IETF Logo Mail Archive

Re: https at ietf.org

Phillip Hallam-Baker <hallam@gmail.com> Mon, 09 December 2013 05:42 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3897C1AD7C2 for <ietf@ietfa.amsl.com>; Sun, 8 Dec 2013 21:42:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Qa99vcowKvrP for <ietf@ietfa.amsl.com>; Sun, 8 Dec 2013 21:41:59 -0800 (PST)
Received: from mail-wg0-x233.google.com (mail-wg0-x233.google.com [IPv6:2a00:1450:400c:c00::233]) by ietfa.amsl.com (Postfix) with ESMTP id 8611B1AD6BF for <ietf@ietf.org>; Sun, 8 Dec 2013 21:41:59 -0800 (PST)
Received: by mail-wg0-f51.google.com with SMTP id b13so2868183wgh.18 for <ietf@ietf.org>; Sun, 08 Dec 2013 21:41:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=b44zvNxxfzW8O+JXwlE9f4FgoYKgzRBY3JPmY4kTinY=; b=AVNm6m1Gce31A0FUKDUEj4BbTwbIeLTilOsjtZgj9SDwbiRbcTeT436JzbjNC5rXw6 /2byef7M7nNoaaP8rTNLObz9WbskGr7nNJft3NRxP8SV7N7+JLI5tMx4kI1UzvcYLixU 6kCl3evrfaSR9hgMPPNk/MiCqx2Zk4bDZF29MoJXHBHupSNJoPVHgaT+FyeXXVtV5A3+ YMjWmEuVM3Aq9W9GHsNvG6oRVC5FszsVNLKBPGY49Kq+EZRoLw/jj0zwIRCc1nofPmof kjj9dHwuoAM1xizl3siY21oB/lplwUzPr9tKnjG/bNZabisi34T+peD7CR7m3zpWX0G4 tKAA==
MIME-Version: 1.0
X-Received: by 10.180.108.97 with SMTP id hj1mr12165190wib.59.1386567714366; Sun, 08 Dec 2013 21:41:54 -0800 (PST)
Received: by 10.194.243.136 with HTTP; Sun, 8 Dec 2013 21:41:54 -0800 (PST)
In-Reply-To: <52A52972.3020601@dougbarton.us>
References: <20131125180608.55454.qmail@joyce.lan> <E5836934-317D-4E73-80CC-B8847047852A@virtualized.org> <CAMm+LwhXb6uYJLie1FmJE34aC0EO39_t7331X1O0iD=-gmSEvw@mail.gmail.com> <38B94CB1-C62A-4BAC-85D4-B08FB7315CE9@virtualized.org> <CAMm+LwhF5-nEdM0Rjh1XtK1X=_xo6GkqPnZgfGaCEJ19g8ULrg@mail.gmail.com> <52A176E0.1050708@dougbarton.us> <CAMm+LwiH=1446tXZLKxUyz+jpMHy573aAd5zg1_+Z4kEbVc33A@mail.gmail.com> <52A52972.3020601@dougbarton.us>
Date: Mon, 09 Dec 2013 00:41:54 -0500
Message-ID: <CAMm+LwiHwKkK1C7K+DG-LTBS=Edsn=AjH5hCe+9LOukVZbPjmQ@mail.gmail.com>
Subject: Re: https at ietf.org
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Doug Barton <dougb@dougbarton.us>
Content-Type: multipart/alternative; boundary="e89a8f3bafef126a9404ed13749f"
Cc: IETF Discussion Mailing List <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Dec 2013 05:42:02 -0000

On Sun, Dec 8, 2013 at 9:22 PM, Doug Barton <dougb@dougbarton.us> wrote:

> On 12/08/2013 10:21 AM, Phillip Hallam-Baker wrote:
>
>  As I pointed out, what I was objecting to was yet another iteration of
>> someone asserting that the DNSSEC PKI is different from the CA system in
>> a way that it is not actually different.
>>
>> So I don't have to fix DNSSEC, all I need to fix here is to have David
>> and others stop making claims for the protocol that are not supported by
>> evidence.
>>
>
> Um, no. What you originally asserted was that the root was vulnerable to
> being hijacked by an NSL. You have yet to provide any evidence of that, and
> when confronted by evidence to the contrary you changed the subject.
>
> So leaving aside the fine points of PKI and how they do or do not relate
> to the root, do you have _any_ evidence to support your original assertion?


What I said was that any root management is vulnerable to government
coercion. And that is still obviously true.

Having performed a root key generation in public does not guarantee that
future operations will be public. If we assume that the government has the
power to coerce the root key manager they can coerce the vendor of the
evidence bags to provide some un-numbered ones and then number them
themselves.

In fact I have some unnumbered evidence bags. Most of the vendors send them
out as free samples on request.


It is not a criticism of the particular process, it is a fundamental
constraint.

Publishing the legit ceremonies might provide some additional transparency
but does not prevent an illegitimate ceremony being inserted.

Can't even control it using the crypto hardware since the attacker can
coerce them as well. There is no ground truth you can depend on under that
attack.


The only real control is that any attack leaves irrefutable evidence and
only a government has the ability to mount such an attack. The idea that
the NSA or FBI would take such a step in the case of the DNS is ridiculous,
it would be tantamount to a treaty violation. But the idea that they would
take similar action against a US based CA or browser provider is equally
ridiculous.


-- 
Website: http://hallambaker.com/

v2.23.0 | Report a Bug | By Email