Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8313236

Add separate system properties for TLS server and client for maximum chain length

XMLWordPrintable

    • behavioral
    • low
    • Hide
      This updates the default max length on the wire for client certificate chains from 10 to 8. Note that, by default, the max path length when building paths is 5 non-self-issued intermediate certificates. Therefore, a fixed chain (where every certificate in the chain is needed to validate it) of length 10 or even 8 will not be accepted today.

      The longer max length on the wire allows for cases where a client or server may send additional certificates that may be needed to help build a path (of length 5) from those certificates, which are then validated. The new max length of 8 still allows for a few additional certificates to be sent in such cases.

      If there were a case where the default of 8 somehow broke a client, and the client may not control the behavior of the server, changing the property on the server to a longer length is not an option. In that case, the only recourse for the client would be to change the length of its chain.
      Show
      This updates the default max length on the wire for client certificate chains from 10 to 8. Note that, by default, the max path length when building paths is 5 non-self-issued intermediate certificates. Therefore, a fixed chain (where every certificate in the chain is needed to validate it) of length 10 or even 8 will not be accepted today. The longer max length on the wire allows for cases where a client or server may send additional certificates that may be needed to help build a path (of length 5) from those certificates, which are then validated. The new max length of 8 still allows for a few additional certificates to be sent in such cases. If there were a case where the default of 8 somehow broke a client, and the client may not control the behavior of the server, changing the property on the server to a longer length is not an option. In that case, the only recourse for the client would be to change the length of its chain.
    • System or security property

      Summary

      Provide new system properties, namely jdk.tls.server.maxInboundCertificateChainLength and jdk.tls.client.maxInboundCertificateChainLength, to limit the certificate chain length for TLS servers and clients during TLS handshaking.

      Problem

      The existing jdk.tls.maxCertificateChainLength system property configures the maximum allowed certificate chain length without distinguishing between chains originating from servers or clients. However, there may be situations in which a service may want to impose different limits on the certificate chain length for clients that connect to it and servers that it connects to.

      Solution

      The solution introduces two new system properties: jdk.tls.server.maxInboundCertificateChainLength and jdk.tls.client.maxInboundCertificateChainLength.

      As a service can function as both a TLS server and client, it is useful to have separate system properties to control the maximum certificate chain length accepted from the client or server.

      • When the service acts as a client, it enforces a maximum certificate chain length accepted from servers, as set in the jdk.tls.client.maxInboundCertificateChainLength property. Its default is 10.
      • When the service acts as a server, it enforces a maximum certificate chain length accepted from clients, as set in the jdk.tls.server.maxInboundCertificateChainLength property. Its default is 8.
      • If the jdk.tls.server.maxInboundCertificateChainLength or jdk.tls.client.maxInboundCertificateChainLength property is set to a negative value, it will keep its original default.

      If the jdk.tls.server.maxInboundCertificateChainLength system property is set and its value is greater than or equal to 0, this value will be used to enforce the maximum length of a client certificate chain accepted by a server. Otherwise, if the jdk.tls.maxCertificateChainLength system property is set and its value is greater than or equal to 0, this value will be used to enforce it; or the jdk.tls.maxCertificateChainLength system property is not set, the default value of 8 will be used for enforcement.

      If the jdk.tls.client.maxInboundCertificateChainLength system property is set and its value is greater than or equal to 0, this value will be used to enforce the maximum length of a server certificate chain accepted by a client. Otherwise, if the jdk.tls.maxCertificateChainLength system property is set and its value is greater than or equal to 0, this value will be used to enforce it; or the jdk.tls.maxCertificateChainLength system property is not set, the default value of 10 will be used for enforcement.

      The existing jdk.tls.maxCertificateChainLength system property is changed from its original default value of 10 to 8 for client certificate chains.

      Enforcement of the certificate chain length is performed in the TLS Handshaking Protocol for the server and client certificate messages. When the certificate chain length exceeds the maximum allowed length, an SSLProtocolException is thrown.

      Specification

      There are no API changes. Two new system properties, jdk.tls.server.maxInboundCertificateChainLength and jdk.tls.client.maxInboundCertificateChainLength, are introduced as described in the "Solution" section.

      Document new system properties in a release note (JDK-8313242) and in the security guides (JDK-8313243).

      Changes to Security Guide:

      In Customizing JSSE section: Add two new system properties to Table 8-3 System Properties and Customized Items

      Property

      • System Property: jdk.tls.client.maxInboundCertificateChainLength
      • Customized Item: Maximum certificate chain length accepted from servers
      • Default: 10
      • Note: None

      Property

      • System Property: jdk.tls.server.maxInboundCertificateChainLength
      • Customized Item: Maximum certificate chain length accepted from clients
      • Default: 8
      • Note: None

            hchao Haimay Chao
            mullan Sean Mullan
            Jamil Nimeh, Sean Mullan
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: