Re: [IAB] Mandatory encryption as part of HTTP2
Hannes Tschofenig <hannes.tschofenig@gmx.net> Sun, 17 November 2013 23:01 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ED49211E8208 for <ietf@ietfa.amsl.com>; Sun, 17 Nov 2013 15:01:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.479
X-Spam-Level:
X-Spam-Status: No, score=-102.479 tagged_above=-999 required=5 tests=[AWL=0.120, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KCpisBDcl7AL for <ietf@ietfa.amsl.com>; Sun, 17 Nov 2013 15:01:32 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) by ietfa.amsl.com (Postfix) with ESMTP id F029B11E80E3 for <ietf@ietf.org>; Sun, 17 Nov 2013 15:01:31 -0800 (PST)
Received: from masham-mac.home ([81.164.176.169]) by mail.gmx.com (mrgmx103) with ESMTPSA (Nemesis) id 0MOOJl-1VnQg33lh7-005nYO for <ietf@ietf.org>; Mon, 18 Nov 2013 00:01:31 +0100
Message-ID: <52894AC9.6020600@gmx.net>
Date: Mon, 18 Nov 2013 00:01:29 +0100
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:17.0) Gecko/20130216 Thunderbird/17.0.3
MIME-Version: 1.0
To: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
Subject: Re: [IAB] Mandatory encryption as part of HTTP2
References: <946B0ADE-F03B-4249-9D74-904C4BF13632@muada.com> <290E20B455C66743BE178C5C84F1240847E5103781@EXMB01CMS.surrey.ac.uk> <CAP+FsNfJ7iP8FZqY=beKE_ZNfiwZYvMcwbU9VUXmD5x4vNg9Kw@mail.gmail.com> <290E20B455C66743BE178C5C84F1240847E5103783@EXMB01CMS.surrey.ac.uk> <52860201.8000001@gmx.net> <3B2983EA-4462-4398-B822-95437C664E2F@muada.com> <13cae6c747eb44eebb2664902df34855@exrad6.ad.rad.co.il> <5286331D.2080409@gmx.net> <9EBA4A37-12F1-4CBB-B416-FF9F8F10CE88@shinkuro.com> <20131116013231.GD16722@thunk.org> <52893F62.3010009@necom830.hpcl.titech.ac.jp> <528941CE.7030203@gmx.net> <52894680.8080505@necom830.hpcl.titech.ac.jp>
In-Reply-To: <52894680.8080505@necom830.hpcl.titech.ac.jp>
Content-Type: text/plain; charset="ISO-2022-JP"
Content-Transfer-Encoding: 7bit
X-Provags-ID: V03:K0:mGFlEaLgSnnNhi0GrEbn9nm2kimlCCIOEzmREFhV6DJOiAVTJzT bmrDrUrpyuJ8hr6cLVwuTawD9qC3RE5D33dVKdiR8sOdsx0kaiNEPWB8ap/APa7jsa7K5Pn 4X9QRJ4q326BcK2w7cOX/YNa8iPNjr5CdkUOIwQcPqJ1gTwqbo/tZYkrgtALwsmHW7aAKme Uo+dKhBT1jnPHt345q7gA==
Cc: Theodore Ts'o <tytso@mit.edu>, "ietf@ietf.org list" <ietf@ietf.org>, iab@iab.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 17 Nov 2013 23:01:37 -0000
I am also worried about the developments with the NSA. I guess we are on the same page there. The PKI concept by itself does not say how many trust anchors you need to use at your client. You are complaining about the way how the WebPKI looks like and how the CA/Browser Forum is handling their business. Allowing new trust anchors to be added means giving new CAs a chance to enter the market. Let's say we only have one trust anchor. Would you like that more? Probably not. I am not saying that there are issues with the CA/Browser Forum but it is just difficult to pick the right number of trust anchors in a browser. One challenge is, of course, nobody trust every CA and the intersection of what everyone's trusted CA list is the empty set. That may give you the impression that the PKI model is inadequate and there are, of course, other models as well that provide different properties (for example, the AAA model). I am not sure you will find them appropriate either. Have you had a chance to look at them? There have been various ideas on how to improve the PKI, and the IAB has a security program that aims to make some progress in that area. I am currently working on a draft update of http://tools.ietf.org/html/draft-tschofenig-iab-webpki-evolution based on the feedback I have received. Have you had a chance to look at the different approaches people had suggested? Finally, in your threat model, however, the use of a DH will also not help since you have, as stated, the MITM attack at the ISP. Ciao Hannes Am 17.11.13 23:43, schrieb Masataka Ohta: > Hannes Tschofenig wrote: > >> I know that it is very popular to bash the PKI system but there are >> security differences between an anonymous DH and PKI deployment that >> provides server-side authentication. > > Assuming active MITM attacks both on ISP chains and CA chains, > what, do you think, are the differences? > > A concrete example is especially welcome. > > Note that we, none US citizens, must expect such attacks, because > active MITM attacks of NSA on people without US citizenship are, > under US legislation, even legal. > >> And: Keep in mind that we have various activities in the IETF ongoing >> that help to improve the security of the PKI. > > As PKI is fundamentally insecure against active attacks, there is > no point of improving it. > > I do realize stupidity level of IETF, especially on DNSSEC. > > Masataka Ohta >
- Mandatory encryption as part of HTTP2 Iljitsch van Beijnum
- Re: Mandatory encryption as part of HTTP2 Peter Saint-Andre
- RE: Mandatory encryption as part of HTTP2 l.wood
- Re: Mandatory encryption as part of HTTP2 Roberto Peon
- RE: Mandatory encryption as part of HTTP2 l.wood
- Re: [IAB] Mandatory encryption as part of HTTP2 Hannes Tschofenig
- Re: [IAB] Mandatory encryption as part of HTTP2 Iljitsch van Beijnum
- Re: [IAB] Mandatory encryption as part of HTTP2 Phillip Hallam-Baker
- Re: [IAB] Mandatory encryption as part of HTTP2 Phillip Hallam-Baker
- RE: [IAB] Mandatory encryption as part of HTTP2 Yaakov Stein
- Re: [IAB] Mandatory encryption as part of HTTP2 Hannes Tschofenig
- Re: [IAB] Mandatory encryption as part of HTTP2 Hannes Tschofenig
- Re: [IAB] Mandatory encryption as part of HTTP2 Phillip Hallam-Baker
- Re: [IAB] Mandatory encryption as part of HTTP2 Hannes Tschofenig
- Re: [IAB] Mandatory encryption as part of HTTP2 Steve Crocker
- Re: [IAB] Mandatory encryption as part of HTTP2 Phillip Hallam-Baker
- Re: Mandatory encryption as part of HTTP2 Ted Faber
- Re: [IAB] Mandatory encryption as part of HTTP2 Roberto Peon
- Re: [IAB] Mandatory encryption as part of HTTP2 Dave Crocker
- Re: [IAB] Mandatory encryption as part of HTTP2 Martin Thomson
- Re: [IAB] Mandatory encryption as part of HTTP2 Phillip Hallam-Baker
- Re: [IAB] Mandatory encryption as part of HTTP2 Theodore Ts'o
- Re: [IAB] Mandatory encryption as part of HTTP2 Stephen Farrell
- Re: [IAB] Mandatory encryption as part of HTTP2 Randy Bush
- Re: [IAB] Mandatory encryption as part of HTTP2 Phillip Hallam-Baker
- Number of CAs (was: Mandatory encryption as part … SM
- Re: Number of CAs (was: Mandatory encryption as p… Phillip Hallam-Baker
- Re: Number of CAs (was: Mandatory encryption as p… Theodore Ts'o
- Re: Number of CAs (was: Mandatory encryption as p… Phillip Hallam-Baker
- Re: Number of CAs Masataka Ohta
- Re: Number of CAs (was: Mandatory encryption as p… Yoav Nir
- Re: Number of CAs (was: Mandatory encryption as p… Randy Bush
- Re: Number of CAs (was: Mandatory encryption as p… SM
- Re: Number of CAs (was: Mandatory encryption as p… Yoav Nir
- Re: Number of CAs (was: Mandatory encryption as p… mutek
- Re: Number of CAs Phillip Hallam-Baker
- Re: Number of CAs (was: Mandatory encryption as p… Phillip Hallam-Baker
- Re: Number of CAs (was: Mandatory encryption as p… Phillip Hallam-Baker
- Re: Number of CAs (was: Mandatory encryption as p… Phillip Hallam-Baker
- Re: Number of CAs (was: Mandatory encryption as p… Paul Hoffman
- Re: [IAB] Mandatory encryption as part of HTTP2 Masataka Ohta
- Re: [IAB] Mandatory encryption as part of HTTP2 Hannes Tschofenig
- Re: Number of CAs Masataka Ohta
- Re: [IAB] Mandatory encryption as part of HTTP2 Masataka Ohta
- Re: [IAB] Mandatory encryption as part of HTTP2 Hannes Tschofenig
- Re: [IAB] Mandatory encryption as part of HTTP2 Masataka Ohta
- Re: [IAB] Mandatory encryption as part of HTTP2 Phillip Hallam-Baker
- Re: Number of CAs Phillip Hallam-Baker
- Re: [IAB] Mandatory encryption as part of HTTP2 Theodore Ts'o
- Re: Number of CAs Masataka Ohta
- Re: Number of CAs Phillip Hallam-Baker
- Re: Mandatory encryption as part of HTTP2 Conrad Rockenhaus
- Re: [IAB] Mandatory encryption as part of HTTP2 Phillip Hallam-Baker
- Re: Number of CAs Masataka Ohta
- Re: [IAB] Mandatory encryption as part of HTTP2 Yoav Nir
- Re: [IAB] Mandatory encryption as part of HTTP2 Masataka Ohta
- Re: [IAB] Mandatory encryption as part of HTTP2 SM
- Re: Number of CAs Vinayak Hegde
- Re: [IAB] Mandatory encryption as part of HTTP2 Masataka Ohta
- Re: Number of CAs Randy Bush
- Re: Number of CAs Masataka Ohta
- Re: Number of CAs (was: Mandatory encryption as p… Tony Finch
- Re: Number of CAs Yoav Nir
- Re: Number of CAs (was: Mandatory encryption as p… Phillip Hallam-Baker
- Re: Number of CAs Phillip Hallam-Baker
- Re: [IAB] Mandatory encryption as part of HTTP2 Phillip Hallam-Baker
- Re: Number of CAs (was: Mandatory encryption as p… Tony Finch
- Re: Number of CAs (was: Mandatory encryption as p… Ted Lemon
- Re: Number of CAs (was: Mandatory encryption as p… Phillip Hallam-Baker
- Re: Number of CAs (was: Mandatory encryption as p… Phillip Hallam-Baker