IETF Logo Mail Archive

Re: [perpass] draft-tschofenig-iab-webpki-evolution-00

Phillip Hallam-Baker <hallam@gmail.com> Tue, 22 October 2013 19:20 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9609211E8215 for <perpass@ietfa.amsl.com>; Tue, 22 Oct 2013 12:20:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.624
X-Spam-Level:
X-Spam-Status: No, score=-1.624 tagged_above=-999 required=5 tests=[AWL=-0.691, BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001, SARE_HTML_USL_OBFU=1.666]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7-xI8Kl01ZJ6 for <perpass@ietfa.amsl.com>; Tue, 22 Oct 2013 12:20:51 -0700 (PDT)
Received: from mail-lb0-x235.google.com (mail-lb0-x235.google.com [IPv6:2a00:1450:4010:c04::235]) by ietfa.amsl.com (Postfix) with ESMTP id DCB1F11E8211 for <perpass@ietf.org>; Tue, 22 Oct 2013 12:20:49 -0700 (PDT)
Received: by mail-lb0-f181.google.com with SMTP id x18so5279167lbi.12 for <perpass@ietf.org>; Tue, 22 Oct 2013 12:20:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=UgLSA1B+v/p8w46LAMpd6VnDPh4gA4ElzgG6hupUnZ0=; b=Wx55/xjeC1cTPs4kHEJXkcR4ddCUr1Ni5HgtAzNaghtXarDF2GQ5BmYHdwDM2XQdUH x/9/MQuIdgDpw9VbbrtPzQisreFwN/F3AinRO7BhMO4Euh6sO4aTr3TSeVhvyOj/t8Z2 YH/6xWrWJ73XMq0rKKVL1/wC60ik7yKpY0OzXU3YK9D+zJ0xHM8n69wR/g7PePxtZpfx y2TxiaV3bBNkMWQT6gudVEn35QklZ+ZuVQUte0BOykstZZ1Iz8MUg3/0n9oci5kKfLGO rDQ9qgMHih6ixw9k+wWbVHbLXDP/DmDetFsWKquTBlfb4LhhKlPrChvu/E8OkSsHcpYR Ql3w==
MIME-Version: 1.0
X-Received: by 10.152.23.137 with SMTP id m9mr19091187laf.17.1382469648766; Tue, 22 Oct 2013 12:20:48 -0700 (PDT)
Received: by 10.112.148.165 with HTTP; Tue, 22 Oct 2013 12:20:48 -0700 (PDT)
In-Reply-To: <52661FCE.6040209@gmx.net>
References: <52661FCE.6040209@gmx.net>
Date: Tue, 22 Oct 2013 15:20:48 -0400
Message-ID: <CAMm+Lwg8q2K3ZCWNg8aX4dzNeXYU+skaakTvvc6A=4+qvySxsg@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Content-Type: multipart/alternative; boundary="089e0160a67653df2d04e9594ce8"
Cc: perpass <perpass@ietf.org>
Subject: Re: [perpass] draft-tschofenig-iab-webpki-evolution-00
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The perpass list is for discussion of the privacy properties of IETF protocols and concrete ways in which those could be improved. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Oct 2013 19:20:52 -0000

Some comments:

Paragraph1:

It should be noted that in the DigiNotar case the breach was not discovered
for several weeks and not reported after discovery and due to the nature of
the breach revocation was not possible. In the Comodo case the mis-issue
was discovered within minutes and the certificates revoked.

This is a very important point to raise since the next paragraph is
conculsory, "The main problem, however, is
   that any CA can issue a certificate for any domain name."

1) one could make a very good argument that the main problem is that the
browsers don't implement revocation reliably.

2) CAA has already been created to address this problem. If that was the
'main' problem it would be solved. Unfortunately it isn't.


The 'EFF 600' number is unfortunately a XXX and I use the term advisedly.
They have accepted that they are mis-measuring the number of CAs but they
continue to insist on a number they admit they can't support. Please do not
present Fox News figures in what is meant to be a serious report. I regret
that I have to use the word 'XXX' here but when a falsehood is presented
and then insisted on after being proven untrue, what other description is
there?

The EFF study conflates all intermediate certs whose subject name is
different to the issuer with cross certificates to a CA. In practice 300+
of the certificates they identify as 'CA certificates' are issued by a
single CA and none are CA certificates. We have had exhaustive discussion
of the issue and no correction from the EFF unfortunately.

The fact that they can't measure what they would like to measure from the
certificate graph does not mean that they can measure it wrongly in a
fashion that inflates it by a factor of ten and present that figure and
assert that it is up to others to supply a better figure.


The principal problem with Sovereign keys is that it simplifies the trust
management problem by assuming that no network manager will ever make a
mistake. If they make one mistake they will lose control of their domain in
perpetuity. Nobody is ever going to take responsibility for deploying such
a scheme on ebay.com or the like.


I think that you miss the point of CT which is that Transparency is the
principle that the CA can be audited by any party without access to hidden
knowledge. That is a groundbreaking concept in trust infrastructure.

What the client checks is proof that the certificate was entered into the
log, not the log itself. That is an important but subtle point.



On DANE among the risks that have to be considered is that there is only
one provider of PKI services in DANE. Thus if that provider decides to deny
access to a party they have no recourse. Hence the Russian interest in GOST
etc. Whether or not you accept that scenario, the folk who do accept it are
willing to fracture the Internet over it.



On Tue, Oct 22, 2013 at 2:48 AM, Hannes Tschofenig <
hannes.tschofenig@gmx.net> wrote:

> Hi all,
>
> one item that predates the pervasive surveillance debate is the discussion
> about improving the public key infrastructure (but still has relevance in
> this discussion, see https://www.net-security.org/**secworld.php?id=15579<https://www.net-security.org/secworld.php?id=15579>
> ).
>
> Following the workshop at NIST earlier this year the IAB and ISOC have
> been reaching out to different players (and are still doing that) to
> continue the conversation.
>
> We have put together a first document that describes the different
> proposals (and as you can see the level of detail available for them and
> their maturity varies greately). Here is the writeup:
> http://tools.ietf.org/html/**draft-tschofenig-iab-webpki-**evolution-00<http://tools.ietf.org/html/draft-tschofenig-iab-webpki-evolution-00>
>
> The analysis is still a bit weak and requires more work but the proposals
> are hopefully captured accurately. Let us know whether there is something
> missing.
>
> We hope that this could help to create move momentum behind certain
> proposals to get them accepted by the community and widely deployed.
>
> Ciao
> Hannes
> ______________________________**_________________
> perpass mailing list
> perpass@ietf.org
> https://www.ietf.org/mailman/**listinfo/perpass<https://www.ietf.org/mailman/listinfo/perpass>
>



-- 
Website: http://hallambaker.com/

v2.23.0 | Report a Bug | By Email