Re: [certid] Fwd: secdir review of draft-saintandre-tls-server-id-check-09

Matt McCutchen <matt@mattmccutchen.net> Thu, 16 September 2010 03:04 UTC

DomainKey-Signature: a=rsa-sha1; c=nofws; d=mattmccutchen.net; h=subject:from :to:cc:in-reply-to:references:content-type:date:message-id :mime-version:content-transfer-encoding; q=dns; s= mattmccutchen.net; b=dqsUYfvWF7I0mynN7vRcJkDELAYIMqU4h/dFHNyNu91 cRn9BayREOKjklDyYNg0sMeweCVdeKkliwxXhoEp19Lg9PCrRNwAp1uwY//+6SxO sO6auYFU1qWNMcjEK7aKckh1fCONNkN/IYeWPdjbzE8rNmXA7R0zoCNpmHloQJt8 =
From: Matt McCutchen <matt@mattmccutchen.net>
To: Martin Rex <mrex@sap.com>
In-Reply-To: <201009160108.o8G18Sdm028897@fs4113.wdf.sap.corp>
References: <201009160108.o8G18Sdm028897@fs4113.wdf.sap.corp>
Content-Type: text/plain; charset="UTF-8"
Date: Wed, 15 Sep 2010 23:04:43 -0400
Message-ID: <1284606283.5722.21.camel@mattlaptop2.local>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Cc: certid@ietf.org
Subject: Re: [certid] Fwd: secdir review of draft-saintandre-tls-server-id-check-09
Precedence: list

On Thu, 2010-09-16 at 03:08 +0200, Martin Rex wrote:
> What confuses me is that 4.6.1 + 4.6.2 + 4.6.3 would allow a server,
> which originally offered an inadequate server certificate which the
> user manually confirmed, to unconditionally and silently bypass
> the users manual confirmation with appropriately looking server cert
> from any arbitrary trust anchor.  This doesn't seem right.

I disagree.  The user's confirmation was to accept the certificate, not
to use it exclusively.  I have taken advantage of this behavior on
https://mattmccutchen.net .

> The option of memorizing a server certificate for future reconnects
> would significantly improve the security.  Once a client caches
> a server cert that is manually confirmed by the user, this could
> protect a user on future reconnects to the same server from
> an attacker that succeeds subverting a trusted CA.  Even from
> full compromise of all CAs by that attacker.  

The certificate exception mechanism serves the limited purpose of making
it possible for users to connect to servers with unverifiable
certificates, without which they would be unable to get work done in
some cases.  It looks like you're trying to replace the public-CA trust
model, which is a much more ambitious goal, and it's not clear that your
suggested change to the exception mechanism is anything near an
appropriate or comprehensive solution.  Let's have that discussion
elsewhere and let the server-id-check draft proceed with its original
scope.

-- 
Matt

[certid] Fwd: secdir review of draft-saintandre-t… Peter Saint-Andre
Re: [certid] Fwd: secdir review of draft-saintand… Henry B. Hotz
Re: [certid] Fwd: secdir review of Martin Rex
Re: [certid] Fwd: secdir review of draft-saintand… Matt McCutchen
Re: [certid] Fwd: secdir review of draft-saintand… Matt McCutchen
Re: [certid] Fwd: secdir review of Martin Rex
Re: [certid] Fwd: secdir review of draft-saintand… Matt McCutchen
Re: [certid] Fwd: secdir review of draft-saintand… Phillip Hallam-Baker
Re: [certid] Fwd: secdir review of Martin Rex
Re: [certid] Fwd: secdir review of Henry B. Hotz
Re: [certid] Fwd: secdir review of Martin Rex
Re: [certid] Fwd: secdir review of Martin Rex
[certid] DNSSEC-based name canonicalization Matt McCutchen
[certid] Wildcards for serving untrusted web cont… Matt McCutchen
Re: [certid] DNSSEC-based name canonicalization Martin Rex
Re: [certid] DNSSEC-based name canonicalization Peter Gutmann
Re: [certid] secdir review of draft-saintandre-tl… Peter Saint-Andre
Re: [certid] Fwd: secdir review of draft-saintand… Peter Saint-Andre
Re: [certid] [secdir] secdir review of draft-sain… Peter Saint-Andre
Re: [certid] secdir review of draft-saintandre-tl… Barry Leiba
Re: [certid] Fwd: secdir review of draft-saintand… Barry Leiba
Re: [certid] secdir review of draft-saintandre-tl… Peter Saint-Andre
Re: [certid] [secdir] secdir review of draft-sain… Peter Saint-Andre
Re: [certid] [secdir] secdir review of draft-sain… Jeffrey Hutzelman
Re: [certid] [secdir] secdir review of draft-sain… Jeffrey Hutzelman
Re: [certid] [secdir] secdir review of draft-sain… Peter Saint-Andre
Re: [certid] [secdir] secdir review of draft-sain… ArkanoiD
Re: [certid] [TLS] [secdir] secdir review of draf… Marsh Ray
Re: [certid] [TLS] [secdir] secdir review of draf… Jeffrey A. Williams
Re: [certid] [TLS] [secdir] secdir review of draf… Marsh Ray
Re: [certid] [TLS] [secdir] secdir Martin Rex
Re: [certid] [TLS] [secdir] secdir review of draf… Richard L. Barnes
Re: [certid] [TLS] [secdir] secdir review of draf… Marsh Ray
[certid] Bad certificate handling Matt McCutchen
Re: [certid] [TLS] [secdir] secdir review of Martin Rex
Re: [certid] [TLS] [secdir] secdir review of Robert Relyea
Re: [certid] [TLS] [secdir] secdir review of draf… =JeffH
Re: [certid] [TLS] [secdir] secdir review of Nicolas Williams
Re: [certid] DNSSEC-based name canonicalization Peter Saint-Andre