered: Mar 2010
Location: oregon
Distribution: slackware64-14.2
Posts: 304

Original Poster
Rep: Reputation: 115Reputation: 115
Quote:
(the whole thing looks pretty rubbish to be honest),
Quote:
i smelled it right from the start
Yes: naming the protocol ACME did not bestow confidence.

Question: does bribing thrid party CAs, like globalsign, digicert, comode, etc., for green locks in the browser bar, so that your certificate can be signed by an authority already on the browsers' list of trusted CAs, leave you susceptible to whatever security flaws your third party CA of choice may have made?

It seems like browser warnings, like, "your are going to an untrusted site, what do you want to do, add exception, or get out of here?" are making it seem like legitimate certificates are something to run from, and forcing e-commerce sites to use 3rd party CAs in order to get their green locks... and these 3rd party CAs, might be using JOSE, or other insecure standards...

It seems like deliberate insecurity.

I believe in the "P" in VPN. How can this be achieved?
 
Old 03-28-2019, 01:25 PM   #6
ondoho
LQ Addict
 
Registered: Dec 2013
Posts: 11,302
Blog Entries: 8

Rep: Reputation: 2913Reputation: 2913Reputation: 2913Reputation: 2913Reputation: 2913Reputation: 2913Reputation: 2913Reputation: 2913Reputation: 2913Reputation: 2913Reputation: 2913
just a few days ago i delved into this again:
http://dt.iki.fi/https
 
1 members found this post helpful.
  


Reply

Tags
certbot, dehydrated, jose, josepy, letsencrypt


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: How Amazon customer service was the weak link that spilled my data LXer Syndicated Linux News 0 01-27-2016 08:41 AM
[SOLVED] Call for testers: SlackBuild Scripts for letsencrypt willysr Slackware 32 01-01-2016 02:08 AM
LXer: LetsEncrypt enters public beta LXer Syndicated Linux News 0 12-08-2015 02:51 AM
LXer: Opera is the weak link on my current OpenBSD 4.4 laptop LXer Syndicated Linux News 0 01-11-2009 07:40 PM
LXer: Printers a weak link in network security LXer Syndicated Linux News 0 08-08-2006 03:54 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:52 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration