Bug 23931

Summary: Added some more TLS/SSL conditions (revoked, insecure, limit exceeded)
Product: Telepathy Reporter: Vivek Dasmohapatra <vivek>
Component: tp-specAssignee: Telepathy bugs list <telepathy-bugs>
Status: RESOLVED FIXED QA Contact: Telepathy bugs list <telepathy-bugs>
Severity: enhancement    
Priority: low Keywords: patch
Version: unspecified   
Hardware: All   
OS: All   
URL: http://git.collabora.co.uk/?p=user/vivek/telepathy-spec;a=shortlog;h=refs/heads/extra-ssl-errors
Whiteboard:
i915 platform: i915 features:

Description Vivek Dasmohapatra 2009-09-14 08:36:23 UTC 
There are three more specific TLS/SSL errors that were covered by the 
generic "other errors" case before:

* revoked (certificate in CRL or cancelled via OCSP or other mechanism)
* insecure (broken algorithm (eg MD2) or otherwise cryptographically weak)
* limit exceeded (certificate parameters large enough to indicate DOS attempt, or
  TLS/SSL implementation does not support sufficiently large parameter range)
Comment 1 Guillaume Desmottes 2009-09-14 09:33:13 UTC 
I opened bug #23933 about the future use of these errors in Gabble.
Comment 2 Simon McVittie 2009-09-15 04:01:51 UTC 
Typo: "peer rovided", and in future please try not to mingle two logically distinct changes (editorial changes to LimitExceeded, and addition of Revoked and Insecure) into one commit.

I'm not convinced we really need enum members for these (Revoked could be a subtype of Expired without much of a stretch, and LimitExceeded and Insecure could be a subtype of OtherError).
Comment 3 Simon McVittie 2009-09-21 03:16:34 UTC 
(Please reinstate the patch keyword when this is ready for review again.)
Comment 4 Simon McVittie 2009-11-04 07:05:31 UTC 
Ping? Vivek, what's the status of these?
Comment 5 Vivek Dasmohapatra 2009-11-09 06:04:58 UTC 
Revoked is _very_ distinct from expired: it means that someone with the 
authority to do so has quite deliberately taken active steps to make sure 
the cert i sno longer considered valid: I think it would be very bad to 
conflate expired and revoked: For one thing, we ourselves treat revoked
as invalid even when in lenient mode, whereas we allow expired certs.

Similarly limit exceeded indicates that we have crossed a line which the
user or packager has chosen as a probable DOS attack, and insecure means 
the same people have decided a cert/crypto is not sufficiently secure, so
we shouldn't really bury these inside the generic error.

Typo fixed.
Comment 6 Simon McVittie 2009-11-10 12:24:31 UTC 
(In reply to comment #5)
> Revoked is _very_ distinct from expired: it means that someone with the 
> authority to do so has quite deliberately taken active steps to make sure 
> the cert i sno longer considered valid: I think it would be very bad to 
> conflate expired and revoked: For one thing, we ourselves treat revoked
> as invalid even when in lenient mode, whereas we allow expired certs.

Would you prefer that Telepathy clients that don't understand the specific error in the ConnectionError signal treat Revoked like None_Specified ("unspecified error"), or like Expired? This determines whether it needs its own enum member or not.

> Similarly limit exceeded indicates that we have crossed a line which the
> user or packager has chosen as a probable DOS attack, and insecure means 
> the same people have decided a cert/crypto is not sufficiently secure, so
> we shouldn't really bury these inside the generic error.

Similarly, would you prefer Limit_Exceeded and Insecure to be treated like None_Specified, or like Cert_Other_Error, by clients that don't understand the specific reason given in the ConnectionError signal? If the former is OK, they can have their own enum members.
Comment 7 Cosimo Cecchi 2010-07-31 06:45:46 UTC 
This has now been fixed together with bug 29018.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.