Page 1 of 1
vlc https/ssl/tls options: 0.9.x? planned?
Posted: 15 Nov 2008 08:29
by orbisvicis
These two features are very important and were present in vlc 0.8:
disable host root authority checks
-important when people prefer creating personal/private x509 infrastructures. Also important for all the many self-signed websites.
disable certificate validation checks
-lots of websites use invalid certificates, including my school. Most often are expired certificates. When certificates expire users would still like to access multimedia on these websites.
More detail at this post
viewtopic.php?f=12&t=51774
Can we expect these options to be eventually re-implemented?
Re: vlc https/ssl/tls options: 0.9.x? planned?
Posted: 24 Nov 2008 22:19
by Rémi Denis-Courmont
The security model of TLS is such that it's basically useless overhead if you don't check certificates. You might as well not use TLS.
Re: vlc https/ssl/tls options: 0.9.x? planned?
Posted: 25 Nov 2008 09:23
by orbisvicis
I wouldnt call it 'useless overhead' because tls will nonetheless encrypt the stream.
Unfortunately clients have no control over external servers equiping invalid/self-signed certificates. A server using tls atm will be inaccessible to vlc.
In order to keep the security model of tls intact, vlc could implement capabilities similar to firefox:
-certificate manager: ability to add self-signed certs per FQDNs. This augments the default selection of root/accepted certificates shipped with the openssl package
-ability to ignore certificate errors (i.e. invalid) per FQDN
Edit: In any case, as of now it would be simpler and faster to re-impliment the missing 0.8.x https/ssl/tls features as a stop-gap measure
Re: vlc https/ssl/tls options: 0.9.x? planned?
Posted: 25 Nov 2008 17:50
by Rémi Denis-Courmont
Yeah, it encrypts the stream. So? The session key is sent by the client to the server using its public key. If you don't check the certificate, you don't know who you're encrypting to. Pointless.
Re: vlc https/ssl/tls options: 0.9.x? planned?
Posted: 25 Nov 2008 19:05
by orbisvicis
Like I said, to keep the security model of an x509 infrastructure intact, implement a security manager similar to the one in firefox.
Then manually associate (certificates you want allowed) to (domain names).
Of course, public keys can be spoofed. Thats why the security manager should only make exceptions for root certificates and not public keys.
In any case, what about the stop-gap measure I mentioned. If a user is willing to negotiated the advanced vlc preferences, then they should be willing to accept the risks.
Re: vlc https/ssl/tls options: 0.9.x? planned?
Posted: 25 Nov 2008 19:37
by Rémi Denis-Courmont
Firefox 3 ensures great pain before users can "violate" x509 security.
VLC does not have proper UI for certificate bypass, let alone a certificate manager. This woule be a huge effort for a very uncommon use case (streaming from HTTP/SSL is not very common anyway).
You can always install custom Root CAs to %vlcuserdatadir%/ssl/certs
Re: vlc https/ssl/tls options: 0.9.x? planned?
Posted: 25 Nov 2008 20:27
by orbisvicis
That's why re-implementing 0.8's https/ssl/tls features would be the easiest and fastest compromise. At the very least vlc should expose the tls interface.
This is good to know:
You can always install custom Root CAs to %vlcuserdatadir%/ssl/certs
But what about invalid certificates?
Re: vlc https/ssl/tls options: 0.9.x? planned?
Posted: 25 Nov 2008 21:45
by Rémi Denis-Courmont
Invalid certificates are invalid are invalid.