IETF Logo Mail Archive

Re: [rtcweb] Possible identity security vulnerability

Sean Turner <sean@sn3rd.com> Fri, 30 March 2018 23:04 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B9E61200C5 for <rtcweb@ietfa.amsl.com>; Fri, 30 Mar 2018 16:04:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mSaBsvPfC0Mz for <rtcweb@ietfa.amsl.com>; Fri, 30 Mar 2018 16:04:35 -0700 (PDT)
Received: from mail-qk0-x231.google.com (mail-qk0-x231.google.com [IPv6:2607:f8b0:400d:c09::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B40251272E1 for <rtcweb@ietf.org>; Fri, 30 Mar 2018 16:04:34 -0700 (PDT)
Received: by mail-qk0-x231.google.com with SMTP id w6so10325828qkb.4 for <rtcweb@ietf.org>; Fri, 30 Mar 2018 16:04:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=5M0OycS/A3sE9lPXPOJe4vZdMyAr01cFviohlDWSzCI=; b=DO8y4G0orFlD3enIfm7hbZwPeLfHk491l0MMTsUAD9BhigbEey/iNqGRxVYJbScjnA fBhEY04VNSN09HoTdztkKZW7kjvhAtC0L7z8v9UIMEPjfu1jSnqzRvTR7xIifJSjHWqj sgFZmgGt6P0nf/e21EslWGLz6uwZRb55b6fww=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=5M0OycS/A3sE9lPXPOJe4vZdMyAr01cFviohlDWSzCI=; b=ryfvn2DlkAdty40ZK0O4O8s/8lKhBo9CP2uDcxSXXFu3dCR61w9t1KdE7YwSleNIk3 YIFQ7Mtb3u3OVBplJ54T6buYhvMkpwmF/cv9bxNW0QSh6InQ4XJqybXF6q3ALr7UcLAN JYSfdYuat9h0i2bCmC71kOHTEsLtfZBN1Yl3wekhBv8rK8xh3Ui55sAGUq5CZ/f/qOhy i7C493iSq388Xt6HI+7HqJ/72DgxsQV9wQ/KHWtY5Wt8U3y0GcSB70LU6l0fQhmfChQH wo9kyArOokAEwFB9QevfxTwXm4/FqIJAT1ukKGcOhGMKVnNQwsVISNinNdDF+LOHlGGM qjJQ==
X-Gm-Message-State: ALQs6tDrhp0MAGQCPNyLvRCByvPp8jkQyzVenKnyj9YyQB6ysILiVjjG LOyc6OipK9eI901nQTgyxLnTLw==
X-Google-Smtp-Source: AIpwx4+VWWYG2/iE33WbgOEBw1EZPPhUTfpvYlTIsCANCZn0vUX3MRLOemWPGezBH4Hj+xYm3lDKDg==
X-Received: by 10.55.185.69 with SMTP id j66mr1261542qkf.216.1522451073764; Fri, 30 Mar 2018 16:04:33 -0700 (PDT)
Received: from [172.16.0.18] ([96.231.225.106]) by smtp.gmail.com with ESMTPSA id l124sm6763194qkc.1.2018.03.30.16.04.32 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 30 Mar 2018 16:04:32 -0700 (PDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.3 \(3445.6.18\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <CABkgnnUC0tEJ32Vm7QLsPrGiRjk+0z+yC+Rt+TO9w1k6yheHbA@mail.gmail.com>
Date: Fri, 30 Mar 2018 19:04:31 -0400
Cc: Sergio Garcia Murillo <sergio.garcia.murillo@gmail.com>, RTCWeb IETF <rtcweb@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <059F139E-B586-4587-B6C1-B3FB7A8AEF83@sn3rd.com>
References: <7fe32dcf-23da-b0fb-cd53-d8bba2ad2662@gmail.com> <CABkgnnVjwDYBaV0OgimSWvTVcETNwBHA-4ZodTPKZeGvvh7i-A@mail.gmail.com> <2a21956e-cf9e-d185-8041-78e1ad332d3a@gmail.com> <MWHPR14MB13769BCC9E4A860AEA654B0F83D40@MWHPR14MB1376.namprd14.prod.outlook.com> <7394bf9b-3101-1ac6-e2ea-202b78d5c936@gmail.com> <MWHPR14MB137630DAF208B80B2FB6DC6683D40@MWHPR14MB1376.namprd14.prod.outlook.com> <CABkgnnWrioVwhwkUvEfOQoBaj2sxoO+0XoQvQt08djw-8s=UMg@mail.gmail.com> <e841f9c6-f380-6f7e-1b90-bca0dceebcc9@gmail.com> <CABkgnnWi4SORzQ4DDSLXXzqqjfntbH-rH+=GdUi+YUktxk3tGg@mail.gmail.com> <f286940b-d0ea-dba8-91bf-4a849bf3ca36@gmail.com> <CABkgnnXFN_08ypN9Lrn5uycCC5nCJ3aY94zTyOBz4aMKtWR8Mg@mail.gmail.com> <9cccc0b9-7f54-41d4-d3d4-eff174b4b3fc@gmail.com> <CABkgnnUKrmC2pJWuMoka+ZHOpprx4fBQ7tC4o+PVa6xS0=G9gw@mail.gmail.com> <3DFDEC10-38D1-4D5E-A638-EB484872CDED@westhawk.co.uk> <5d59eec9-62d6-94e4-517e-da6d0b9e3c41@gmail.com> <CABkgnnUC0tEJ32Vm7QLsPrGiRjk+0z+yC+Rt+TO9w1k6yheHbA@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
X-Mailer: Apple Mail (2.3445.6.18)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/b34A7CktcngX_mwNcq_mFOjSDkg>
Subject: Re: [rtcweb] Possible identity security vulnerability
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Mar 2018 23:04:37 -0000

I think this might somewhat be addressed here:
https://tools.ietf.org/html/draft-ietf-rtcweb-security-10#section-4.4.1

spt

> On Mar 19, 2018, at 10:43, Martin Thomson <martin.thomson@gmail.com> wrote:
> 
> As a practical matter, if the browser were to use the same certificate
> for multiple origins, then it would create a massive privacy problem
> that enables linkability (aka user tracking).  I couldn't find that
> written down, but I thought it was.  If it isn't written down, then we
> should correct that.
> 
> On Mon, Mar 19, 2018 at 1:57 PM, Sergio Garcia Murillo
> <sergio.garcia.murillo@gmail.com> wrote:
>> On 19/03/2018 14:45, westhawk wrote:
>> 
>> On 19 Mar 2018, at 13:40, Martin Thomson <martin.thomson@gmail.com> wrote:
>> 
>> It's anything that *the site* initiates (not so much the browser).
>> Certificates are origin-scoped.
>> 
>> Are they? is the private key needed in the re-use of the assertion?
>> (I haven’t looked at this for ages)
>> If not the you could push the ASN1 of the public cert somewhere not scoped
>> to the
>> origin and have another site re-use it. (e.g. transfer it to an advert
>> iframe with postmessage)
>> 
>> 
>> After checking if further, that may not be clearly explicit on the webrtc
>> w3c spec:
>> 
>> For the purposes of this API, the [[Certificate]] slot contains unstructured
>> binary data. No mechanism is provided for applications to access the
>> [[KeyingMaterial]] internal slot. Implementations MUST support applications
>> storing and retrieving RTCCertificate objects from persistent storage. In
>> implementations where an RTCCertificate might not directly hold private
>> keying material (it might be stored in a secure module), a reference to the
>> private key can be held in the [[KeyingMaterial]] internal slot, allowing
>> the private key to be stored and used.
>> 
>> So it is not clear to me if certificates are origin-scoped or if the key
>> materials could be exported outside of the browser. Worst case, certificate
>> could be exported and identity assertion reused even by a different service.
>> 
>> Best regards
>> Sergio
>> 
> 
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb

v2.23.0 | Report a Bug | By Email