Bug 23931 - Added some more TLS/SSL conditions (revoked, insecure, limit exceeded)
Summary: Added some more TLS/SSL conditions (revoked, insecure, limit exceeded)
Status: RESOLVED FIXED
Alias: None
Product: Telepathy
Classification: Unclassified
Component: tp-spec (show other bugs)
Version: unspecified
Hardware: All All
: low enhancement
Assignee: Telepathy bugs list
QA Contact: Telepathy bugs list
URL: http://git.collabora.co.uk/?p=user/vi...
Whiteboard:
Keywords: patch
Depends on:
Blocks:
 
Reported: 2009-09-14 08:36 UTC by Vivek Dasmohapatra
Modified: 2010-08-09 11:00 UTC (History)
0 users

See Also:
i915 platform:
i915 features:


Attachments

Description Vivek Dasmohapatra 2009-09-14 08:36:23 UTC
There are three more specific TLS/SSL errors that were covered by the 
generic "other errors" case before:

* revoked (certificate in CRL or cancelled via OCSP or other mechanism)
* insecure (broken algorithm (eg MD2) or otherwise cryptographically weak)
* limit exceeded (certificate parameters large enough to indicate DOS attempt, or
  TLS/SSL implementation does not support sufficiently large parameter range)
Comment 1 Guillaume Desmottes 2009-09-14 09:33:13 UTC
I opened bug #23933 about the future use of these errors in Gabble.
Comment 2 Simon McVittie 2009-09-15 04:01:51 UTC
Typo: "peer rovided", and in future please try not to mingle two logically distinct changes (editorial changes to LimitExceeded, and addition of Revoked and Insecure) into one commit.

I'm not convinced we really need enum members for these (Revoked could be a subtype of Expired without much of a stretch, and LimitExceeded and Insecure could be a subtype of OtherError).
Comment 3 Simon McVittie 2009-09-21 03:16:34 UTC
(Please reinstate the patch keyword when this is ready for review again.)
Comment 4 Simon McVittie 2009-11-04 07:05:31 UTC
Ping? Vivek, what's the status of these?
Comment 5 Vivek Dasmohapatra 2009-11-09 06:04:58 UTC
Revoked is _very_ distinct from expired: it means that someone with the 
authority to do so has quite deliberately taken active steps to make sure 
the cert i sno longer considered valid: I think it would be very bad to 
conflate expired and revoked: For one thing, we ourselves treat revoked
as invalid even when in lenient mode, whereas we allow expired certs.

Similarly limit exceeded indicates that we have crossed a line which the
user or packager has chosen as a probable DOS attack, and insecure means 
the same people have decided a cert/crypto is not sufficiently secure, so
we shouldn't really bury these inside the generic error.

Typo fixed.
Comment 6 Simon McVittie 2009-11-10 12:24:31 UTC
(In reply to comment #5)
> Revoked is _very_ distinct from expired: it means that someone with the 
> authority to do so has quite deliberately taken active steps to make sure 
> the cert i sno longer considered valid: I think it would be very bad to 
> conflate expired and revoked: For one thing, we ourselves treat revoked
> as invalid even when in lenient mode, whereas we allow expired certs.

Would you prefer that Telepathy clients that don't understand the specific error in the ConnectionError signal treat Revoked like None_Specified ("unspecified error"), or like Expired? This determines whether it needs its own enum member or not.

> Similarly limit exceeded indicates that we have crossed a line which the
> user or packager has chosen as a probable DOS attack, and insecure means 
> the same people have decided a cert/crypto is not sufficiently secure, so
> we shouldn't really bury these inside the generic error.

Similarly, would you prefer Limit_Exceeded and Insecure to be treated like None_Specified, or like Cert_Other_Error, by clients that don't understand the specific reason given in the ConnectionError signal? If the former is OK, they can have their own enum members.
Comment 7 Cosimo Cecchi 2010-07-31 06:45:46 UTC
This has now been fixed together with bug 29018.


Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.