Re: [Cfrg] Wack-A-Mole and PKEX 3.0 -> Re: Fwd: New Version Notification for draft-harkins-pkex-00.txt

Dan Harkins <dharkins@lounge.org> Tue, 13 September 2016 23:18 UTC

Return-Path: <dharkins@lounge.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F1B6412B0ED for <cfrg@ietfa.amsl.com>; Tue, 13 Sep 2016 16:18:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.202
X-Spam-Level:
X-Spam-Status: No, score=-4.202 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mVaxqnwRwPvk for <cfrg@ietfa.amsl.com>; Tue, 13 Sep 2016 16:18:02 -0700 (PDT)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by ietfa.amsl.com (Postfix) with ESMTP id 9FEC012B008 for <cfrg@irtf.org>; Tue, 13 Sep 2016 16:18:02 -0700 (PDT)
Received: from thinny.local (unknown [77.79.217.194]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by colo.trepanning.net (Postfix) with ESMTPSA id 711741FE0202; Tue, 13 Sep 2016 16:18:01 -0700 (PDT)
To: Andy Lutomirski <luto@amacapital.net>
References: <D3FC35C1.9FC94%paul@marvell.com> <56878156-5fdf-9541-f9e2-882ab54a1632@lounge.org> <D3FC63E7.9FF36%paul@marvell.com> <8c36f26a-59b4-e483-c1e5-12a083f4b0b0@lounge.org> <D3FD4294.A005A%paul@marvell.com> <CALCETrX2sf+Ajiiyqj=bm8V2s2jTyYSyURMxfchPXw488rUP2Q@mail.gmail.com> <35b47674-90bc-926c-3a5f-bbe36291ce0e@lounge.org> <CALCETrUyCTRyBcq5nYQEmc7VRmRURQX75uKTxcpQ40q2sXSb8Q@mail.gmail.com> <69fce1b2-d68f-bd70-a969-f36d419ae734@lounge.org> <CALCETrWRntrxDxMN9Hnt2a-RnnLSzcV_K3Q5nff9zukx1XpfQQ@mail.gmail.com>
From: Dan Harkins <dharkins@lounge.org>
Message-ID: <20f31b9c-d708-5a68-a512-e9f4b2a53fd7@lounge.org>
Date: Tue, 13 Sep 2016 16:17:58 -0700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <CALCETrWRntrxDxMN9Hnt2a-RnnLSzcV_K3Q5nff9zukx1XpfQQ@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/PokvfLbzSLrk3ZXPA79XRHcidls>
Cc: "Adrangi, Farid" <farid.adrangi@intel.com>, "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] Wack-A-Mole and PKEX 3.0 -> Re: Fwd: New Version Notification for draft-harkins-pkex-00.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Sep 2016 23:18:04 -0000

On 9/13/16 3:36 PM, Andy Lutomirski wrote:
> What I'm saying is: I don't see why a newly-designed enrollment
> protocol should attempt to prevent you from getting a certificate for
> your own domain that references Google's public key.  Google's
> security is not compromised if you possess a certificate for
> danharkins.com that has Google's public key listed.

   For one thing, a CA is only as good as its word. And if it allows people
to get certificates for identities that bind to other people's public keys
then its word is shit.

   So let's say you're doing some work for an int'l human rights 
organization.
But now you've been caught with kiddie porn and are being blackmailed by the
authorities. Now the gov't is trying to force you to get a certificate
with your identity (what you refer to as "your own domain") but with a
public key that belongs to the FBI (what you refer to as "Google's public
key"). This will allow the FBI to connect to the human rights group (since
it has the private key) and the human rights group will treat any 
authenticated
connection as being you and not the FBI. Oops!

   Again, you're arguing for less integrity in certified keys and that is
a very untenable position.

   Dan.