#cryptostorm IRC cert needs an update

Pattern_Juggled · Post by **Pattern_Juggled** » Fri Mar 18, 2016 9:28 am

Ohai, it has come to our attention that the current ssl certificate for our IRC chatroom has outlived its expiry date.

Specifically, here's the PEM-encoded version of the current cert:

Code: Select all

That encoding expands, more or less (depending on the parser used, and so on, because x.509 is endlessly entertaining), to this:

Certificate:
Data:
Version: 3 (0x2)
Serial Number:
c4:21:3a:92:fc:d7:46:2f:e7:f6:69:a3:cb:56:2c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
Validity
Not Before: Jan 20 00:00:00 2015 GMT
Not After : Jan 20 23:59:59 2016 GMT
Subject: OU=Domain Control Validated, OU=PositiveSSL, CN=www.cryptostorm.is
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c4:2f:7c:14:447d:a1:6f:0d:5b:c3:d2:62:
25:99:c8:96:d7:aa:87:72:b3:da:ef:86:4b:82:46:
41:91:b7:bf:ca:fe:56:88:20:da:b1:e5:52:be:92:
82:e9:fa:2a:96:db:64:8e:76:f7:a3:61:82:fd:b6:
97:23:b7:80:d9:67:66:86:17:fc:74:92:62:9f:c3:
d8:ae:eb:5f:95:08:9c:75:59:84:46:56:10:06:c4:
2c:79:90:77:9b:90:36:54:bc:83:48:8e:6d:0c:20:
ff78:bf:fb:e9:bb:06:f0:e5:26:b9:94:34:60:
17:49:f0:2b:dc:e9:bd:8e:54:49:06:53:df:73:15:
67:64:4e:6e:b1:12:94:df:4b:d7:5e:7e:ce:ce:54:
12:eb:3f:4f:0f:51:a1:84:ae:3d:ca:51:3e:dc:be:
94:f9:c2:a5:e8:d3:fb:f6:4b:d0:ae:c7:9f:56:a5:
74:5b:e6:35:b8:55:89:a7:46:a2:7c:9d:7d:be:62:
ff:38:f9:03:f2:e8:00:23:ba:62:19:55:37:d6:e6:
f4:51:a4:57:b7:2e:c2:9e:7f:1c:8f:75:e7:a5:ad:
68:c5:e7:ae:47:a7:f4:59:02:46:ea:e7:80:2e:2a:
46:f2:68:f0:22:f0:d6:21:34:49:a4:ad:13:9f:54:
7f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
keyid:90:AF:6A:3A:94:5A:0B:D8:90:EA:12:56:73:DF:43:B4:3A:28:DA:E7

X509v3 Subject Key Identifier:
64:73:02:27:B3:B7:37:5E:84:90:01:F5:36:F5:A0:4D:1A:5D:A3:55
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.2.7
CPS: https://secure.comodo.com/CPS
Policy: 2.23.140.1.2.1

X509v3 CRL Distribution Points:

Full Name:
URI:http://crl.comodoca.com/COMODORSADomain ... rverCA.crl

Authority Information Access:
CA Issuers - URI:http://crt.comodoca.com/COMODORSADomain ... rverCA.crt
OCSP - URI:http://ocsp.comodoca.com

X509v3 Subject Alternative Name:
DNS:www.cryptostorm.is, DNS:cryptostorm.is
Signature Algorithm: sha256WithRSAEncryption
16:3e:ed:2b:ba:8d:5f:7f:d6:85:7e:45:fa:d8:c1:15:56:c8:
cd:c3:b7:46:b9:3b:94:0c:17:51:aa:78:9f:d7:6a:07:c3:2b:
0a:49:47:83:94:2a:0000:12:92:da:3f:34:f7:3b:62:59:
fb:0a:2f:e3:c0:23:14:69:2b:84:66:09:f8:80:8d:f4:91:29:
63:4a:06:fa:cc:fa:f6:f3:a8:a0:c0:fa:1d:34:94:17:29:99:
99:5a:bd:7f:fd:22:02:66:b0:8a:ee:58:bf:cf:d4:a6:92:97:
47:9b:85:7d:e3:8d:86:f0:f2:a3:0a:13:34:64:08:7a:08:64:
ae:76:3a:1f:4c:9b:32:54:ee:dd:37:16:0f:6e:f4:28:bc:26:
08:9c:bc:e0:ca:ee:34:13:c2:b8:bc:21:d4:82:a2:b0:4d:1e:
19:94:e3:18:f0:a8:a7:a5:c2a5:0c:a5:7a:d3:81:41:51:
97:73:66:9d:94:4d:b0:80:d3:7f:a3:7a:37:db:f5:d3:4a:94:
05:20:10:56:2b:5c:7f:d4:33:36:42:c2:0a:c8:9f:35:e2:49:
c6:90:53:19:f8:24:6a:49:a4:8e:e5:b5:f2:40:f3:6d:49:a8:
db:7a:e0:02:a8:41:ee:77:84:3c:ae:a0:77:4a:09:d4:97:78:
1b:56:1a:d1

The juicy bits (in current context) are:

Validity
Not Before: Jan 20 00:00:00 2015 GMT
Not After : Jan 20 23:59:59 2016 GMT

Whoops. So, we'll get a new cert spun up. Likely it'll be conventional... though I'd love to make a keychain'd one since it's something folks will want to do manual verification of (more of than when certs are used in, say, web browsing sessions for example). Perhaps we'll do the conventional one asap, then loop back and get a fully keychained replacement ready as time allows.

Apologies for the oversight - certs are derpy enough, we don't need to add to that with stale derpy certs!

Cheers.

ps: yah, it'd be fun to make one of df's patented pem-tastic magic certs (like the katstorm.party one... but perhaps not the top priority for the team, in business terms.

Khariz · Post by **Khariz** » Fri Mar 18, 2016 8:46 pm

FYI:

AirVPN kindly pointed out that the cert at: https://resellers.cryptostorm.ch is expired/broken as well.

Pattern_Juggled · Post by **Pattern_Juggled** » Sat Mar 19, 2016 2:24 pm

Khariz wrote:AirVPN kindly pointed out that the cert at: https://resellers.cryptostorm.ch is expired/broken as well.

Without calling into question the profound - one might even go so far as to say, moving - kindness to be found in such an unstintingly selfless gesture, it does kind of leave one - even a kind one, such as I - with a nagging sense that possibly... just possibly, mind you, such a statement kind of hints at a lack of understanding of how certs actually work.

Kinda.

You see, the cryptostorm.ch cert throws those Scary Browser Warnings for subdomains of the underlying domain - cryptostorm.ch, such as resellers.cryptostorm.ch. Is that because subdomains are inherently a source of profound cryptographic instability and thus should be flagged nine ways 'till Sunday in hopes that any prospective visitors will with utmost alacrity run away, run away fast!

Err, actually no.

The only reason that specific subdomain - indeed, any of the subdomains some idiot has (against all sound advice) littered throughout this forum (that idiot is I) - throws that warning is because we're too cheap to buy the much-more-expensive "wildcard" cert from whatever CA is peddling cheap crypto credentials in the nearest virtual street-corner of late. Wildcard certs cover {whateverdubdomainyouwanttouse}.yourdomain.{coolTLD}, so resellers.cryptostorm.ch would show up as perfectly safe with a wildcard cert.

With our bare-assed, cheapo cert we can only use cryptostorm.ch (and any subdirectories we want, which have nothing to do with DNS or cert stuff whatsoever; see below for relevance). And usually one can sneak in some protocol-ish prefixes in a non-wildcard cert, such as www.cryptostorm.ch, by listing them in the "Subject Alternative Name" section of the certificate (which is part of the wild, wild west that is the "extensions" part of the x.509 protocol, and not to put too fine a point on it, but ahoy... here be vulns!)... but not always, depending on the phase of the moon and whether the CA in question is really busy issuing rogue root certificates to national intelligence agencies and pretending they were "stolen" by lone-cub teenage skiddies - in which case you might be able to sneak in the full & lustily uncensored text of Janes Joyce's Finnegan's Wake (good stuff, btw), as a SAN entry, with not a moment's protest from the super-busy CA in question.

But you can't just stick subdomains in the SAN field, because that would lower CA rent-seeking oligopolistic profits. And also something something security - which is total nonsense, but obligatory to make it look like this isn't all just some ginned-up confidence game making a bunch of rich white guys noticeably richer without doing a damned thing to actually improve anyone's security. Well, it might improve their security since they can afford to buy whole armies of private mercenaries to fend off the starving masses of cryptographically desperate 99.9%ers. So there!

Err, I think things got away from me just a wee bit; apologies, sore subject - obviously.

(Incidentally, clever folks have engineered certificate party tricks like embedding entire mp4 video files in the extensions fields of "legitimate" certificates. Also: embedding whole certificates in the extensions field... all but requiring the standard "turtles all the way down" recursive reference. Insert memepic here.

...basically as long as you can beg, borrow, or steal an OID from someone then you can blob into your cert's extensions fields whatever digital tomfoolery you can with a straight face claim is contained within the set of stuff defined by your OID... which oh by the way can be recursive, as well. Ouch.)

Right, anyway the point was supposed to be that wildcard certs cost, more or less, ten times as much as boring-assed standard certs (which nowadays you can get for free if you want; if memory serves, we paid about three-fiddy for the cert used here on this forum - not joking; that's the price. Certs are lol).

So, order of magnitude, a wildcard cert would cost about a hundred bucks. And, yes, for years we've (ok, pretty much just me cock-blocking this one, tbh) refused to pony up that hundred bucks and make the bogus Scary Browser Warnings go away forever (or at least until the bloody cert expires, and one must pay all over again) - choosing instead to burn lots of hours replying to understandably-nervous folks who visit the forum here and think (understandably) "wtf, these folks say they're all 'crypto 1337' and their ssl cert is fantastically broken; very n00b indeed." Not so! In the event, not proved to be so merely by the scary warnings associated with sobdomains of this particular discussion forum. Technically.

But it's not just because we are (read: I am) annoyingly stubborn and lack the grace to admit when I was stupid and that we just should have spend the damned hundred bucks and been done with it. Well ok, mostly it's that. Alot of it, anyway.

But wait... there's more! You see - and indeed, you do see if you've waded through this post all the way to this almost-ending part without giving up - the existence of these totally cryptographically bogus warnings provides me with the cherished opportunity to natter on about certificates, and x.509, and SAN fields, and OIDs, and such gibberish. Which, when you dig into it all, is both really important to actual security as people experience it on the actual internet... and is also totally fascinating and strange and a source of never-ending surprise and disgust and pure helpless rage. Not so often things like confidence and insight and deeper understanding... because all that was intentionally excised from the original x.509 RFPs back in the stone ages - and any new outbreaks of such healthy disorders in this particular dark corner of applied cryptography are ruthlessly and joylessly crushed to nonexistence. And fast.

Also: nowadays we just use subdirectory mappings - cryptostorm.ch/resellers - instead of subdomains - resellers.cryptostorm.ch (which, sure enough, if you click it, will throw a browser warning) - I think df even has some sort of script that hangs out somewhere and tries to make sure that the former are auto-mapped to the latter, in case some idiot (me) forgot to do so manually. Which happens. Too bad I didn't listen to him years ago, right?

Almost finally, we're pretty sure there's a clever way to use the convoluted syntax of the land of .htaccess to do on-the-fly redirects of subdomain URIs directly onto logically aligned subdirectories (or even specific, individual posts as specified by full URLs)... without giving browsers the time to realise what's going on and spurt out that ransomware-style "pay someone more munnies for no real benefit and you'll be so much safer - lol" message that makes this whole thing so demeaning and soul-deadening. Maybe someone smart in such fuckery will read this and grace us with her tl;dr solution to the problem - in which case, bless you, kind lady! - but speaking personally I read through some full-bore htaccess fuckery guides back whenever this whole thing started becoming A Thing of Concern... and those are days I will never, ever get back. And that is not a process I'm willing to repeat. Nope. Done with that, thanks. You can have your scary subdomain browser warnings - I'm not going back to that unhappy place, not without serious physical coercion being threatened. And even then, prolly not tbh.

So it's all because I'm a dork... bot, right? Looks that way.

No! It's not my fault - it's all sad now because x.509 sucks dinosaur balls (do such things even exist - or did they exist back when there were living, extant, dinosaur-y critters from which they could enticingly hang?) and also Certification Authorities are a disgusting, money-grubbing, security-destroying racket. Because Comodo. That is all: because Comodo.

Sigh.

Also it's fun to talk about this stuff... but, as likely every reader punished by wading through this post has already long since realised - don't get me started! Really, you don't want to; I can go on, and on... and bloody on when it comes to cert sadness. Just ask my colleague Graze. Or anyone who has ever met me, basically. Yah, it's that bad.

Funny aside: someday, someone is going to be so psychologically damaged by hearing me say this same thing for the 1 x 10(xxx) time, that she'll probably decide to fork out the hundred bucks for the wildcard cert and thereby finally make it stahp!

Which: fair enough. Except I might not install it, because stubborn.

j/k

(maybe)

Cheers.

Pattern_Juggled · Post by **Pattern_Juggled** » Sat Mar 19, 2016 3:23 pm

Also: I still want to KeyChain-cert this.

Badly.

It Shall Be Done. (but prolly not today, alas)

Cheers!

Khariz · Post by **Khariz** » Sat Mar 19, 2016 9:00 pm

Haha, I missed you, PJ. That post was hilarious to read. I now Know twice as much as I used to know about certs and realize that I know nothing about them at all.

Pattern_Juggled · Post by **Pattern_Juggled** » Sun Mar 20, 2016 7:57 am

Khariz wrote:I now know twice as much as I used to know about certs and realize that I know nothing about them at all.

I've been messing with x.509 certs as something more than merely sideline - as more of an admittedly unhealthy obsession - for a few years now... and your statement ("I now know twice as much as I used to know about certs and realize that I know nothing about them at all") actually works just as well for me as it does for you.

Much wisdom contained therein, there is

Cheers.

cryptostorm's community forum

#cryptostorm IRC cert needs an update

#cryptostorm IRC cert needs an update

Re: #cryptostorm IRC cert needs an update

Re: wildcards, x.509, and the death of cool (or whatever)

Re: Keychain All The Certz

Re: #cryptostorm IRC cert needs an update

Re: #cryptostorm IRC cert needs an update