TLS: auto-complete certificate chains

[danielhochman]

Add AIA capabilities to Envoy so we can resolve and verify incomplete certificate chains. It looks like BoringSSL has support already.

[mattklein123]

cc @PiotrSikora

[PiotrSikora]

@danielhochman What exactly do you mean? Do you want to display this information in /certs? Do you want to prevent Envoy from starting with incomplete chain? Do you want Envoy to auto-complete chain?

[danielhochman]

sorry, auto-complete chain from intermediate

[PiotrSikora]

I don't like this feature:

1. Envoy doesn't know which CAs are trusted by the peer, so it has to auto-complete as much as it can, i.e. it cannot stop building the chain at the intermediate CA, it needs to include everything all the way to the root CAs, which means at least extra 1-2KB of certificate data in each full TLS handshake.
2. It would require configuration of "CAs to be used for auto-complete", presumably for each TLS context block.
3. Auto-completing certificate chains is actually deprecated in BoringSSL, see: https://bugs.chromium.org/p/boringssl/issues/detail?id=42.

If you really want to auto-complete certificate chains, then it should be done at the LDS/CDS level and complete chains should be pushed to Envoys from there, otherwise it won't scale.

Also, could you rename this issue to "TLS: auto-complete certificate chains", so that it can be found later? Thanks.

cc @davidben for sanity check.

[mattklein123]

@PiotrSikora I already renamed it. :) (Also, I added a new "TLS" label for your implementation pleasure).

[PiotrSikora]

@mattklein123 it stills shows "TLS: add authority information access capability".

[mattklein123]

Oh sorry. Fixed.

[PiotrSikora]

@danielhochman Can this be closed as answered / won't fix?

[mattklein123]

Yeah I think we don't need this. I will close.