我们正在决定是否应将"localhost"(以及类似于"127.0.0.1"的地址)添加为证书中的主题替代名称之一。一个好处可能是促进本地测试。但是会有什么缺点吗?
在主题替代名称中添加localhost是个好主意(还是坏主意)?
这取决于您所遵循的标准和您的安全态势。
第一件事(用于下面的讨论)。必须定义完全限定域名(FQDN)。这个定义取自W.Richard Steven的TCP/IP图解第一卷:协议(第189页):
以句点结尾的域名称为绝对域名或完全限定域名
这意味着我们可以通过添加句点将localhost更改为完全限定域名:
localhost.
这里有一个小实验:
$ hostname
debian-q500
$ hostname --fqdn
debian-q500
$ dnsdomainname
$
$ ping debian-q500.
ping: unknown host debian-q500.
$ ping debian-q500.local
PING debian-q500.local (172.16.1.26) 56(84) bytes of data.
64 bytes from debian-q500.home.pvt (172.16.1.26): icmp_req=1 ttl=64 time=0.040 ms
64 bytes from debian-q500.home.pvt (172.16.1.26): icmp_req=2 ttl=64 time=0.035 ms
...
$ ping localhost.
PING localhost (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost (127.0.0.1): icmp_req=1 ttl=64 time=0.033 ms
64 bytes from localhost (127.0.0.1): icmp_req=2 ttl=64 time=0.037 ms
...
$ ping localhost.local
ping: unknown host localhost.local
$ ping localhost.localdomain
ping: unknown host localhost.localdomain
接下来是标准。其中最受欢迎的是CA广告浏览器发布的指南。CA的广告浏览器在CA/B论坛上发布其操作指南。他们感兴趣的两个指南是:
- 可信证书颁发和管理的基线要求
- 延期验证证书的颁发和管理指南
还有另一种流行的方法,但它通常会推迟证书中列出的主机中的CA/B指南。该标准是IETF的RFC 5280:
- Internet X.509公钥基础结构证书和证书吊销列表(CRL)配置文件
RFC 5280将调用其他项目,如如何验证证书链以及如何在subjectAltName中列出电子邮件地址。
基线指南
基线指南对名称有这样的描述:
9.2.1 Subject Alternative Name Extension
Certificate Field: extensions:subjectAltName
Required/Optional: Required
Contents: This extension MUST contain at least one entry. Each
entry MUST be either a dNSName containing the Fully-Qualified
Domain Name or an iPAddress containing the IP address of a
server. The CA MUST confirm that the Applicant controls the
Fully-Qualified Domain Name or IP address or has been granted
the right to use it by the Domain Name Registrant or IP address
assignee, as appropriate.
Wildcard FQDNs are permitted.
...
和
9.2.2 Subject Common Name Field
Certificate Field: subject:commonName (OID 2.5.4.3)
Required/Optional: Deprecated (Discouraged, but not prohibited)
Contents: If present, this field MUST contain a single IP address or
Fully-Qualified Domain Name that is one of the values contained in
the Certificate’s subjectAltName extension (see Section 9.2.1).
最后,
11.1.3 Wildcard Domain Validation
Before issuing a certificate with a wildcard character (*) in a
CN or subjectAltName of type DNS-ID, the CA MUST establish and
follow a documented procedure† that determines if the wildcard
character occurs in the first label position to the left of a
“registry-controlled” label or “public suffix” (e.g. “*.com”,
“*.co.uk”, see RFC 6454 Section 8.2 for further explanation).
If a wildcard would fall within the label immediately to the left
of a registry-controlled† or public suffix, CAs MUST refuse
issuance unless the applicant proves its rightful control of the
entire Domain Namespace. (e.g. CAs MUST NOT issue “*.co.uk” or
“*.local”, but MAY issue “*.example.com” to Example Co.).
所以localhost只要是一个完全限定的域名就可以了。事实上,指南中甚至没有提到localhost。
扩展验证
9.2.2 Subject Alternative Name Extension
Certificate field: subjectAltName:dNSName
Required/Optional: Required
Contents: This extension MUST contain one or more host Domain
Name(s) owned or controlled by the Subject and to be associated
with the Subject’s server. Such server MAY be owned and operated
by the Subject or another entity (e.g., a hosting service).
Wildcard certificates are not allowed for EV Certificates.
9.2.3 Subject Common Name Field
Certificate field: subject:commonName (OID: 2.5.4.3)
Required/Optional: Deprecated (Discouraged, but not prohibited)
Contents: If present, this field MUST contain a single Domain
Name(s) owned or controlled by the Subject and to be associated
with the Subject’s server. Such server MAY be owned and operated
by the Subject or another entity (e.g., a hosting service).
Wildcard certificates are not allowed for EV Certificates.
所以localhost只要是一个完全限定的域名就可以了。事实上,指南中甚至没有提到localhost。
Microsoft鼓励KB315588中的做法:如何使用客户端证书保护ASP.NET应用程序:
- 在Your Site的Common Name页面上,键入localhost,然后单击Next
littleblackbox是用于嵌入式设备的专用SSL/TLS和SSH密钥的数据库。它在bin/中附带了一个SQlite3数据库。
证书采用PEM格式(即-----BEGIN CERTIFICATE-----和好友)。您可以使用转储所有证书
$ sqlite3 lbb.db
SQLite version 3.8.3 2013-12-17 16:32:56
Enter ".help" for instructions
Enter SQL statements terminated with a ";"
sqlite> .mode line
sqlite> .out certificates.txt
sqlite> SELECT certificate FROM certificates;
sqlite> .q
接下来,从文件中删除certificate =:
$ sed -e "s|certificate = ||g" certificates.txt > temp.txt
$ mv temp.txt certificates.txt
现在使用nawk和openssl对每个证书进行解码:
nawk '
v{v=v"n"$0}
/----BEGIN/ {v=$0}
/----END/&&v{
print v > "tmp.cert"
close("tmp.cert")
system("openssl x509 -in tmp.cert -inform PEM -text -noout")
v=x}' certificates.txt
如果我们知道他们,坏人肯定知道他们。
最后,它的安全态势。上面说了这么多,这就是为什么这是个坏主意。这就是安全态势的由来。摘自彼得·古特曼的《工程安全》(第45页):
In practice CAs seem to issue certificates under more or less any
name to pretty much anybody, ranging from small-scale issues like
users buying certificates for the wonderfully open-ended mail [237]
through to the six thousand sites that commercial CAs like Comodo,
Cybertrust, Digicert, Entrust, Equifax, GlobalSign, GoDaddy,
Microsoft, Starfield and Verisign have certified for localhost,
with no apparent limit on how many times a CA will issue a
certificate for the same name [238].
这里的问题是,"是我的本地主机,还是你的本地主机"。因此,与其说这是为你的localhost颁发证书和信任的问题,不如说这是一个无意中信任外国localhost的问题。
一旦您的软件(如浏览器)信任颁发给localhost的证书,游戏就结束了。