- From: Yngve N. Pettersen (Developer Opera Software ASA) <yngve@opera.com>
- Date: Fri, 09 Feb 2007 01:13:27 +0100
- To: "public-wsc-wg@w3.org" <public-wsc-wg@w3.org>
Certificate errors and warnings displayed by Opera.
Opera displays a number of warnings (which the user may continue past)
about certificate problems, as well as errors (which the user may not
override)
Warnings:
- Mismatch between servername (from URL) and the hostname(s) listed in
the certificate.
- Unknown certificate authority (without root in the chain)
- Unknown root certificate (user may install the root)
- Expired (or not yet valid) certificates
In addition Opera displays a warning with a certificate when the server
has selected weak encryption methods, protocols or short public keys (less
than 900 bits RSA/DSA/DH)
In all these cases, if the user choose to continue past the warning, the
security level of the site is reduced to 1 (weak)
If more than one warning is necessary the most severe is identified by the
dialog, and the rest are listed in a list in the dialog.
These problems can be resolved for the rest of the session, but unless
they can be solved by installing certificates in the database (or on the
server) the warning will be display next time Opera has been reset.
The user can also specify a preference for a certificate in the root store
that makes Opera warn whenever a certificate is part of a certificate's
chain. This is the default whenever a certificate is installed by
downloading (but not when installing from a unknown root dialog).
Errors:
Primarily various certificate validation errors
- unknown algorithms
- unable to decode data in the certificate
These are usually identfied as "Invalid, or non-verifiable certificate."
(TLS code 40, Bad Certificate)
A separate case exists when the signature of the certificate cannot be
verified, it has an invalid purposeflags, or similar problems, this is
specifically indicated by the error message
"The signatures of this certificate could not be verified. While this can
be caused by the issuer using the wrong method to sign the certificate, it
can also be caused by attempts to modify or fake the certificate."
We've seen a couple of cases where "homebrewed" certificates have
triggered this error because the site's certificate looks like a
selfsigned certificate (subject and issuer is the same, no Authorty key
identifier), but the certificate is actually signed by the key of another
certificate with the same name as used in the site certificate.
The actual full chain looks like this
Site certificate {subject, subject, PK1, Sig(PK2, hash(certdata1))}
Signer certificate {subject, subject, PK2, Sig(PK2, hash(certdata2))}
In this case Opera consider the site certificate selfsigned (because no
Authority KeyIdentifier is specified) and cannot verify the certificate
because the site's certificate did not sign the certificate (itself) for
the site. AFAIK other browsers consider the certificate to have an unknown
signer in such cases, and ask the user about the unknown authority.
There is also a fatal error about Revoked certificates, and unknown
certificate verification errors are reported as Transmission Error (TLS
code 49, illegal parameter) because they will usually involve unknown
parameters andvalues in the certificate.
The user can also, in addition to the certificate warning preference
mentioned above, specify that all access to sites using a specific
certificate in the root store is forbidden. This will be indicated by a
error specifying the certificate is valid but access is forbidden.
--
Sincerely,
Yngve N. Pettersen
********************************************************************
Senior Developer Email: yngve@opera.com
Opera Software ASA http://www.opera.com/
Phone: +47 24 16 42 60 Fax: +47 24 16 40 01
********************************************************************
Received on Friday, 9 February 2007 00:13:45 UTC