IETF Logo Mail Archive

Re: [certid] Review of draft-saintandre-tls-server-id-check

Peter Saint-Andre <stpeter@stpeter.im> Mon, 13 September 2010 16:07 UTC

Return-Path: <stpeter@stpeter.im>
X-Original-To: certid@core3.amsl.com
Delivered-To: certid@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5E7D13A6872; Mon, 13 Sep 2010 09:07:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.578
X-Spam-Level:
X-Spam-Status: No, score=-102.578 tagged_above=-999 required=5 tests=[AWL=0.021, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p9n1YvEsFQa4; Mon, 13 Sep 2010 09:07:47 -0700 (PDT)
Received: from stpeter.im (stpeter.im [207.210.219.233]) by core3.amsl.com (Postfix) with ESMTP id 1E1F53A69F7; Mon, 13 Sep 2010 09:07:47 -0700 (PDT)
Received: from dhcp-64-101-72-245.cisco.com (dhcp-64-101-72-245.cisco.com [64.101.72.245]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id DC111400EE; Mon, 13 Sep 2010 10:12:17 -0600 (MDT)
Message-ID: <4C8E4C6B.3040803@stpeter.im>
Date: Mon, 13 Sep 2010 10:08:11 -0600
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1.12) Gecko/20100824 Thunderbird/3.0.7
MIME-Version: 1.0
To: Shumon Huque <shuque@isc.upenn.edu>
References: <20100908195349.GA4292@isc.upenn.edu> <C8ADC7ED.EBA4%stefan@aaa-sec.com> <20100909182253.GB3460@isc.upenn.edu>
In-Reply-To: <20100909182253.GB3460@isc.upenn.edu>
X-Enigmail-Version: 1.0.1
OpenPGP: url=http://www.saint-andre.com/me/stpeter.asc
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: Bernard Aboba <bernard_aboba@hotmail.com>, Stefan Santesson <stefan@aaa-sec.com>, IETF cert-based identity <certid@ietf.org>, ietf@ietf.org, daedulus@btconnect.com
Subject: Re: [certid] Review of draft-saintandre-tls-server-id-check
X-BeenThere: certid@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Representation and verification of identity in certificates <certid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/certid>, <mailto:certid-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/certid>
List-Post: <mailto:certid@ietf.org>
List-Help: <mailto:certid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/certid>, <mailto:certid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Sep 2010 16:07:48 -0000

On 9/9/10 12:22 PM, Shumon Huque wrote:
> On Wed, Sep 08, 2010 at 11:08:29PM +0200, Stefan Santesson wrote:
>>
>> On 10-09-08 9:53 PM, "Shumon Huque" <shuque@isc.upenn.edu> wrote:
>>> The output of the SRV record lookup contains a target hostname,
>>> not a service name, so it's not applicable to the SRVName name
>>> form. The target could be used in another name form (dNSName)
>>> as the reference identifier, but then the client needs to convince
>>> itself that the lookup was done securely (DNSSEC or some other
>>> means) otherwise there's a security problem.
>>
>> I disagree,
>>
>> A client can use the output from the DNS lookup also from a normal insecure
>> DNS server.
>>
>> The only thing the client need to do is to verify that the domain name
>> provided in the input to the lookup matches the host names provided in the
>> output. It can then safely use the host names in the SRV record as reference
>> identifiers IF the SRV-ID in the server certificate matches the the
>> reference identifier.
> 
> This only works if the certificate matching rules say something 
> like "match the SRVName AND also match the DNS resolved target
> hostname in dNSName". If a client attempts to match _only_ the DNS 
> resolved hostname without DNSSEC, there is a security problem.
> 
> The question is: what should the certificate matching rules say
> when encountering a certificate with multiple identity types?
> Right now the draft approximately says "find a match" (ie. find
> ANY match), rather than match some logically AND'ed combination of 
> identity types.
> 
>   http://tools.ietf.org/html/draft-saintandre-tls-server-id-check-09#section-4

Hi Shumon,

As I see it, this I-D is attempting to capture best current practices
regarding the issuance and checking of certificates containing
application server identities. Do we have evidence that any existing
certification authorities issue certificates containing both an SRVname
for the source domain (e.g., example.com) and dNSName for the target
domain (e.g., apphosting.example.net)? Do we have evidence that any
existing application clients perform such checks? If not, I would
consider such complications to be out of scope for this I-D.

That said, we need to be aware that if such usage arises in the future,
someone might write a document that updates or obsoletes this I-D; in
fact the present authors very much expect that such documents will
emerge after the Internet community (specifically certification
authorities, application service providers, and application client
developers) have gained more experience with PKIX certificates in the
context of various application technologies.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/

v2.8.7 | Report a Bug | By Email