IETF Logo Mail Archive

Re: [saag] post-X509 cryptographic identities

Nico Williams <nico@cryptonector.com> Tue, 11 February 2020 19:17 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A4F21209FE for <saag@ietfa.amsl.com>; Tue, 11 Feb 2020 11:17:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cryptonector.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hIwOckgsDuHH for <saag@ietfa.amsl.com>; Tue, 11 Feb 2020 11:17:31 -0800 (PST)
Received: from aye.elm.relay.mailchannels.net (aye.elm.relay.mailchannels.net [23.83.212.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3BD99120A23 for <saag@ietf.org>; Tue, 11 Feb 2020 11:17:30 -0800 (PST)
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 413ED340C71; Tue, 11 Feb 2020 19:17:28 +0000 (UTC)
Received: from pdx1-sub0-mail-a21.g.dreamhost.com (100-96-13-15.trex.outbound.svc.cluster.local [100.96.13.15]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 5BDC73415A9; Tue, 11 Feb 2020 19:17:27 +0000 (UTC)
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
Received: from pdx1-sub0-mail-a21.g.dreamhost.com ([TEMPUNAVAIL]. [64.90.62.162]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384) by 0.0.0.0:2500 (trex/5.18.5); Tue, 11 Feb 2020 19:17:28 +0000
X-MC-Relay: Neutral
X-MailChannels-SenderId: dreamhost|x-authsender|nico@cryptonector.com
X-MailChannels-Auth-Id: dreamhost
X-Well-Made-Fearful: 75635f902f9345bc_1581448647910_1493109792
X-MC-Loop-Signature: 1581448647910:1593145228
X-MC-Ingress-Time: 1581448647909
Received: from pdx1-sub0-mail-a21.g.dreamhost.com (localhost [127.0.0.1]) by pdx1-sub0-mail-a21.g.dreamhost.com (Postfix) with ESMTP id CF4E280314; Tue, 11 Feb 2020 11:17:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to:content-transfer-encoding; s= cryptonector.com; bh=geiRCn6u3L8AIvI+srOwpsKy0Gs=; b=TOs1t+BxO0A 0V2AugPYZ8Ts2bguJGLGnLM7W9f67fZqU7PoU+u0Hc1G6Z8uruYDfLWhPhZQFc0k 4J0osE4mW6g5iunPLrEj55Wxh0pG9lGKqMGiOAHoIyYNSvG1P6GV+LziDZn7EKZi /n+FsI6P8fN+Jm6I0Wag+bkrXyvW+2h8=
Received: from localhost (unknown [24.28.108.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by pdx1-sub0-mail-a21.g.dreamhost.com (Postfix) with ESMTPSA id 0333180326; Tue, 11 Feb 2020 11:17:16 -0800 (PST)
Date: Tue, 11 Feb 2020 13:17:14 -0600
X-DH-BACKEND: pdx1-sub0-mail-a21
From: Nico Williams <nico@cryptonector.com>
To: Henry Story <henry.story@gmail.com>
Cc: saag@ietf.org, Michael Richardson <mcr+ietf@sandelman.ca>
Message-ID: <20200211191713.GM18021@localhost>
References: <825b8c8e-7ee9-9276-d09e-9c006acf3804@ericsson.com> <CABcZeBOzJ2MRS8deZqN+e-o9tFDwgSrYK3_hmV-0pfO+L9oaVw@mail.gmail.com> <53c87d6b-cad1-3a80-291d-e2a896705da5@ericsson.com> <CABcZeBNJWmFTV==6sa0qnAPyRr4=6OiCacchzobE=RozHnqPdg@mail.gmail.com> <7901248e-c7dd-8a12-65df-f40415fde5e2@cs.tcd.ie> <26497.1581418516@dooku> <20200211165720.GH18021@localhost> <DF09BF39-20E3-4BDE-B1E2-8C84864DF0F7@gmail.com> <20200211174543.GL18021@localhost> <2EA72296-7533-4D92-97DF-99027EC46543@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <2EA72296-7533-4D92-97DF-99027EC46543@gmail.com>
User-Agent: Mutt/1.9.4 (2018-02-28)
X-VR-OUT-STATUS: OK
X-VR-OUT-SCORE: -100
X-VR-OUT-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedugedrieefgdduudeiucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuggftfghnshhusghstghrihgsvgdpffftgfetoffjqffuvfenuceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujfgurhepfffhvffukfhfgggtugfgjggfsehtkeertddtreejnecuhfhrohhmpefpihgtohcuhghilhhlihgrmhhsuceonhhitghosegtrhihphhtohhnvggtthhorhdrtghomheqnecuffhomhgrihhnpehmvgguihhumhdrtghomhenucfkphepvdegrddvkedruddtkedrudekfeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhhouggvpehsmhhtphdphhgvlhhopehlohgtrghlhhhoshhtpdhinhgvthepvdegrddvkedruddtkedrudekfedprhgvthhurhhnqdhprghthheppfhitghoucghihhllhhirghmshcuoehnihgtohestghrhihpthhonhgvtghtohhrrdgtohhmqedpmhgrihhlfhhrohhmpehnihgtohestghrhihpthhonhgvtghtohhrrdgtohhmpdhnrhgtphhtthhopehnihgtohestghrhihpthhonhgvtghtohhrrdgtohhm
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/95biGAbvx_IwJFYqoUvj9ofvJd8>
Subject: Re: [saag] post-X509 cryptographic identities
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Feb 2020 19:17:36 -0000

On Tue, Feb 11, 2020 at 07:05:01PM +0100, Henry Story wrote:

[Quoting out of order]

> You can’t do anything in the User interface of interest with the
> information provided in certificates currently. That is just because
> the information is so poor, and it is so poor because no private
> entity wants to risk certifying more information than the minimal
> amount. 

This is one thing we can improve: the binding of HTTPS URL authority to
an actual owner.  The certificate is useless, indeed, and cannot bring
any more metadata into the picture than the hostname -- the binding of
that to authorization by a proper owner is essential, and the WebPKI
cannot provide this well enough.

Providing _more_ metadata likely won't help human users: they can barely
cope with the concept of a domainname, let alone more stuff.

> > On 11 Feb 2020, at 18:45, Nico Williams <nico@cryptonector.com> wrote:
> > DNSSEC has name constraints fully built-in to the system.
> 
> I am not arguing against DNS-SEC Dane nor X509, but to
> enlarge one’s view of how names get meaning. Those
> two systems only allow one to tie a name to a referent.

I don't think I implied that you were.

> [...]

You're headed right for the identity problem, and thorny problems in
philosophy like the Ship of Theseus problem.

You will not find an answer to these problems in cryptography.

All of our naming schemes have a layer of indirection where the tie to a
physical entity is weak (a physical entity whose own "identity" is
weak).

> >> I explain what is is good and what the limitations are in
> >> "Stopping (https) phishing"
> >> https://medium.com/cybersoton/stopping-https-phishing-42226ca9e7d9
> > 
> > Phishing is a whole different and separable issue.  The fundamental
> > problem with phishing is that humans too-easily fall for scams, and no
> > authentication technology can stop this.
> 
> How can you ever improve your system if you start with such a
> flawed psychological theory? 

Oh?

> Humans are not stupid. They have limited time to dedicate to
> the task of understanding where an web site is located. This
> could be improved by making the information

Humans are _often_ quite stupid.  Not always, but also not never.

>  1) enriching the information provided to be interesting and relvant
>  2) by making the information dynamic
>  3) and making it visible to the users.

You quickly run into issues.  UIs that are too busy.  Different people
having different attention spans, different likes and dislikes for UIs.

There is no one-size-fits-all UI.

Browser developers have been struggling for decades with this problem.

"Look to epistemology" is a platitude.

Nico
--

v2.23.0 | Report a Bug | By Email