• Vincent Pelletier's avatar
    all: Make caucased https certificate independent from CAS. · 17325dc0
    Vincent Pelletier authored
    This is a step in the direction of being browser-friendly: if caucased
    https certificate is issued by CAS CA, then for a browser to trust that
    certificate it would have to trust all certificates emitted by CAS CA
    certificate. This would be very dangerous, as CAS CA does not constrain
    the certificates it may sign, so it exposes users of that caucased to
    rogue certificates.
    Alone, this step is insufficient, as the new internal "http_cas" does not
    constrain certificates yet. This will happen in a separate commit, to
    ease review and regression testing.
    As a consequence of this step, by default client will not check server
    certificate in https. This is consistent with how trust is bootstrapped
    with plain http: maybe client is accessing an unexpected/malicious
    caucased, but in such case issued certificates will be worthless to a
    party which could access the correct caucased. Also, the client
    certificate presented to caucased does not allow that caucased to fake
    being that user, so there is no privilege escalation possible for
    server.
    17325dc0
client.py 10.5 KB