IETF Logo Mail Archive

Re: [openpgp] Revocations of third-party certifications (TPK+"CRL") [was: draft-dkg-openpgp-abuse-resistant-keystore-04.txt]

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 28 August 2019 23:30 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1308B120130 for <openpgp@ietfa.amsl.com>; Wed, 28 Aug 2019 16:30:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=fifthhorseman.net header.b=SSVzKOUj; dkim=pass (2048-bit key) header.d=fifthhorseman.net header.b=0otdpTSx
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 10qf9zbjrWsD for <openpgp@ietfa.amsl.com>; Wed, 28 Aug 2019 16:30:15 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [IPv6:2001:470:1:116::7]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BFC551201AA for <openpgp@ietf.org>; Wed, 28 Aug 2019 16:30:15 -0700 (PDT)
DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019; t=1567035014; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=us02xfeVWkgF7+c+UxYTPaT/YG5Tq0/AKEtV3WGf81o=; b=SSVzKOUjwnMuur4WahX/n2oClY85mMy3E5auTIfJA8DA+kGdzv+WkwKS MH2rwff4BOgJLHe7KSm5alAI4GNHCA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fifthhorseman.net; i=@fifthhorseman.net; q=dns/txt; s=2019rsa; t=1567035014; h=from : to : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=us02xfeVWkgF7+c+UxYTPaT/YG5Tq0/AKEtV3WGf81o=; b=0otdpTSxhCm+TXqkFxWNq0DyCYUHylA+VqMPSG0MbW8c8r4S+zS474XD WdioAfqEtNMNq8QpXWhBHwrZrYaQ2rcRs7jTUjc2/v3e1uax5w18Gkhi1d WQsxeFxaXEzk8pZ+FYu3F047dpXesWAgESMBheKMRJ/UFKG2OKcv8QjCjI A6wWFTRIIF/bRS3BJljP+zV5oXnJ49Qf3T+jz58Vk2jCbjZb4e3nQ/Qsax xOdJaWKR5FNTxFZDFqh1FfnjVqJMjJhPqUgpXH0M6Phj+ZmpxvvvXpOgzP XarR6Z0ZhR0dleVO4bcUZB6rwCBDR8PpF9jPokNSlUTqklbGBMh0Pw==
Received: from fifthhorseman.net (ool-6c3a0662.static.optonline.net [108.58.6.98]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by che.mayfirst.org (Postfix) with ESMTPSA id 98343F99D; Wed, 28 Aug 2019 19:30:13 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 47D2F2024E; Wed, 28 Aug 2019 18:22:45 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Jon Callas <joncallas@icloud.com>, openpgp@ietf.org
In-Reply-To: <6057F53D-2251-4B92-997B-EF241C2F4EF3@icloud.com>
References: <156650274021.14785.10325255315266801149.idtracker@ietfa.amsl.com> <875zmodi1v.fsf@fifthhorseman.net> <8736hsdfm4.fsf@fifthhorseman.net> <CAF751FB-4AFD-4E64-AD8C-E04B3031F50D@icloud.com> <87zhju9qlb.fsf@fifthhorseman.net> <6057F53D-2251-4B92-997B-EF241C2F4EF3@icloud.com>
Autocrypt: addr=dkg@fifthhorseman.net; prefer-encrypt=mutual; keydata= mDMEXEK/AhYJKwYBBAHaRw8BAQdAr/gSROcn+6m8ijTN0DV9AahoHGafy52RRkhCZVwxhEe0K0Rh bmllbCBLYWhuIEdpbGxtb3IgPGRrZ0BmaWZ0aGhvcnNlbWFuLm5ldD6ImQQTFggAQQIbAQUJA8Jn AAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBMS8Lds4zOlkhevpwvIGkReQOOXGBQJcQsbzAhkB AAoJEPIGkReQOOXG4fkBAO1joRxqAZY57PjdzGieXLpluk9RkWa3ufkt3YUVEpH/AP9c+pgIxtyW +FwMQRjlqljuj8amdN4zuEqaCy4hhz/1DbgzBFxCv4sWCSsGAQQB2kcPAQEHQERSZxSPmgtdw6nN u7uxY7bzb9TnPrGAOp9kClBLRwGfiPUEGBYIACYWIQTEvC3bOMzpZIXr6cLyBpEXkDjlxgUCXEK/ iwIbAgUJAeEzgACBCRDyBpEXkDjlxnYgBBkWCAAdFiEEyQ5tNiAKG5IqFQnndhgZZSmuX/gFAlxC v4sACgkQdhgZZSmuX/iVWgD/fCU4ONzgy8w8UCHGmrmIZfDvdhg512NIBfx+Mz9ls5kA/Rq97vz4 z48MFuBdCuu0W/fVqVjnY7LN5n+CQJwGC0MIA7QA/RyY7Sz2gFIOcrns0RpoHr+3WI+won3xCD8+ sVXSHZvCAP98HCjDnw/b0lGuCR7coTXKLIM44/LFWgXAdZjm1wjODbg4BFxCv50SCisGAQQBl1UB BQEBB0BG4iXnHX/fs35NWKMWQTQoRI7oiAUt0wJHFFJbomxXbAMBCAeIfgQYFggAJhYhBMS8Lds4 zOlkhevpwvIGkReQOOXGBQJcQr+dAhsMBQkB4TOAAAoJEPIGkReQOOXGe/cBAPlek5d9xzcXUn/D kY6jKmxe26CTws3ZkbK6Aa5Ey/qKAP0VuPQSCRxA7RKfcB/XrEphfUFkraL06Xn/xGwJ+D0hCw==
Date: Wed, 28 Aug 2019 18:22:44 -0400
Message-ID: <87imqh9bgr.fsf@fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/dMyz7l8G47S-c8xu0iJg3DeAXRM>
Subject: Re: [openpgp] Revocations of third-party certifications (TPK+"CRL") [was: draft-dkg-openpgp-abuse-resistant-keystore-04.txt]
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Aug 2019 23:30:18 -0000

Hi Jon--

Thanks for the feedback!  I'm trying to distill it to concrete guidance
we can use to make OpenPGP certificate redistribution more robust…

On Wed 2019-08-28 00:29:04 -0700, Jon Callas wrote:
> Yeah. An issue with OpenPGP certificates is that they are ultimately a
> list of statements, and those statements can be rewritten with
> impunity. Overall, I think it's far more of a feature than a bug,
> because an alternative would make it so no one would be able to do
> anything without the key owner's permission, and that would disrupt
> things like key signings.

I agree that we want people to be able to compose OpenPGP certificates.
It is definitely a feature of the format, but it's a tricky one, and one
that keystores have had difficulty in managing without opening
themselves to abuse.

> I define it the way it's defined. An abusive revocation is something
> we'll learn over time, and it's something that the key server decides.

This isn't sufficient, unfortunately, because what's abusive for one
keyserver might not be abusive for some of its clients, and vice versa :(

>> Perhaps we could say that the most narrowly-tailored third-party
>> certification revocation signature is acceptable -- the only three
>> subpackets allowed:
>> 
>> * Issuer Fingerprint
>> * Signature Creation Time
>> * Reason For Revocation -- only with a code, and string MUST be empty
>> 
>> And of course the abuse-resistant keystore would have to
>> cryptographically verify the certification revocation signature.
>
> That works. I don't think it has to be that narrow, but that would work.

So this sounds like useful concrete guidance that we can offer in the
abuse-resistant keystores draft.  I'll include it in the next revision.
thanks!

> Yes. Alice is revoking *her* certification of Bob's key. Bob owns
> Bob's key, but Alice owns her certification of Bob's key. Bob can
> freely discard the certification or the certification+revocation, but
> he should not be allowed to keep Alice's certification without its
> matching revocation.

Alice doesn't "own" her certification of Bob's certificate -- we're 

> Part of my prologue of revocation not working is that Bob can always
> go do key surgery. To some extent, anyone can do key surgery. Bob can
> go in with a hex editor and pull off Alice's revocation, but general
> tools shouldn't allow it.

I start this from the assumption that the (ab)user has powerful,
flexible client-side tools, and their only limitation is that they don't
have access to (certain) secret keys.  This is Kerckchoff's principle,
basically.

> Moreover, a key server shouldn't allow it. If Bob uploads a new copy
> of his key without Alice's mention at all, that's fine. The key server
> MUST not allow the revocation to be vanished alone.

But if the keystore allows the revocation to be vanished in any way on
its own terms, it has not solved the problem for the client that does
merge-based updates but already knows of Alice's certification?

Or, are you suggesting that a client of the keystore which knows of
Alice's certification, but receives Bob's certificate without it from
the keystore, should themselves *drop* Alice's certification just
because the keystore doesn't report it?  That would be a pretty radical
change to how most OpenPGP keystore clients work today.

> We have not seen the abuse problem of certificates being nonsensical,
> but that could really happen. I am sure that if you did something like
> take the first part of Bob's key, threw in one of Aice's user ids
> along with all its certifications, and some subways and other things
> from Charlie's key, that some implementation's going to barf in
> amusing ways -- or worse, just accept it.

these are straight up bugs. If you see them in any OpenPGP
implementation -- client or keystore or wherever -- please report them
and get them fixed.

> Any problem that starts with "Mallory gets ahold of Bob's secret key"
> and then goes on, is kinda like discussing an operating system exploit
> that starts with, "okay, the attacker is in kernel mode." In general,
> the attacker can have much more fun than whatever's described. Yes,
> yes, if Malloy has Bob's secret key, Mallory can do anything.

No, that's not true in this situation.  We're talking here about how to
get control of the key back from Mallory, or how to stop Mallory from
decrypting messages already encrypted to the key, or anything like
that.  We're talking about how Alice can reliably publish her revocation
of her certification even in the face of Bob being impaired,
intransigent, or compromised.

> However, this is part of why we have designated revokers.

Designated Revokers need to be set up ahead of time.  If you've done
that, and your designated revoker isn't asleep at the switch, then all's
well.  but most people haven't, and it would be nice to handle that
case.

> Perhaps a key server ought to be a designated revoker itself in some
> but not all cases. Perhaps even the default one. Of course, I'm
> handwaving away things like accounts on that server, authentication,
> takeover policies, and lots of other things that will be fun for
> someone else.

I'm looking for concrete guidance that we can offer to operators of
keystores and clients of keystores today.

Keystore operators have traditionally not wanted to be in the role of
certificate authority, or of designated revoker (i can confirm this as a
past and present keystore operator, but it's not just me).  They're
looking for a reliable set of guidelines they can follow to ensure that

 (a) the ecosystem is healthy,
 
 (b) clients with different trust models and trusted introducers can
     find what they need,

 (c) the keystore can operate efficiently in terms of bandwidth and
     computational resources, and 

 (d) the keystore operator themselves is at minimal technical and legal
     risk.

> Or a signature on the key that's made by the key server itself that
> has a timeout and a lot of policy coded in it.

How does this help in redistributing Alice's certifications?  I am wary
about trying to "code a lot of policy" -- the devil is in the details
there, and i'd like to be clear about what those details are.  Do you
have something specific you're trying to propose here?

The CRL-like mechanism that launched this thread is concrete,
implementable, and has a set of functional properties that seem better
than the status quo (though i think it can be improved too).  If you've
got specific text that you want to propose to improve it, or a
counterproposal that makes it unnecessary, i'd be happy to see it.

Thanks for thinking this through here,

       --dkg

v2.23.0 | Report a Bug | By Email