[9] RFR 8177569: keytool should not warn if signature algorithm used in cacerts is weak

Sean Mullan sean.mullan at oracle.com
Wed Mar 29 20:36:33 UTC 2017


On 3/29/17 12:13 PM, Xuelei Fan wrote:
> I see the point that a trust anchor should be trusted.  In application
> level, we don't actually check weakness of trust anchor because the user
> has made the decision to trust the cert.  However, in keytool level, I
> think it might be nice to warning weakness in trust anchor too so that
> users can aware of weakness and make a good decision.  Maybe, a user
> don't want to trust a cert again if he knows there are weakness.
>
> What do you think?

I don't think we should be checking if the signature algorithm of trust 
anchors or root certificates is weak. The fingerprint of these root 
certs are manually verified before they are imported into the cacerts 
file. Once installed, the key is directly trusted and the signature on 
the certificate is not checked when used as a trust anchor. SHA-1 and 
even MD5 roots may exist in the cacerts keystore and may still be needed 
to verify certificates still in use or to verify signed code that has 
been previously timestamped.  These would only generate false warnings 
with keytool.

--Sean

>
> Xuelei
>
> On 3/29/2017 1:38 AM, Weijun Wang wrote:
>> Webrev updated at
>>
>>   http://cr.openjdk.java.net/~weijun/8177569/webrev.01
>>
>> Changes since last version:
>>
>> - Trusted cert entries in the current keystore are also trusted. See the
>> new isTrusted() method.
>>
>> - A cert is treated as a root CA cert only if -trustcacerts is specified.
>>
>> - In the current keytool documentation, -trustcacerts is only designed
>> for -importcert, and it should have no effect on other commands.
>> Therefore the internal trustcacerts flag is reset when command is not
>> IMPORTCERT. We might re-consider this in a future release (JDK-8177760).
>>
>> - Several checkWeak() calls are moved before keyStore change so the
>> check is only based on original keystore content. This prevents a new
>> cert treated trusted while it is being -import'ed.
>>
>> - Test modifications.
>>
>> Thanks
>> Max
>>
>> On 03/27/2017 09:43 AM, Weijun Wang wrote:
>>> Please take a review at
>>>
>>>    http://cr.openjdk.java.net/~weijun/8177569/webrev.00/
>>>
>>> Since our implementation of CertPath validation does not check for the
>>> signature algorithm of a root CA, keytool should not warn about its
>>> weakness either.
>>>
>>> Thanks
>>> Max



More information about the security-dev mailing list