Re: [HASMAT] wrt handling TLS establishment - comment 41 bug 495115 (bugzilla.mozilla.org)
Adam Barth <ietf@adambarth.com> Sat, 17 July 2010 00:39 UTC
Return-Path: <ietf@adambarth.com>
X-Original-To: hasmat@core3.amsl.com
Delivered-To: hasmat@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6FAE53A6407 for <hasmat@core3.amsl.com>; Fri, 16 Jul 2010 17:39:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.657
X-Spam-Level:
X-Spam-Status: No, score=-1.657 tagged_above=-999 required=5 tests=[AWL=0.320, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id I-ntyCPvYU4b for <hasmat@core3.amsl.com>; Fri, 16 Jul 2010 17:39:40 -0700 (PDT)
Received: from mail-iw0-f172.google.com (mail-iw0-f172.google.com [209.85.214.172]) by core3.amsl.com (Postfix) with ESMTP id 0B16B3A6765 for <hasmat@ietf.org>; Fri, 16 Jul 2010 17:39:39 -0700 (PDT)
Received: by iwn38 with SMTP id 38so2878254iwn.31 for <hasmat@ietf.org>; Fri, 16 Jul 2010 17:39:52 -0700 (PDT)
Received: by 10.231.32.69 with SMTP id b5mr1664116ibd.153.1279327191825; Fri, 16 Jul 2010 17:39:51 -0700 (PDT)
Received: from mail-iw0-f172.google.com (mail-iw0-f172.google.com [209.85.214.172]) by mx.google.com with ESMTPS id h8sm12024260ibk.21.2010.07.16.17.39.50 (version=SSLv3 cipher=RC4-MD5); Fri, 16 Jul 2010 17:39:51 -0700 (PDT)
Received: by iwn38 with SMTP id 38so2878238iwn.31 for <hasmat@ietf.org>; Fri, 16 Jul 2010 17:39:50 -0700 (PDT)
Received: by 10.231.14.201 with SMTP id h9mr1701050iba.135.1279327190189; Fri, 16 Jul 2010 17:39:50 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.231.143.145 with HTTP; Fri, 16 Jul 2010 17:39:30 -0700 (PDT)
In-Reply-To: <4C40B043.2070707@KingsMountain.com>
References: <4C40B043.2070707@KingsMountain.com>
From: Adam Barth <ietf@adambarth.com>
Date: Fri, 16 Jul 2010 17:39:30 -0700
Message-ID: <AANLkTik2wzgwoMLnUwan6hMUvqL0YIujy_-rP-ZHo9em@mail.gmail.com>
To: =JeffH <Jeff.Hodges@kingsmountain.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: IETF HASMAT list <hasmat@ietf.org>
Subject: Re: [HASMAT] wrt handling TLS establishment - comment 41 bug 495115 (bugzilla.mozilla.org)
X-BeenThere: hasmat@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: HTTP Application Security Minus Authentication and Transport <hasmat.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hasmat>, <mailto:hasmat-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hasmat>
List-Post: <mailto:hasmat@ietf.org>
List-Help: <mailto:hasmat-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hasmat>, <mailto:hasmat-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 17 Jul 2010 00:39:41 -0000
On Fri, Jul 16, 2010 at 12:17 PM, =JeffH <Jeff.Hodges@kingsmountain.com> wrote: > > Comment 41 Kai Engert <kaie@kuix.de> 2010-07-12 17:06:43 PDT > https://bugzilla.mozilla.org/show_bug.cgi?id=495115#c41 > > I propose to clarify section 7.3 of the STS document. > > It currently says: > > "When connecting to a Known STS Server, the UA must terminate the > connection with no user recourse if there are any errors (e.g. certificate > errors), whether "warning" or "fatal" or any other error level, with the > underlying secure transport." > > I propose to add another section: > > During the initial https connection to a STS server, > the server certificate verification performed by a UA happens prior to > receiving the http headers. > If a user has configured the UA to continue the connection > despite certificate errors, the UA must ignore any such configuration > as soon as the server identifies itself as a STS server. > > Based on comment 23 in this bug I conclude we agree on this, but I'm worried > that some readers of the spec might overlook this detail. I'm not sure exactly what that means, but a server opting into STS should trump user configuration to ignore certificate errors. That's the whole point of the protocol. :) > Also, I'm worried that someone might be able to construct an attack based on > the fact that the initial connection is not yet strict. That's correct. The protocol requires a secure initialization step. If an active network attacker is present during the first connection to the site, there's nothing the protocol does to help the user. > I propose to be more > restrictive for the initial connection if it involved errors and error > overrides, and propose to add this: > > If an https connection to a not-yet-known-as-STS-server involves > certificate errors and a user's decision to ignore certificate errors, > and the server identifies itself as being a STS server, > then the UA MUST show an error message and > MUST NOT display the information received from the server. This situation is most likely to be a configuration error on the server where it both has a bogus certificate and is sending the STS header. It's essential that we don't anoint the server as an STS server, but either proceeding with the connection or erroring out is probably fine. I don't think there's a security reason to prefer one over the other. It's a question of what you think its a better experience for users and/or developers. Adam
- [HASMAT] wrt handling TLS establishment - comment… =JeffH
- Re: [HASMAT] wrt handling TLS establishment - com… Adam Barth
- Re: [HASMAT] wrt handling TLS establishment - com… Marsh Ray
- Re: [HASMAT] wrt handling TLS establishment - com… Adam Barth
- [HASMAT] wrt handling TLS establishment - comment… =JeffH