←back to thread

Just want simple TLS for your .internal network?

(github.com)
246 points nh2 | 1 comments | 18 Oct 24 06:10 UTC | HN request time: 0s | source
Show context
nh2 ◴[18 Oct 24 06:10 UTC] No.41876742[source]
I did some research, write-up and scripting about the state of X.509 Name Constraints, so that people you give your CA cert to don't need to trust you not to MitM them on other domains.

Packaged into a convenient one-liner to create a wildcard cert under for the new .internal TLD.

Please scrutinize!

I use this to provide e.g. at home:

    https://octoprint.myhome.internal
    https://paperless.myhome.internal
to provide transport encryption of these services in the local WiFi.

Friends and family can add the CA root to their devices without having to worry about me MitM'ing their other connections.

replies(2): >>41912265 #>>41912340 #
vbezhenar ◴[22 Oct 24 08:35 UTC] No.41912340[source]
Is it possible to constrain existing CA?

For example my government uses non-standard CA and some websites rely on it. But importing CA obviously makes them able to issue google.com and MITM me if they want to. And they already tried, so trust is broken.

I imagine something like generating separate name-constrained certificate, sign existing CA with this name-constrained certificate (I think it's called cross-sign or something like that) and import things into OS, expecting that browser will use name-constraints of the "Root-Root" certificate. Could it work?

replies(3): >>41912417 #>>41914954 #>>41915094 #
poincaredisk ◴[22 Oct 24 15:12 UTC] No.41915094[source]
Yes, I do it in my work to restrict my company CA to company servers [1]. You generate your own CA, and cross sign other cert with any constraint you want. It works great, but requires some setup, and of course now you have your own personal CA to worry about.

[1] Yes, company is ok with it, most of my team does it, and this makes everyone more secure. Win-win.

replies(1): >>41916430 #
1. dfox ◴[22 Oct 24 17:17 UTC] No.41916430[source]
I assume that the mentioned “some setup” involve not only distributing the new root CA, but also somehow prepopulating the old cross-signed certificate, as the services know nothing about that and thus will not send it in their cert chain. Or am I overlooking something?