IETF Logo Mail Archive

Re: [saag] On PKI vs. Pinning (SAAG 108 preview)

Ben Laurie <ben@links.org> Tue, 28 July 2020 21:18 UTC

Return-Path: <benlaurie@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 93A9F3A086F for <saag@ietfa.amsl.com>; Tue, 28 Jul 2020 14:18:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tAhIgW5oQ49q for <saag@ietfa.amsl.com>; Tue, 28 Jul 2020 14:18:28 -0700 (PDT)
Received: from mail-il1-f178.google.com (mail-il1-f178.google.com [209.85.166.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A47D83A082B for <saag@ietf.org>; Tue, 28 Jul 2020 14:18:28 -0700 (PDT)
Received: by mail-il1-f178.google.com with SMTP id c16so5708380ils.8 for <saag@ietf.org>; Tue, 28 Jul 2020 14:18:28 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=XKxr+0P/+hdMsgj9qiERS+hYz5XL/zQhd+OOhtkbcYc=; b=eRL3z8B8Y5hT4MI4r2vM0RBV9+NbEYPa0WRLUyBhxlobDDJYget2A8pSgQ4KzvfKGc O1QKujTsh0Ryuf6WDQp/LjvWNul1vdn8s3hTtkV+yIJ86o4WBl4ljl8kv2xOCb7mfqhM VeiV8jQiPQclqXDAL/LjXJc3GHUiwQkLs+flGZkoYiwWDFCV/jsLf1+J0kR0z9vZl32U aYXgr1c7i9J1g03OTEtQgBPlkRZm3DXOjJaYtPdeVC4ZO1GCT1mjwaBtf8v8Y0GXiYHn zJFpJr0DNYw6z+xLukGvr1df71Cfg25o7HYh9OlQhMFyajOjA4wD+zPoQHt/z41TJNvJ 3yvg==
X-Gm-Message-State: AOAM530AUN9Dg7i/CbkFfF+n6QNjsuCjOgvfKvdRvPDPZePgwrX2o94K ve4lgRSLhchlXEm3whA0CZOnBWHARPyJSJgZkZg=
X-Google-Smtp-Source: ABdhPJx/TlXztaE7guav7Lp5D8fNS1G5WaT1q24QomsGdrX0DjKBI42QpHbekhfN4aT7q2gAjd9KrmYg9dxlhfH6amQ=
X-Received: by 2002:a92:d611:: with SMTP id w17mr8209220ilm.103.1595971108017; Tue, 28 Jul 2020 14:18:28 -0700 (PDT)
MIME-Version: 1.0
References: <20200728191331.GV41010@kduck.mit.edu> <e928e548-f82d-2809-200e-0fc4ac93db14@cs.tcd.ie> <20200728194235.GY41010@kduck.mit.edu> <1c4951d6-a67c-47c6-315e-2ad3776c94ec@cs.tcd.ie> <CAG5KPzx0RsYmS8E78Giz5we6bgOmwMvTUH6q_Qk-2gfSVFsLGg@mail.gmail.com> <b7a7fb62-6bba-b628-0d06-890f5211f85a@cs.tcd.ie>
In-Reply-To: <b7a7fb62-6bba-b628-0d06-890f5211f85a@cs.tcd.ie>
From: Ben Laurie <ben@links.org>
Date: Tue, 28 Jul 2020 22:18:17 +0100
Message-ID: <CAG5KPzw-ecphUq8S0swM4gXn7K+TZdynPgOUXhVM_rKU0wrW+w@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: Benjamin Kaduk <kaduk@mit.edu>, IETF Security Area Advisory Group <saag@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f71e1805ab86fa99"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/AvXN-uwPPqAP8jg2c8raIGWaQ6Y>
Subject: Re: [saag] On PKI vs. Pinning (SAAG 108 preview)
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jul 2020 21:18:31 -0000

On Tue, 28 Jul 2020 at 21:09, Stephen Farrell <stephen.farrell@cs.tcd.ie>
wrote:

>
>
> On 28/07/2020 20:56, Ben Laurie wrote:
> > I'm a little surprised by this conversation. Why would SAAG want to
> support
> > a practice that flies in the face of everything we know about key
> > management?
>
> Sorry if I gave the wrong impression. I agree with you
> that pinning to application keys is a bad idea.
>
> I do think there's a role for pinning to CAs


With you up to here.


> that you
> already gotta trust,


Why?


> as a way to fail rather than allow
> a MITM, for the cases where that's better.
>

Surely this is not what CAs are for? They're for succeeding rather than a
MITM, aren't they? That does suppose revocation that actually works (which
I would suggest is a more useful thing to work on than pinning).

Also, to be clear, pinning CAs is only deferring the problem - and, in
fact, without CA blacklisting, is not a great deal better.

Well. That escalated fast.


>
> S
>
> >
> > On Tue, 28 Jul 2020 at 20:49, Stephen Farrell <stephen.farrell@cs.tcd.ie
> >
> > wrote:
> >
> >>
> >>
> >> On 28/07/2020 20:42, Benjamin Kaduk wrote:
> >>> Sorry for the clumsy description.  Basically, if you squint hard, you
> >> could
> >>> claim that at least some types of pinning are actually a PKI, just a
> >>> degenerate PKI.
> >>
> >> Ah gotcha.
> >>
> >> ISTM more useful to treat pinning as an adjunct to whatever
> >> PKI is used by the application that can be MITM'd and not
> >> bother with pinning as a potential replacement for that
> >> PKI. There's nothing wrong with an application being based
> >> on it's very-own PKI of course, but seems less useful for
> >> the IETF to try describe pinning for custom protocols where
> >> we don't know the details.
> >>
> >> Cheers,
> >> S.
> >> _______________________________________________
> >> saag mailing list
> >> saag@ietf.org
> >> https://www.ietf.org/mailman/listinfo/saag
> >>
> >
>

v2.23.0 | Report a Bug | By Email