Re: [pkix] Compressed CRLs
"Dr. Massimiliano Pala" <massimiliano.pala@gmail.com> Tue, 11 November 2014 03:13 UTC
Return-Path: <massimiliano.pala@gmail.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 128E11A8892 for <pkix@ietfa.amsl.com>; Mon, 10 Nov 2014 19:13:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.388
X-Spam-Level:
X-Spam-Status: No, score=-1.388 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, J_CHICKENPOX_51=0.6, LOTS_OF_MONEY=0.001, SPF_PASS=-0.001, T_HK_NAME_FM_DR=0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xzDlHRgeDUCc for <pkix@ietfa.amsl.com>; Mon, 10 Nov 2014 19:13:33 -0800 (PST)
Received: from mail-wg0-x229.google.com (mail-wg0-x229.google.com [IPv6:2a00:1450:400c:c00::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 083461A8885 for <pkix@ietf.org>; Mon, 10 Nov 2014 19:13:33 -0800 (PST)
Received: by mail-wg0-f41.google.com with SMTP id k14so10490011wgh.28 for <pkix@ietf.org>; Mon, 10 Nov 2014 19:13:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type; bh=tOpDdwJ9fyj1iDRIRfSpD8HbPtaeY0o1R75ljLoMbHw=; b=Y5CrZy0Hs1CYmCQgfwShfM4vw8MvvRcsSWOCR5GHOFP5Y0U3LKF8aNQ//RR2o3Xlqw ShObw1BOarBBWLefxt0IIKsbSa20Z9wyaKXPG8rWU6PHrOHwx+UgtFGT2GkoZknk6ucM EbNkYIoNJij7QG1GpaDZNKQPhABLWn8pzD8mzx2p0EV6bQ5ogwnuLEht5c/3HIZQ/UvA In3tYUOeyQnLfzbFuD0fJb7u8M12QJq05CiifRHVFpi4ZhYiyMctCZaMTzrKUjtY5uKO bRD/Ob5Vel+5pm0FiuudCU2ezaIwk4S32DYnr45kG8vuxEigEFDUcjCkW/YABmXXL6Kg vZWA==
X-Received: by 10.180.149.242 with SMTP id ud18mr36852126wib.58.1415675611733; Mon, 10 Nov 2014 19:13:31 -0800 (PST)
Received: from iMassi.local ([2001:67c:1231:998:2daf:6f04:992b:d693]) by mx.google.com with ESMTPSA id fq1sm15670586wib.12.2014.11.10.19.13.28 for <pkix@ietf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Mon, 10 Nov 2014 19:13:31 -0800 (PST)
Message-ID: <54617ED6.8030204@gmail.com>
Date: Mon, 10 Nov 2014 17:13:26 -1000
From: "Dr. Massimiliano Pala" <massimiliano.pala@gmail.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: pkix@ietf.org
References: <CAMm+Lwj7VAz9_ASfLKHzMVnxK6PWmJRonRTLG_4DEDneRDXoTg@mail.gmail.com> <CA+i=0E6Rqo=7Nr3XL+ZXASbD3S5pe_+R2-cvDxcqGVOKWQuzLw@mail.gmail.com>
In-Reply-To: <CA+i=0E6Rqo=7Nr3XL+ZXASbD3S5pe_+R2-cvDxcqGVOKWQuzLw@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------010307090408000806030406"
Archived-At: http://mailarchive.ietf.org/arch/msg/pkix/r9pAfMwvcgV6vGQtG3ofpKnS18M
Subject: Re: [pkix] Compressed CRLs
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Nov 2014 03:13:36 -0000
Comments inline. On 10/16/14, 7:17 AM, Erwann Abalea wrote: > Interesting draft. Can be implemented by a third party if and only if > it has access to all the unexpired certificates (insert GoogleCT > here), or by the CA itself. > Will there be more details on the additional optimizations by Rob? > Does this additional optimization apply to a complete CRLSet or only > to deltas? > AAAArrgghhh!! Each time I ear about CRLSet I get goose bumps - that is an abomination that completely breaks PKIX revocation by simply ignoring the authoritative source of information and it is a single-vendor (wrong) solution to revocation checking :( Regarding the idea at hand, it is interesting from a theoretical point of view, but I do not think it does introduces benefits over simple OCSP, OCSP stapling (or OCSP over DNS) - at the same time it does not support all revocation cases we need in PKIX. By reading the document, I think that the big issue here is that this mechanism seems to ignore (but correct me if I am wrong) that revocation is not just "revoked" or "not revoked" but it carries along additional information (i.e. reason for revoking). Moreover, the "pending IPR issue" and the corresponding "licensing" model is a big issue and a legal nightmare that nobody would be happy to deal with, IMHO. For these reasons, I do not think that this is a work that should be addresses in its current form within the IETF. Cheers, Max > Regarding the encoding, my preference goes to ASN.1 over JSON. ASN.1 > has a native BITSTRING type and several already standardized encoding > rules, one of them being optimized for space (PER and unaligned PER, > X.691). But this is only a serialization issue and doesn't conflict > with the general idea; some don't like ASN.1 (for bad reasons), some > don't like PER (for not so bad reasons). A good compact and easy > encoding may be the recently approved OER (X.696). > > > 2014-10-09 14:55 GMT+02:00 Phillip Hallam-Baker <phill@hallambaker.com > <mailto:phill@hallambaker.com>>: > > I sent this to TLS in the first instance but it might be of more > interest here. It turns out that we can compress CRLs much better than > anyone imagined. Using compression we can issue a CRL for every > unexpired SSL Server cert using less than the 250K that is the limit > on Google's curated CRLSet. > > > Please note: > > http://datatracker.ietf.org/doc/draft-hallambaker-compressedcrlset/ > Also note the pending IPR disclosure. > > In brief Rob Stradling and myself have come up with a radically new > approach to certificate status that is vastly more efficient than any > previous proposal that provides finer grain certificate status than > the certificate validity interval. > > While compressing hash tables might appear to be a fools errand, it > turns out that if the problem is correctly understood, CRLs actually > compress astonishingly well. It is actually possible to represent the > status of every one of the half million revoked certificates in the > WebPKI using fewer bytes than the heavily edited Google CRLSet. > > There is still a powerful case for short lived certificates. But the > minimum feasible expiry interval for short lived certs is 48 hours. > Using a compressed CRL in combination with short lived certs would > allow the vulnerability window to be reduced to minutes. > > > We are of course aware that deployment will require a licensing regime > that meets the need of all parties including competing CAs, open > source software providers, etc. However lacking an existing licensing > regime for the rights holder (if indeed any are granted), I thought it > best to bring this to people's attention first. > > The nature of the invention is such that not applying for a paten;t > would open the possibility that someone else might make a claim as has > happened to me on numerous other occasions. In the past five years > over $50 million has been spent on defending against such patent > claims. > > _______________________________________________ > pkix mailing list > pkix@ietf.org <mailto:pkix@ietf.org> > https://www.ietf.org/mailman/listinfo/pkix > > > > > -- > Erwann. > > > _______________________________________________ > pkix mailing list > pkix@ietf.org > https://www.ietf.org/mailman/listinfo/pkix
- [pkix] Compressed CRLs Phillip Hallam-Baker
- Re: [pkix] Compressed CRLs Erwann Abalea
- Re: [pkix] Compressed CRLs Phillip Hallam-Baker
- Re: [pkix] Compressed CRLs Dr. Massimiliano Pala