Corey QuinnDec 28, 2022
It’s a complete failure of infosec-meets-user-psychology that “this TLS certificate is issued for your bank and the server is sneaky hackerman dot com” and “this otherwise valid certificate expired a day ago” have the EXACT SAME USER EXPERIENCE.
Show threadVissDec 28, 2022

@Quinnypig i still think its kinda silly that browsers lose their shit over self-signed certs for rfc1918 addresses.

as if all the people who work on browsers have never bought a nas, or a router, or anything else thats an embedded device that lives on the lan which will likely never ever see a cert update.

Show threadDaniel Martin

@Viss @Quinnypig

On a related point: it is *absolutely shameful* that I can't set up a CA locally for devices on my own rfc1918 network (using a .home DNS name) and have https "just work" without having each client trust a CA key that then can MITM *any* https content.

Why can't I say "trust this cert only to sign stuff in 192.168.*.* or with a *.myhomenet.home DNS name"?

Dec 29, 2022 at 1:05amWeb
Show threadDaniel MartinDec 29, 2022

@Viss @Quinnypig

My options for local-net https seem to be:
1) don't, http/plaintext only
2) errors that have to be ignored on every client every time
3) install a local CA cert on each client, making them fundamentally insecure and making me able to MitM any SSL traffic (as my phone will remind me every time I look at the settings page: "A certificate authority is installed on this device. Your secure network traffic may be monitored or modified.")

Show threadVissDec 29, 2022
@fizbin @Quinnypig agreed
Show threadNico̲lasDec 29, 2022
@fizbin You'll be happy to learn that you can say "trust this CA cert to sign only this stuff in subnet and domain". The term for these is certificate name constraints.
Show threadDaniel MartinDec 29, 2022
@nsd ooh, interesting. Yes, this does seem to be the sort of thing I've been wanting. I can't find any examples online that discuss limiting a cert to certain IP prefixes, but maybe I can work this out from diving into the documentation or trial and error.
Show threadNico̲lasDec 29, 2022
@fizbin https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.10 and search for "iPAddress" (spelled like that). IPv4 Subnets are encoded with 8 bytes, first the network address and then the mask. But tools often accept IP/mask notation.
RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile

Show threadFrost「|霜の狼|人面獣心」🐺❄️Dec 29, 2022

@fizbin @Viss @Quinnypig I think there's actually a restriction you can add these days to do that.

Not sure how widely supported it is though.

Also as always, OpenSSL is a fuck and it's really hard to do anything right with it.