On Sat, Feb 10, 2018 at 8:11 AM, Kevin Chadwick <m8il1ists_at_gmail.com> wrote:
> On Sat, 10 Feb 2018 07:50:22 -0600
>> I did not discuss the OpenSSL 1.1 API in my proposal. I do not care
>> about it.
>> I care about date comparisons that don't involve trusting anything
>> that overflows a time_t as being in the future and then naively trying
>> to prove it somehow.
> What are you telling Alpine for, you should be telling them
> conclusions and using evidence to back it up, not opinion. LibreSSL devs
> appear to disagree about much of your justification! Have you even
> asked them in the first place or yet? Perhaps you are doing it wrong?,
> perhaps they have missed a Linux development?
For the n-th time, there is nothing to discuss, LibreSSL removed SAFE
date calculation code and replaced it with code that is only SAFE
under a specific precondition: 64-bit time_t. Then they made it
blindly accept ANY certificate that overflows the time_t if it's
smaller than 64-bit, which is COMPLETELY UNSAFE AND ARGUABLY A
SECURITY PROBLEM BECAUSE IT MEANS A CERT THAT EXPIRES BEFORE 1970 IS
NOW POTENTIALLY VALID. Don't believe me? Generate a certificate that
computes as 0xfffffff time_t on 32-bit and you win. Really, you do!
If they care about portability, they should revert this change.
ps: I'm only replying to this because it arrived before I added you to
my killfile. Expect no further replies from me.
Received on Sat Feb 10 2018 - 08:31:26 GMT