Re: [saag] On PKI vs. Pinning (SAAG 108 preview)

Hiya,

On 28/07/2020 22:18, Ben Laurie wrote:
>> that you
>> already gotta trust,

> 
> Why?

Well, gotta is maybe a tiny bit overstated. I mean
the WebPKI CAs mostly for applications using TLS
and mostly HTTPS and where the application uses
the OS or browser root set or equivalent that's not
under the application's control. From the POV of
the person deploying such applications they kinda
do gotta trust those CAs and picking a subset of
those to which they pin doesn't make things worse
and can make things better. (Assuming CT logs too
of course.)

>> as a way to fail rather than allow
>> a MITM, for the cases where that's better.
>>
> 
> Surely this is not what CAs are for? 

In theory. But once you can add a local enterprise CA
to the relevant root store then the application can be
MTIM'd. The application developer can't stop that,
but, via pinning to a CA, can cause a fail in such cases.

> They're for succeeding rather than a
> MITM, aren't they? That does suppose revocation that actually works (which
> I would suggest is a more useful thing to work on than pinning).
> 
> Also, to be clear, pinning CAs is only deferring the problem - and, in
> fact, without CA blacklisting, is not a great deal better.

I think it has sufficient utility in enough cases to be
worth documenting well. (Which could be done in the IETF
or elsewhere, but here'd be fine.)

> Well. That escalated fast.

Must be my neck is so thick already I no longer notice:-)

Cheers,
S.

> 
> 
>>
>> S
>>
>>>
>>> On Tue, 28 Jul 2020 at 20:49, Stephen Farrell <stephen.farrell@cs.tcd.ie
>>>
>>> wrote:
>>>
>>>>
>>>>
>>>> On 28/07/2020 20:42, Benjamin Kaduk wrote:
>>>>> Sorry for the clumsy description.  Basically, if you squint hard, you
>>>> could
>>>>> claim that at least some types of pinning are actually a PKI, just a
>>>>> degenerate PKI.
>>>>
>>>> Ah gotcha.
>>>>
>>>> ISTM more useful to treat pinning as an adjunct to whatever
>>>> PKI is used by the application that can be MITM'd and not
>>>> bother with pinning as a potential replacement for that
>>>> PKI. There's nothing wrong with an application being based
>>>> on it's very-own PKI of course, but seems less useful for
>>>> the IETF to try describe pinning for custom protocols where
>>>> we don't know the details.
>>>>
>>>> Cheers,
>>>> S.
>>>> _______________________________________________
>>>> saag mailing list
>>>> saag@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/saag
>>>>
>>>
>>
> 

Re: [saag] On PKI vs. Pinning (SAAG 108 preview)

Attachment: 0x5AB2FAF17B172BEA.asc

Attachment: signature.asc