Re: Comments on draft-stark-expect-ct-00

[Emily Stark <estark@google.com>]

On Sun, Nov 13, 2016 at 11:49 PM, Tom Ritter <tom@ritter.vg> wrote:
> On 13 November 2016 at 06:47, Emily Stark <estark@google.com> wrote:
>>> What's the rationale for not caching the directive in report-only mode.
>>> If the purpose of the report-only mode is to tell you when you have
>>> nonconforming servers, then don't you want to be able to turn it on
>>> on server A and detect hwen server B is broken? That seems like it
>>> doesn't work if you don't cache.
>>
>> I'm tempted to say "because that's how HPKP does it", but that's
>> probably not the answer you're looking for. :) I'd expect that sites
>> would generally serve the report-only header on all responses
>> unconditionally. I can't really think of a common misconfiguration
>> scenario that would cause a CT violation and would *also* cause the
>> header to not be served, but maybe that's a failure of imagination on
>> my part.
>
>
> The behavior of HPKP-RO was considered widely (by everyone except the
> authors) to be a mistake. The draft was past Last Call though, and
> everyone was exasperated at that point so it was not corrected despite
> there generally being consensus otherwise. This thread will give you a
> good idea of that discussion:
> https://www.ietf.org/mail-archive/web/websec/current/threads.html#02173

Thanks for the link. That's helpful context. I took an initial look
through it (need to do a second more careful reading) and so far the
argument that I personally find most convincing is the principle of
least astonishment argument.

>
> Report Only mode should behave the same as Enforcement Mode in all
> regards except enforcement. That's the only way site admins will feel
> confident that they have a good handle on their configuration not
> breaking things.

Note that report-only mode probably has to behave differently than
enforcement mode in at least one way, which is how the headers are
processed when received on a non-CT-compliant connection. An
enforcement header, if received on a connection that is not
CT-compliant, will be ignored, but a RO header should at least cause a
report to be sent. In a world where we cache RO headers, should a RO
header be cached if received on a non-CT-compliant connection?

>
> The most immediate examples of this causing issues is in load-balanced
> deployments (such as multicast or IP/TCP-level load balancing) where
> Server A is correctly configured but Server B is not.

While I can imagine misconfigurations where Server A is serving
CT-compliant connections and Server B is not, I have some trouble
imagining misconfigurations where Server A is making CT-compliant
connections and Server B is not *and* Server A is serving the header
and Server B is not.

To make this concrete, here are the types of misconfigurations I have
in mind that reporting would help with:
1. A CA or site operator misunderstands a UA's CT policy, or has a bug
in conforming to it, and issues/serves a certificate that violates it.
2. A site operator wants to measure the impact of client clock skew
before turning on enforcement mode. (This is a bit of an edge case, as
I suspect it's not very common that a client clock is wrong in such a
way that the certificate validates but the SCT does not.)
3. A site is serving SCTs via stapled OCSP response or TLS extension
and learn about bugs in their implementation and/or the reliability of
their OCSP responder.

In those situations, there's no reason to think that the violating
connection would not be properly serving the report-only header. And
in situations where the site is not properly serving the report-only
header consistently, caching RO won't help debug that unless the
failure to serve the header correlates with a failure to serve a
CT-compliant connection.

>
>
>
> More comments:
>
> Going with an 'enforce' directive as opposed to a second header
> prevents sites from deploying a more conservative enforcing mode and a
> more aggressive testing mode. This doesn't seem to be an issue because
> there are no knobs except max-age to turn. (Yet?)

That was the thinking behind that, yes.

>
> There is no includeSubdomains directive (which would also make
> persistent of Report-Only very important.) I'm not saying this is bad,
> but HSTS and HPKP have the feature. On the other hand - it would
> probably necessitate the availability of the two modes...

Yes. In discussion with other browsers, our priority has been to do
something as simple as possible while still being useful, and we
thought that there might not be high-demand for includeSubDomains. I'd
be interested to hear from site operators whether that's true or not.
As you pointed out, no includeSubDomains also means that there's no
need for two separate headers (and thus no need to define how they
interact with each other, etc.).

>
> Like HSTS and HPKP, Expect-CT can be used as a (low-bandwidth)
> tracking mechanism, so that should go into Privacy Considerations.

Definitely will do. The emptiness of Privacy Considerations at the
moment shouldn't be taken to mean that there are none, just that I
haven't gotten to that section yet. :)

>
> -tom