Re: [certid] Last Call: draft-saintandre-tls-server-id-check (Representation and Verification of Domain-Based Application Service Identity in Certificates Used with Transport Layer Security) to Proposed Standard
Stefan Winter <stefan.winter@restena.lu> Mon, 02 August 2010 09:39 UTC
Return-Path: <stefan.winter@restena.lu>
X-Original-To: certid@core3.amsl.com
Delivered-To: certid@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id A6E733A695B for <certid@core3.amsl.com>;
Mon, 2 Aug 2010 02:39:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5
tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hXExmzYajClJ for
<certid@core3.amsl.com>; Mon, 2 Aug 2010 02:39:25 -0700 (PDT)
Received: from smtprelay.restena.lu (smtprelay.restena.lu
[IPv6:2001:a18:1::62]) by core3.amsl.com (Postfix) with ESMTP id F0E483A6824
for <certid@ietf.org>; Mon, 2 Aug 2010 02:39:24 -0700 (PDT)
Received: from smtprelay.restena.lu (localhost [127.0.0.1]) by
smtprelay.restena.lu (Postfix) with ESMTP id 6CD1F10584 for <certid@ietf.org>;
Mon, 2 Aug 2010 11:39:50 +0200 (CEST)
Received: from [IPv6:2001:a18:1:8::155] (unknown [IPv6:2001:a18:1:8::155]) by
smtprelay.restena.lu (Postfix) with ESMTPS id 43D2E10582 for
<certid@ietf.org>; Mon, 2 Aug 2010 11:39:50 +0200 (CEST)
Message-ID: <4C569260.7070602@restena.lu>
Date: Mon, 02 Aug 2010 11:39:44 +0200
From: Stefan Winter <stefan.winter@restena.lu>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; de;
rv:1.9.1.11) Gecko/20100714 SUSE/3.0.6 Lightning/1.0b1
Thunderbird/3.0.6
MIME-Version: 1.0
To: certid@ietf.org
References: <20100715230822.5B1583A6B94@core3.amsl.com> <4C49B477.80700@stpeter.im>
<20100730034415.GA28022@isc.upenn.edu> <4C5267FF.2090701@edelweb.fr>
<20100730162031.GA15319@isc.upenn.edu>
In-Reply-To: <20100730162031.GA15319@isc.upenn.edu>
X-Enigmail-Version: 1.0.1
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="------------enigFF0EBD6CEBB6B22346A16ECD"
X-Virus-Scanned: ClamAV
Subject: Re: [certid] Last
Call: draft-saintandre-tls-server-id-check (Representation and Verification
of Domain-Based Application Service Identity in Certificates Used with
Transport Layer Security) to Proposed Standard
X-BeenThere: certid@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Representation and verification of identity in certificates
<certid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/certid>,
<mailto:certid-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/certid>
List-Post: <mailto:certid@ietf.org>
List-Help: <mailto:certid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/certid>,
<mailto:certid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Aug 2010 09:39:29 -0000
Hi, > Well that, and SRVName. There are many other custom types > defined by specific applications but those aren't the focus > of this document. > a closely related question to that. In one of my drafts, SRVNames are used, but not directly. There is a S-NAPTR based algorithm which first tries to find a specific S-NAPTR, and then follows the results from there (typically, via SRVName to hostname to IP addresses). If there is no S-NAPTR, a SRV query is tried. In the latter case, matching between the SRV record in DNS vs. SAN-SRVName can be done, and the server id can be verified. But in the former case, if S-NAPTR in DNS is forged, it is well possible to drive the querying peer to a bogus SRV record, and an attacker can have a (unrelated) certificate for this other SRVName. That was, the querying host can be tricked into initiating a connection to a false peer because it cannot verify that the NAPTR -> SRV step was correct. I've been thinking about a workaround for that. As much as I know, there is no subjectAltName for NAPTR verification. So my only conclusion so far is: using NAPTR can only work securely if requiring DNSSEC; so that the NAPTR can't possibly be forged. I wonder: is there another way of securing server discovery in the presence of a NAPTR -> SRV redirection? And do you consider disususing this issue in your draft? Greetings, Stefan Winter -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg Tel: +352 424409 1 Fax: +352 422473
- [certid] [Fwd: Last Call: draft-saintandre-tls-se… Alexey Melnikov
- Re: [certid] Last Call: draft-saintandre-tls-serv… Peter Saint-Andre
- Re: [certid] Last Call: draft-saintandre-tls-serv… Shumon Huque
- Re: [certid] Last Call: draft-saintandre-tls-serv… Peter Sylvester
- Re: [certid] Last Call: draft-saintandre-tls-serv… Shumon Huque
- Re: [certid] Last Call: draft-saintandre-tls-serv… Blumenthal, Uri - 0668 - MITLL
- Re: [certid] Last Call: draft-saintandre-tls-serv… Shumon Huque
- Re: [certid] Last Call: draft-saintandre-tls-serv… Stefan Winter
- Re: [certid] Last Call: draft-saintandre-tls-serv… Shumon Huque
- Re: [certid] Last Call: draft-saintandre-tls-serv… Stefan Winter
- Re: [certid] Last Call: draft-saintandre-tls-serv… Peter Saint-Andre