Thank you for taking time to test TLS plugin security.
What in your opinion should be improved in snaptel behavior when plugins are loaded?

I believe there's not much that snaptel could do - it may not have the access to root certificates that user intends to use. snapteld instance may be remote to snaptel host, and no check would be possible. Root certificates must be available to framework to validate plugin certificates.

On the other hand the Snap documentation for TLS seems to be clear on the requirements for plugin encryption. There are two documents - both have sections indicating the need for root certificates. Please take a look if anything should be added there - see SECURE_PLUGIN_COMMUNICATION.md and SETUP_TLS_CERTIFICATES.md.

Can you suggest what should be enhanced in plugin loading routines?

@marcintao, I thought that the example you have at this doc can be improved a bit. Should we mention that CA cert is required but not mandatory. If it's not provided, it should be available at the trust store of the OS?

hello @candysmurf & @marcintao - what do you think about improving the error message and also add some additional logs. What I mean is:

a) add a log with CA certificate path

• if no path to CA cert has provided, use the default (and log about it as a INFO).
• if the user provides own path it might be also logged (as INFO or DEBUG)

b) add checking if the path to CA certs is available (if not, return an appropriate error)
c) (optional) add checking if the path to CA certs is no empty (if not, return an appropriate error)

If sth more might be added as next validation points, please write it here.

In my opinion, no functionality changes are needed. Only improving error message should be taken into account in the described case.