Return-Path: 
 <dev-return-66941-apmail-httpd-dev-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-dev-archive@www.apache.org
Received: (qmail 40196 invoked from network); 16 Nov 2009 14:52:03 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 16 Nov 2009 14:52:03 -0000
Received: (qmail 38679 invoked by uid 500); 16 Nov 2009 14:52:02 -0000
Delivered-To: apmail-httpd-dev-archive@httpd.apache.org
Received: (qmail 38592 invoked by uid 500); 16 Nov 2009 14:52:02 -0000
Mailing-List: contact dev-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: dev@httpd.apache.org
list-help: <mailto:dev-help@httpd.apache.org>
list-unsubscribe: <mailto:dev-unsubscribe@httpd.apache.org>
List-Post: <mailto:dev@httpd.apache.org>
List-Id: <dev.httpd.apache.org>
Delivered-To: mailing list dev@httpd.apache.org
Received: (qmail 38582 invoked by uid 99); 16 Nov 2009 14:52:02 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 16 Nov 2009 14:52:01 +0000
X-ASF-Spam-Status: No, hits=-4.0 required=10.0
	tests=RCVD_IN_DNSWL_MED,SPF_HELO_PASS,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of jorton@redhat.com designates
 209.132.183.28 as permitted sender)
Received: from [209.132.183.28] (HELO mx1.redhat.com) (209.132.183.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 16 Nov 2009 14:51:50 +0000
Received: from int-mx05.intmail.prod.int.phx2.redhat.com
 (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.18])
	by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id nAGEpTdR009882
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK);
	Mon, 16 Nov 2009 09:51:29 -0500
Received: from turnip.manyfish.co.uk (vpn-10-232.rdu.redhat.com
 [10.11.10.232])
	by int-mx05.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id
 nAGEpRIU027088
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Mon, 16 Nov 2009 09:51:29 -0500
Received: from jorton by turnip.manyfish.co.uk with local (Exim 4.69)
	(envelope-from <jorton@redhat.com>)
	id 1NA2vO-0003lq-BE; Mon, 16 Nov 2009 14:51:26 +0000
Date: Mon, 16 Nov 2009 14:51:26 +0000
From: Joe Orton <jorton@redhat.com>
To: Dirk-Willem van Gulik <dirkx@webweaving.org>
Cc: "Andrews, Rick" <RAndrews@verisign.com>, dev@httpd.apache.org
Subject: Re: Server Gated Certs (Was: TLS renegotiation attack, mod_ssl and
	OpenSSL)
Message-ID: <20091116145126.GA13951@redhat.com>
Mail-Followup-To: Dirk-Willem van Gulik <dirkx@webweaving.org>,
	"Andrews, Rick" <RAndrews@verisign.com>, dev@httpd.apache.org
References: <4AF37E14.4090606@webweaving.org>
 <0D028BDBFBA58441BD8E9746914806420131C44B@MOU1WNEXMB14.vcorp.ad.vrsn.com>
 <4AF3834F.4010805@webweaving.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <4AF3834F.4010805@webweaving.org>
User-Agent: Mutt/1.5.19 (2009-01-05)
Organization: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor,
 Berkshire, SL4 1TE, United Kingdom.
  Registered in UK and Wales under Company Registration No. 03798903
  Directors: Michael Cunningham (USA), Brendan Lane (Ireland),
 Matt Parson (USA), Charlie Peters (USA)
X-Scanned-By: MIMEDefang 2.67 on 10.5.11.18
X-Virus-Checked: Checked by ClamAV on apache.org

On Fri, Nov 06, 2009 at 02:00:47AM +0000, Dirk-Willem van Gulik wrote:
> What we really need is 1) a pub/priv key pair of such a cert* (or use  
> attached CSR) of some random domain (ideally expired and with a totally  
> bogus CN valye so we can post the private key publicly) and 2) obviously  
> a browser which support this (but that we can handle).

Rick got me an SGC-enabled test cert (thanks a lot!) - I've installed it 
on box which can be accessed e.g. here:

  https://dougal.manyfish.co.uk/cgi-bin/printenv

with SSLCipherSuite tweaked to enable EXPORT ciphers; it now reads:

  SSLCipherSuite ALL:!ADH:EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW

The box is running the RHEL 2.2.3 with the CVE-2009-3555 patch applied, 
so should reject any client-initiated renegotiations.  Note that the 
cert has expired already (intentionally), but is otherwise valid.

I've been trying to find a real browser to do SGC against this but have 
failed - help welcome here!  I've tried old releases of Netscape 4.0x 
but they predate the Verisign root from which the cert was issued, so, 
prerequisite "enable SGC" trust bit in the root CA bundle isn't there.

It seems like the best bet to get a working SGC-enabled browser might be 
Windows 2K or similar vintage with an old "export" (non-US) version of 
MSIE (4/5?).  Can anybody dig out such a best and try loading the above 
page?  

You'd need to verify it was an export version by loading some other SSL 
site and checking the cipher used, and/or verifying that SGC works 
against one of the sites mentioned ealier:

>    https://www.chase.com
>    https://www.wellsfargo.com

Regards, Joe