Re: [openpgp] Web Key Directory and advanced lookup method
Bart Butler <bartbutler@protonmail.com> Thu, 18 April 2019 18:21 UTC
Return-Path: <bartbutler@protonmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B328112001B for <openpgp@ietfa.amsl.com>; Thu, 18 Apr 2019 11:21:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=protonmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IDf55JL9o3RO for <openpgp@ietfa.amsl.com>; Thu, 18 Apr 2019 11:21:09 -0700 (PDT)
Received: from mail-40132.protonmail.ch (mail-40132.protonmail.ch [185.70.40.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6927D120301 for <openpgp@ietf.org>; Thu, 18 Apr 2019 11:21:08 -0700 (PDT)
Date: Thu, 18 Apr 2019 18:21:01 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=default; t=1555611665; bh=n2b44z9HWpECaJ0Gd6ajsEiwJMC5ysiLdul5X//5LCY=; h=Date:To:From:Cc:Reply-To:Subject:In-Reply-To:References: Feedback-ID:From; b=crMwHP47+O4L44yWJG+G0Z0wJE2CuuDOcROvDJcc7ZqIfWiyefHdkq5Gfybqhgb6y z2wccv6TM/b4M15oVAu0ke9d3zNz15+THZMk7z76JySm6SMbL4FTgK4ouBWXmehov8 Pn4biliGyXV2MIJfNGkCq6a49oyFL9Qia4Vblqfo=
To: Wiktor Kwapisiewicz <wiktor=40metacode.biz@dmarc.ietf.org>
From: Bart Butler <bartbutler@protonmail.com>
Cc: "openpgp@ietf.org" <openpgp@ietf.org>
Reply-To: Bart Butler <bartbutler@protonmail.com>
Message-ID: <dCPoM33MfSao7HK_yYlAA2P0JoYuacknsS8b4cwdQIeH1KaZ94TixvqxJBhny2rFZ6WK097aj72bUvZqJmny1yDQslsQ3hFKrJvvR1b-3Zo=@protonmail.com>
In-Reply-To: <e4b26d9c-5942-3214-a9e4-caad42e682ee@metacode.biz>
References: <e4b26d9c-5942-3214-a9e4-caad42e682ee@metacode.biz>
Feedback-ID: XShtE-_o2KLy9dSshc6ANALRnvTQ9U24aqXW2ympbGschdpHbU6GYCTUCtfmGhY9HmOyP1Uweyandwh1AVDFrQ==:Ext:ProtonMail
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg="pgp-sha512"; boundary="---------------------433cd1988b5bfdc802ae05afa20b2df7"; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/L2QtnuAlQU2XQBYPWvbNRnIVV3s>
Subject: Re: [openpgp] Web Key Directory and advanced lookup method
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Apr 2019 18:21:14 -0000
Hi Wiktor, This is a good point and I do not think it's been discussed before. The reason WKD can't use the TXT record is that browsers can't look up TXT records, all they can do is try to resolve domains. I'd say that this is less of an attack vector and more of a 'mischief' vector, and that public suffixes can easily protect themselves if it ever becomes an issue. WKD client implementations can also use the public suffix list themselves to prevent the problem--a quick search yields libraries for lots of platforms. Maybe this would be a reasonable suggestion to add to the RFC, but it also doesn't seem critical to me. Cheers, Bart ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Monday, April 15, 2019 11:02 AM, Wiktor Kwapisiewicz <wiktor=40metacode.biz@dmarc.ietf.org> wrote: > Hello, > > I'd like to ask about the (potential) issue with advanced lookup method > in WKD. > > For those that don't remember what it is it converts e-mail (such as > "Joe.Doe@Example.ORG") into a URL that uses "openpgpkey" subdomain of > the e-mail domain (in this case > "https://openpgpkey.example.org/.well-known/openpgpkey/example.org/hu/iy9q119eutrkn8s1mk4r39qejnbu3n5q?l=Joe.Doe"). > [0] > > There are some domains that allow users to register subdomains with any > name the user requests (with some exceptions). For example "github.io". > So if a user selects "openpgpkey" as a name and thus will be able to > host files under the ".well-known" directory they will effectively > intercept all WKD queries for e-mail addresses for that domain. > > That is query for key for "security@github.io" will go to the user that > registers "openpgpkey" name. > > The problem of domains under which Internet users can directly register > names also exists in browsers. To avoid various security issues w.r.t. > supercookies Mozilla manages Public Suffix List [1] that is used by all > major browsers. The list is quite big [2]. > > I did take a look at MTA-STS [3] as it also uses subdomain but in > MTA-STS's case they first start with DNS TXT record query and only then > query mta-sts subdomain so mere registration of subdomain wouldn't > trigger MTA-STS. > > I don't want to suggest any fixes to the spec just inquire if you think > it's a real issue or rather a quite obscure edge case. > > Thank you for your time! > > Kind regards, > Wiktor > > [0]: > https://tools.ietf.org/html/draft-koch-openpgp-webkey-service-07#section-3.1 > > [1]: https://publicsuffix.org/ > > [2]: https://github.com/publicsuffix/list/blob/master/public_suffix_list.dat > > [3]: https://tools.ietf.org/html/rfc8461 > > -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- > > https://metacode.biz/@wiktor > > openpgp mailing list > openpgp@ietf.org > https://www.ietf.org/mailman/listinfo/openpgp
- [openpgp] Web Key Directory and advanced lookup m… Wiktor Kwapisiewicz
- Re: [openpgp] Web Key Directory and advanced look… Bart Butler
- Re: [openpgp] Web Key Directory and advanced look… Wiktor Kwapisiewicz
- Re: [openpgp] Web Key Directory and advanced look… Daniel Kahn Gillmor
- Re: [openpgp] Web Key Directory and advanced look… Daniel Kahn Gillmor