Why RFC 5878 matters...

[Ben Laurie <be...@links.org>]

I'm working on Certificate Transparency
(http://www.links.org/files/CertificateAuthorityTransparencyandAuditability.pdf).
TL;DNR: CAs are a mess, and we need to do something about it.

RFC 5878 adds a TLS extension which permits a server to send extra
"authorisation information" along with the certificate chain. This is
a general purpose mechanism which can be used to augment information
in the certificate. In CT we use it to send a proof from the log
server(s) that the certificate is included in the log.

However, the support I have added is not specific to CT, it will allow
you to configure any appropriate data to be sent in the extension.

One of the barriers to CT adoption is that it requires a server
software change. This change removes that barrier from future similar
schemes - and lowers it for CT, since we may yet change our proof
formats or other protocol elements, and in future that will just be a
different file in the configuration.

So, I'd like to urge committers to add their +1 to my patch.

It does 3 things, btw:

1. Add new config directives, SSL{RSA,DSA,EC}AuthzFile, which specify
a file to be sent along with the certificate of corresponding type.

2. Bail out if one of these directives is active and the linked
version of OpenSSL does not support RFC 5878.

3. Allow you to configure a development version of OpenSSL for testing
(not in 2.2, this still has to be manually tweaked).