Most active commenters
  • londons_explore(3)
  • Tuna-Fish(3)

←back to thread

Linux and Secure Boot certificate expiration

(lwn.net)
253 points pabs3 | 19 comments | 18 Jul 25 03:53 UTC | HN request time: 0.371s | source | bottom
1. londons_explore ◴[19 Jul 25 15:14 UTC] No.44616185[source]
Things that might not get updates shouldn't use the current date/time when checking certificates. Instead, they should see if the certificate would have been valid on the day the firmware was compiled (ie. behaviour will never change through the passage of time alone).
replies(2): >>44616291 #>>44616303 #
2. AnotherGoodName ◴[19 Jul 25 15:24 UTC] No.44616291[source]
Expired certificates should also at worst be a skippable warning. No one’s relying on certificates expiring for security. If you did you might have to wait many years for the expiration of a stolen certificate - lol!

It’s absolutely a minor “hey btw the certificate expired, check for an update” yet various systems treat certificate expiration as an end of the world lock it down scenario.

replies(2): >>44616578 #>>44620929 #
3. amluto ◴[19 Jul 25 15:26 UTC] No.44616303[source]
That seems to almost completely defeat the purpose of expiration. One could do a bit better by requiring the signed object to be timestamped by some sort of secure timestamping service. But then one should seriously consider the threat model that Secure Boot with default certificates is intended to defend against.
replies(3): >>44616417 #>>44616458 #>>44618501 #
4. AnotherGoodName ◴[19 Jul 25 15:38 UTC] No.44616417[source]
There is no purpose to the expiration in this particular case. If you have an expiry of say 24hours and constantly update that makes some sense - stolen certs get a very short time window.

If however you have an expiry of multiple years you clearly have no reason to have an expiry date at all. You can't possibly justify a security benefit, imagine reassuring people with "the stolen certificate is only valid for a few years!"

As in it was clearly a mistake to have an expiry date at all for this use case and the multi-year expiry date should have been a smell that tipped people off and made them ask "why do we have an expiry date at all for this?".

replies(2): >>44616606 #>>44616617 #
5. montroser ◴[19 Jul 25 15:42 UTC] No.44616458[source]
And what is the purpose of expiration in this case?
6. Tuna-Fish ◴[19 Jul 25 15:56 UTC] No.44616578[source]
Oh it's skippable all right. Just pull the cmos battery and wait a few seconds before putting it back in.
replies(2): >>44616658 #>>44618292 #
7. Tuna-Fish ◴[19 Jul 25 15:59 UTC] No.44616606{3}[source]
Even more, the "current date" comes from an external source that anyone with access to get new images on the machine can probably also manipulate. Setting the hardware clock is a normal operation available to the kernel.
8. londons_explore ◴[19 Jul 25 16:01 UTC] No.44616617{3}[source]
If there were no certificate expiry, I could break into your system by finding some bankrupt company last trading in 1980 and stealing their keys to mint my own certificate.

With expiry dates, at least the pool of places you can break into to steal certificate signing keys isn't growing without bound.

replies(2): >>44617342 #>>44617723 #
9. londons_explore ◴[19 Jul 25 16:04 UTC] No.44616658{3}[source]
There's gonna be a bunch of linux users who write a shutdown script to set the date back to 2015 then poweroff... And at startup, reset the date back to today using the internet.

Sounds like a cleaner solution than any of the ones in the article too!

replies(1): >>44616824 #
10. Tuna-Fish ◴[19 Jul 25 16:22 UTC] No.44616824{4}[source]
That's risky, an unclean shutdown would require resetting the clock which is a bother.

It's much more likely that someone will write a driver that adds an offset to the clock, keeping the hw date in a safe range.

replies(1): >>44617117 #
11. homebrewer ◴[19 Jul 25 16:52 UTC] No.44617117{5}[source]
You can simply avoid adjusting the hardware clock. The kernel clock is not tied to it and can be modified separately. chrony can do that, for example.

https://wiki.archlinux.org/title/Chrony#Real-Time_Clock

12. em-bee ◴[19 Jul 25 17:16 UTC] No.44617342{4}[source]
there is a difference between the expiration of signing keys, and the expiration of the signature signed with those keys. the signature for a contract, or a bootloader, should remain valid indefinitely, even if the person/key is no longer allowed to sign contracts/bootloaders after some point of time.
replies(1): >>44617890 #
13. amluto ◴[19 Jul 25 17:55 UTC] No.44617723{4}[source]
You can do almost as well by finding a piece of software with a code execution exploit early in boot that’s signed by the bank.

A different model would be to only allow a given EFI binary to be booted if it was installed before the deadline, but that might well have a different set of complications.

14. josephg ◴[19 Jul 25 18:13 UTC] No.44617890{5}[source]
That sounds impossible to enforce. Key signing is done offline. If I have an expired signing key, what’s stopping me setting my clock back a few years, creating a new signature and signing it?

If the resulting key works indefinitely, the expiration date on my signing key is utterly meaningless.

replies(2): >>44618070 #>>44619251 #
15. withinboredom ◴[19 Jul 25 18:29 UTC] No.44618070{6}[source]
And what stops people from just logging into the bios and changing the date or pulling the clock battery? The point we're all making here is, at least for this application, is that an expiration is pointless.
16. andrewmcwatters ◴[19 Jul 25 18:55 UTC] No.44618292{3}[source]
Infosec engineers hate this one trick!
17. stefan_ ◴[19 Jul 25 19:23 UTC] No.44618501[source]
The day infosec nerds get rid of their unhealthy obsession with expiration and realize that systems irrecoverably breaking on an arbitrary random instant or requiring a true source of time to work are REALLY FUCKING INCOMPATIBLE with the real world, they might actually get something done. Until then, please don't bother the rest of us trying to get work done (and having to cleanup the mess you made - what do you mean you can't just update it?!)
replies(1): >>44620545 #
18. CaliforniaKarl ◴[19 Jul 25 20:50 UTC] No.44619251{6}[source]
Trusted timestamp services. https://en.wikipedia.org/wiki/Trusted_timestamping

Microsoft's Authenticode has been doing this for a long time, allowing a signature to be considered as valid long after the signing certificate expired.

https://learn.microsoft.com/en-us/windows/win32/seccrypto/ti...

19. charcircuit ◴[20 Jul 25 00:53 UTC] No.44620929[source]
>years for the expiration of a stolen certificate

Code signing certificates are trending down in length. Ot recently dropped down from a max of 39 months to about 15 months.