Re: [keyassure] Objective: Restrictive versus Supplementary Models
Michael Richardson <mcr@sandelman.ca> Wed, 30 March 2011 15:41 UTC
Return-Path: <mcr@sandelman.ca>
X-Original-To: keyassure@core3.amsl.com
Delivered-To: keyassure@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BFA833A6B61 for <keyassure@core3.amsl.com>; Wed, 30 Mar 2011 08:41:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.954
X-Spam-Level:
X-Spam-Status: No, score=-1.954 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HOST_MISMATCH_NET=0.311, IP_NOT_FRIENDLY=0.334]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CLezSymxXAcn for <keyassure@core3.amsl.com>; Wed, 30 Mar 2011 08:41:21 -0700 (PDT)
Received: from relay.sandelman.ca (relay.cooperix.net [67.23.6.41]) by core3.amsl.com (Postfix) with ESMTP id DA0953A684E for <keyassure@ietf.org>; Wed, 30 Mar 2011 08:41:20 -0700 (PDT)
Received: from marajade.sandelman.ca (ip-85-160-190-55.eurotel.cz [85.160.190.55]) by relay.sandelman.ca (Postfix) with ESMTPS id CAF0D34117 for <keyassure@ietf.org>; Wed, 30 Mar 2011 11:42:58 -0400 (EDT)
Received: from marajade.sandelman.ca (marajade.sandelman.ca [127.0.0.1]) by marajade.sandelman.ca (Postfix) with ESMTP id 10D9E98B17 for <keyassure@ietf.org>; Wed, 30 Mar 2011 17:28:22 +0200 (CEST)
From: Michael Richardson <mcr@sandelman.ca>
To: keyassure@ietf.org
In-Reply-To: <0374DFAB-AA4F-42DA-9792-71BCEFB4ABBF@bbn.com>
References: <AANLkTik1Uzd8XSZzopBBDHywrhSjsBQYxC91BZXdkMwg@mail.gmail.com> <0AE869F3-0BBB-485F-8CDD-EC1B70EBB9B2@bbn.com> <AANLkTi=r884poth6pAXPtot0XVuCXfEprcYQTDdPLR1W@mail.gmail.com> <0374DFAB-AA4F-42DA-9792-71BCEFB4ABBF@bbn.com>
X-Mailer: MH-E 8.1; nmh 1.1; XEmacs 21.4 (patch 22)
Date: Wed, 30 Mar 2011 17:28:22 +0200
Message-ID: <8018.1301498902@marajade.sandelman.ca>
Sender: mcr@sandelman.ca
Subject: Re: [keyassure] Objective: Restrictive versus Supplementary Models
X-BeenThere: keyassure@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Key Assurance With DNSSEC <keyassure.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyassure>
List-Post: <mailto:keyassure@ietf.org>
List-Help: <mailto:keyassure-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Mar 2011 15:41:21 -0000
>>>>> "Richard" == Richard L Barnes <rbarnes@bbn.com> writes: Richard> Fair enough. Revised version below allows for the Richard> possibility of short-circuiting based on exact match with Richard> an EE cert. (Trying to maintain an integral version that Richard> can be called for consensus later.) okay, but is there a bit that tells the client which case they are trying to implement? Or do we even need such a thing? Paul and I were discussing things from the point of view that the client does one process only, and that it has to work for both cases. 1. client looks up A/AAAA record. DNSSEC recommended. If no DNSSEC, attacker can mis-direct connection. 2a. client initiates TCP socket to target. (Attacker may do IP-level redirection, even if A/AAAA is correct) 2b. client looks up DANE/TLSA record (if any). 3. If TLSA found, client adds DANE CA and/or EE certs to TA store, dropping all others (*) 4. Client performs normal TLS/PKIX checks. This is secure for domain-managed authentication if DNSSEC. This is is also secure for cert-lock even in the face of Comodogate. This may fail for some corporate environments where there is a forced proxy of all TLS connections to some auditing firewall device. Apparently some vendors let you force new sets of trust anchors to desktops so that the desktops will wind up trusting the official man-in-the-middle device. If in step 3, one drops that trust anchor, then the MitM is detected. This may be a feature or not. The question that we came up with was: is the act of dropping other trust anchors something that should be controlled by the owner the domain via the TLSA record, or is this a question of local policy? You *HAVE* to drop them to get the cert-lock to be effective. Richard> 1. Cert-lock / CA-lock Richard> 1.1. Use case: Richard> 1.1.1. Client initiates TLS connection and gets server cert chain Richard> 1.1.2. Client performs normal TLS/PKIX validation on cert chain Richard> 1.1.3. Client retrieves DANE records from DNS Richard> 1.1.4. DANE records specify EE or CA certs that MUST be present in cert chain Richard> 1.1.5. Client verifies that TLS cert chain meets DANE constraints Richard> 1.2. Security goal: Defend against issuance of other certs for this domain Richard> 1.3. DNSSEC RECOMMENDED, not REQUIRED; attacker can only cause connection failure Richard> 2. Domain-managed authentication Richard> 2.1. Use case: Richard> 2.1.1. Client retrieves DANE records from DNS Richard> 2.1.2. DANE records specify Trust Anchors for PKIX certificate validation Richard> 2.1.3. Client adds DANE CA certs to TA store (optionally, drops all others) Richard> 2.1.3. [TBD] If DANE provides EE cert, accept/reject based on exact match Richard> 2.1.4. Client initiates TLS connection and gets server cert chain Richard> 2.1.5. Client performs normal TLS/PKIX validation on cert chain Richard> 2.2. Security goal: Allow TLS to work without pre-configured TAs Richard> 2.3. DNSSEC REQUIRED; attacker can insert bogus TAs
- [keyassure] Objective: Restrictive versus Supplem… Eric Rescorla
- Re: [keyassure] Objective: Restrictive versus Sup… Paul Wouters
- Re: [keyassure] Objective: Restrictive versus Sup… Yoav Nir
- Re: [keyassure] Objective: Restrictive versus Sup… Stephen Kent
- Re: [keyassure] Objective: Restrictive versus Sup… Richard L. Barnes
- Re: [keyassure] Objective: Restrictive versus Sup… Richard L. Barnes
- Re: [keyassure] Objective: Restrictive versus Sup… Eric Rescorla
- Re: [keyassure] Objective: Restrictive versus Sup… Richard L. Barnes
- Re: [keyassure] Objective: Restrictive versus Sup… Michael Richardson
- Re: [keyassure] Objective: Restrictive versus Sup… James Cloos
- Re: [keyassure] Objective: Restrictive versus Sup… James Cloos
- Re: [keyassure] Objective: Restrictive versus Sup… Martin Rex
- Re: [keyassure] Objective: Restrictive versus Sup… Martin Rex
- Re: [keyassure] Objective: Restrictive versus Sup… Eric Rescorla
- Re: [keyassure] Objective: Restrictive versus Sup… Richard L. Barnes
- Re: [keyassure] Objective: Restrictive versus Sup… Jay Daley
- Re: [keyassure] Objective: Restrictive versus Sup… Eric Rescorla
- Re: [keyassure] Objective: Restrictive versus Sup… James Cloos
- Re: [keyassure] Objective: Restrictive versus Sup… Jay Daley
- Re: [keyassure] Objective: Restrictive versus Sup… Richard L. Barnes
- Re: [keyassure] Objective: Restrictive versus Sup… Martin Rex
- Re: [keyassure] Objective: Restrictive versus Sup… Eric Rescorla
- Re: [keyassure] Objective: Restrictive versus Sup… Warren Kumari
- Re: [keyassure] Objective: Restrictive versus Sup… Martin Rex
- Re: [keyassure] Objective: Restrictive versus Sup… Martin Rex
- Re: [keyassure] Objective: Restrictive versus Sup… Eric Rescorla
- Re: [keyassure] Objective: Restrictive versus Sup… Paul Wouters
- Re: [keyassure] Objective: Restrictive versus Sup… Paul Wouters
- Re: [keyassure] Objective: Restrictive versus Sup… Eric Rescorla
- Re: [keyassure] Objective: Restrictive versus Sup… Michael Richardson
- Re: [keyassure] Objective: Restrictive versus Sup… Richard L. Barnes
- Re: [keyassure] Objective: Restrictive versus Sup… Yoav Nir
- Re: [keyassure] Objective: Restrictive versus Sup… Michael Richardson
- Re: [keyassure] Objective: Restrictive versus Sup… Yoav Nir
- Re: [keyassure] Objective: Restrictive versus Sup… Martin Rex
- Re: [keyassure] Objective: Restrictive versus Sup… Martin Rex
- Re: [keyassure] Objective: Restrictive versus Sup… Yoav Nir
- Re: [keyassure] Objective: Restrictive versus Sup… Richard L. Barnes
- Re: [keyassure] Objective: Restrictive versus Sup… Martin Rex
- Re: [keyassure] Objective: Restrictive versus Sup… James Cloos
- Re: [keyassure] Objective: Restrictive versus Sup… Paul Wouters
- Re: [keyassure] Objective: Restrictive versus Sup… Paul Wouters
- Re: [keyassure] Objective: Restrictive versus Sup… Yoav Nir
- Re: [keyassure] Objective: Restrictive versus Sup… Yoav Nir
- Re: [keyassure] Objective: Restrictive versus Sup… Paul Wouters
- Re: [keyassure] Objective: Restrictive versus Sup… Jim Schaad