IETF Logo Mail Archive

Re: [keyassure] Object Digest Reference

Ilari Liusvaara <ilari.liusvaara@elisanet.fi> Mon, 13 December 2010 20:59 UTC

Return-Path: <ilari.liusvaara@elisanet.fi>
X-Original-To: keyassure@core3.amsl.com
Delivered-To: keyassure@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 252C228C0F3 for <keyassure@core3.amsl.com>; Mon, 13 Dec 2010 12:59:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.358
X-Spam-Level:
X-Spam-Status: No, score=-2.358 tagged_above=-999 required=5 tests=[AWL=0.241, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id co3jaoC9UheJ for <keyassure@core3.amsl.com>; Mon, 13 Dec 2010 12:59:13 -0800 (PST)
Received: from emh06.mail.saunalahti.fi (emh06.mail.saunalahti.fi [62.142.5.116]) by core3.amsl.com (Postfix) with ESMTP id CD32128C0DF for <keyassure@ietf.org>; Mon, 13 Dec 2010 12:59:12 -0800 (PST)
Received: from saunalahti-vams (vs3-10.mail.saunalahti.fi [62.142.5.94]) by emh06-2.mail.saunalahti.fi (Postfix) with SMTP id DB948C7E4F; Mon, 13 Dec 2010 23:00:50 +0200 (EET)
Received: from emh04.mail.saunalahti.fi ([62.142.5.110]) by vs3-10.mail.saunalahti.fi ([62.142.5.94]) with SMTP (gateway) id A045BED81F8; Mon, 13 Dec 2010 23:00:50 +0200
Received: from LK-Perkele-V2 (a88-112-50-174.elisa-laajakaista.fi [88.112.50.174]) by emh04.mail.saunalahti.fi (Postfix) with ESMTP id 5169841BE2; Mon, 13 Dec 2010 23:00:47 +0200 (EET)
Date: Mon, 13 Dec 2010 23:01:07 +0200
From: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
To: Phillip Hallam-Baker <hallam@gmail.com>
Message-ID: <20101213210107.GB29718@LK-Perkele-V2.elisa-laajakaista.fi>
References: <AANLkTikufUrJbOiatHh9Dt98Uxj7LnwL2EE0tRUw92BF@mail.gmail.com> <p06240801c92bf18f22f3@10.20.30.249> <AANLkTimKqj8O6gZ6dyjzJJAdr067MDWJvjSV4KCPSiP1@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <AANLkTimKqj8O6gZ6dyjzJJAdr067MDWJvjSV4KCPSiP1@mail.gmail.com>
User-Agent: Mutt/1.5.20 (2009-06-14)
Sender: Ilari Liusvaara <ilari.liusvaara@elisanet.fi>
Content-Transfer-Encoding: quoted-printable
X-Antivirus: VAMS
Cc: keyassure@ietf.org, Paul Hoffman <paul.hoffman@vpnc.org>
Subject: Re: [keyassure] Object Digest Reference
X-BeenThere: keyassure@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Key Assurance With DNSSEC <keyassure.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyassure>
List-Post: <mailto:keyassure@ietf.org>
List-Help: <mailto:keyassure-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Dec 2010 20:59:14 -0000

On Mon, Dec 13, 2010 at 01:59:28PM -0500, Phillip Hallam-Baker wrote:
> On Mon, Dec 13, 2010 at 11:04 AM, Paul Hoffman <paul.hoffman@vpnc.org>wrote:
> 
> Some folk on this list doubted that a semantic substitution attack was an
> issue for the KEYASSURE/CERT proposal.

I can't find any way to perform semantic substution attack against 
draft-hoffman-keys-linkage-from-dns-03 even in the most pathological
situations (that don't involve much easier attacks anyway).

BTW: TLS itself can't defend against such attacks, it just relies that
attacker doesn't have such capabilites.

> Now absent some really clear indication to the contrary, using ASN.1 OIDs
> for identifying cryptographic algs and formats is pretty much a slam dunk. I
> can't see how anyone could say that it is not an acceptable way to go for
> any application layer design.

Programming complexity. Which is big deal when you are writting this stuff
in C or C++ for practical end applications.

And yes, I'm assuming prefixes are precomputed.

I looked at piece of code I have written that handles ASN.1-encoded hashes.
All I can say is "yuck". I'd much rather deal with small integers (even
if the set has gaps).

> They are bad within DNSSEC. But unavoidable at the upper layers. I would
> prefer not to have to support PGP and other key formats in this scheme, but
> they are going to be unavoidable politically.

I haven't seen any overly bad stuff with DNSSEC (granted, how many
implementations support GOST, but the problem). But I have seen _PLENTY_ of
bad stuff with X.509.

> I don't like having to deal with all that. But what I really, really want to
> avoid is having application layer crypto impact DNSSEC.

his is just about how to denote hash algorithms. And what about fairly
reasonable hash algorithms that seeming have no OID?

> OK, how about on a web page. Imagine that we have a web page that is
> downloaded from a TLS site but the images are stored on a separate image
> server that does not have TLS.
> 
> At the moment this is such a common use case that it is really difficult to
> get enforcement on because it is so common. And there is another variation
> where the data linked to is not even in the same domain.
> 
> Imagine we can create a link of the form:
> 
> <img src="http://images.example.com/1.gif"
>     odr="odr:woei2oqur02que0o2quefoiqwefouqwefoiu=="/>
> 
> Packaging it up as a URI is not strictly necessary but that is what it is
> functionally.
> 
> One could even have a cache of content referenced by ODR lookup. So if the
> content is not locatable, it can be pulled from cache.
> 
> <a href="http://tools.ietf.org/rfc6666.txt
>     odr="odr:woqi12o3o12hroiqhweoiqhwe==">RFC 6666</a>
 
What does that ODR encode about the semantics in both cases? That the file
is a GIF in above case (what's the OID of GIF?) and that it is text file
(what character set‽; what is say, OID of ASCII text file?).

-Ilari

v2.23.0 | Report a Bug | By Email