Page MenuHomeFreeBSD

System trust configuration and local root keygen
AbandonedPublic

Authored by eric_metricspace.net on Aug 3 2018, 1:54 AM.
Tags
None
Referenced Files
F80224978: D16576.id46224.diff
Fri, Mar 29, 9:32 AM
Unknown Object (File)
Nov 7 2023, 7:49 AM
Unknown Object (File)
Nov 6 2023, 7:00 AM
Unknown Object (File)
Oct 6 2023, 6:42 AM
Unknown Object (File)
Oct 5 2023, 5:51 AM
Unknown Object (File)
Sep 2 2023, 8:16 AM
Unknown Object (File)
Aug 26 2023, 10:03 PM
Unknown Object (File)
Aug 6 2023, 7:41 AM

Details

Reviewers
None
Group Reviewers
manpages
Summary

This is a part of the work on trust.

This adds a man page describing the system trust configuration, entries to the mtree files and hier(7) man page, and an rc script for generating local root keys.

This is not intended to be integrated anytime soon.

Test Plan

This has been tested out.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

An alternative I'm considering: have a seldom-used master key named something like "machine", "master", "root", etc. which is the local trust root key. Have "local" be an intermediate keypair, signed by this master key. The master key acts only as a key-signing certificate; it cannot sign code or issue general signatures. The local key can issue more general signatures.

Then have signelf default to the local key, rather than the master key.

Trying to limit myself to reviewing as manpages and not getting into the design itself...

share/man/man7/trust-config.7
38

This is interpreted as "5)" being the macro argument. For parallelism, I'd suggest:

.Po see
.Xr signed-elf 5 Pc

39

Start new sentences on a new line, please.

43

TERMINOLOGY is not a standard section name (see mdoc(7)); perhaps a subsection is more appropriate, with a list for the individual terms?

69

intermediates are never leaf certs, right? Do you want to say that?

77

What are "assets"?

89

I'd suggest using a Bl variant that allows item heads and skipping the colons.

175

With the same file name, or DN/SAN? If the former, that's kind of an awkward requirement to impose.

185

I don't think Qq is very common -- I see a lot more Dq.

226

DEFAULT is also not a standard section name.

I've checked the mdoc syntax. It is going to be fine after the changes suggested by @bjk.

Cheers!

share/man/man7/trust-config.7
141

You may consider using Qq Pa for .pem (or Dq instead of Qq as suggested by @bjk).

142

You may consider using Qq Pa for .pem (or Dq instead of Qq as suggested by @bjk).

146

You may consider using Qq Pa for .pem (or Dq instead of Qq as suggested by @bjk).

185

Yeah, Dq is much more popular. In fact, you rarely see Qq and Sq in the wild: the only manpage I can remember to use those a lot is sh(1).

Sq seems to be used primarily to quote single characters.

If I were to rewrite most of manpages I'd go for Qq instead of Dq but it won't happen any time soon. 😄

Note: I want to let this sit for a while, and I'd prefer to commit this along with other components of the trust framework.

eric_metricspace.net edited the test plan for this revision. (Show Details)

Added machine vs. local keys, fixed errors in the scripts, added checking for key expiry, fixed some other issues.

Fixed signing of local cert, and added default DN generation

Can you bump the .Dd at the beginning of share/man/man7/hier.7 for this content change? Thanks!