IETF Logo Mail Archive

Re: [saag] A case against algorithm agility (long)

Yoav Nir <ynir.ietf@gmail.com> Sun, 04 May 2014 12:35 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8A4D71A0083 for <saag@ietfa.amsl.com>; Sun, 4 May 2014 05:35:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rtTRyb3AtxdE for <saag@ietfa.amsl.com>; Sun, 4 May 2014 05:35:36 -0700 (PDT)
Received: from mail-wi0-x22f.google.com (mail-wi0-x22f.google.com [IPv6:2a00:1450:400c:c05::22f]) by ietfa.amsl.com (Postfix) with ESMTP id CD0881A0062 for <saag@ietf.org>; Sun, 4 May 2014 05:35:35 -0700 (PDT)
Received: by mail-wi0-f175.google.com with SMTP id f8so528841wiw.14 for <saag@ietf.org>; Sun, 04 May 2014 05:35:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=5oxb6dMK+Ir/dkdPBIlo38X47SCy+968A0mjpKgQi18=; b=bp8qjfFhMkZg67RhkmZK4jo3hn6zbtYVUtr/n3d4CLZChg6sF31YHOBxLDaC44HUzO uapU1qLr+qTGNc5mTErbFMcm73K0ayH15ee2TZMustXb/N3zuo5y1fZgwJBu9APLAzjl FAGryWoTNQPsM8oDe7B4yF4QDdULjz6gsSptzhzPvhx/I4bnzoMCS4tzG3uBnGEQLprn SREW96yeX42PwH18Xl+t+OXepnYSGm0fKIeJ3Y9SDd++34c4gK33eGpuNr+FemLkq4JQ k7IczFGVwmoJeAOBQtzXJMlYCp4xl5tgZ+M+OB/h67tXuNlO4NNntt3sdlD8CpBDf461 KiVA==
X-Received: by 10.194.201.73 with SMTP id jy9mr1621975wjc.51.1399206932292; Sun, 04 May 2014 05:35:32 -0700 (PDT)
Received: from [172.24.249.242] (dyn32-131.checkpoint.com. [194.29.32.131]) by mx.google.com with ESMTPSA id pl6sm11765382wjc.0.2014.05.04.05.35.31 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sun, 04 May 2014 05:35:31 -0700 (PDT)
Content-Type: text/plain; charset=windows-1252
Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <53662898.7040808@iang.org>
Date: Sun, 4 May 2014 15:35:30 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <9A635D15-5F35-4FDE-BD73-9A923B53EDBF@gmail.com>
References: <53650F27.6040607@iang.org> <alpine.GSO.1.10.1405032309040.9713@multics.mit.edu> <53662898.7040808@iang.org>
To: ianG <iang@iang.org>
X-Mailer: Apple Mail (2.1874)
Archived-At: http://mailarchive.ietf.org/arch/msg/saag/0INzmvmttLD5u-PwLHsWA8vR-6A
Cc: saag@ietf.org
Subject: Re: [saag] A case against algorithm agility (long)
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 May 2014 12:35:37 -0000

On May 4, 2014, at 2:46 PM, ianG <iang@iang.org> wrote:

> On 4/05/2014 04:10 am, Benjamin Kaduk wrote:
> 
>> That there is even a
>> commercial market for it suggests that they are in use, and not just by
>> people who could by pass the crypto.
> 
> 
> Yes, this is fascinating.  There's also the SSL-interceptor boxes which
> allegedly will take your commercially provided sub-Root.  Who uses those
> machines and why?

These boxes are used for whatever purpose people want access to the plaintext for. Uses range from running so-called "next generation firewall”([1]) policy on them, to looking for dissidents in certain countries.

Commercial CAs rarely give sub-root certificates, and when they do, they have  name constraints ([2]), so they can’t be used for generating fake certificates for mail.google.com.  These boxes generally either generate their own self-signed CA, or get a corporate sub-CA. Either way, it requires clients to be configured with the interception CA.

Yoav 

[1] “next generation firewall” is a marketing term, but in general classic firewall can block addresses, protocols and ports, whereas “next generation” looks at higher layers as well. So a classic firewall can block your access to Facebook, a next-generation firewall can block your access to Farmville.
[2] Yes, there were cases where this was not followed.

v2.8.7 | Report a Bug | By Email