IETF Logo Mail Archive

Re: [saag] [lamps] subordinate vs intermediate certification authority

Phillip Hallam-Baker <phill@hallambaker.com> Mon, 08 February 2021 18:46 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CF643A14AD; Mon, 8 Feb 2021 10:46:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Level:
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mRY4PooQEk5y; Mon, 8 Feb 2021 10:46:25 -0800 (PST)
Received: from mail-yb1-f170.google.com (mail-yb1-f170.google.com [209.85.219.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 64F9A3A14AB; Mon, 8 Feb 2021 10:46:25 -0800 (PST)
Received: by mail-yb1-f170.google.com with SMTP id w204so15634557ybg.2; Mon, 08 Feb 2021 10:46:25 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=0eKAos57NQK4nnCfS4rBeVr9EQiT13CNabrMdKTEeUo=; b=MECSYmF6VzO2Zm9Jz1zB3K8vm1vY9Nj+HsPe5eHgW1RQV9ScY9doxP4t3JHe+yP7EC PbArb3XtYES3htkymfNX1jNvrVmy6+S3/thWp+H7o3tNBHUQ18xIOFbrDWBjqAQaGkNs DeqX6QUF5/gIdoRt52kEuOan0CasZpzxbc4phb6ILzqbiWRhTPRvg1z7W4KD02Erv0bd tb7qPawfBi1RT+uzEGFTrrwYXkEEJabWITHVAC+TG0hhABYyyI64KfR4rH9E7V60NyWY fzJyt8G4/Zv4kn9/j9LgUz7hJd3zNrMeyiZf0ZOzplrwn2jBlLch/7kIW84cm3BpHlfL FnRQ==
X-Gm-Message-State: AOAM531aVMJvo1e8GtnDdYqwlsLAyHUrQsFWukBJpZziaPsvM+iUgCL7 SImcmbL9icmWcWm1zZyxONN8F372lgCA+kzJWMw=
X-Google-Smtp-Source: ABdhPJyGSlPEWWRsiufdSgfQUA3Og+ZkY+UffnGoDGupQWk/t0reOhr38cdT8VJu7wEl8uWpkM3fLlITWyzgjhJwBUM=
X-Received: by 2002:a5b:444:: with SMTP id s4mr27962495ybp.172.1612809984629; Mon, 08 Feb 2021 10:46:24 -0800 (PST)
MIME-Version: 1.0
References: <30833.1612411843@localhost> <5a88fc8c-dbd2-cc77-2b06-db0fd9da4da4@openca.org> <6108.1612645177@localhost> <CAErg=HHesEG1T+39WCgFGa---wzd884FQNGLndT35dvVAKf+kA@mail.gmail.com> <F54D454D-D8BF-48EC-91E2-8493E4E921A0@cisco.com>
In-Reply-To: <F54D454D-D8BF-48EC-91E2-8493E4E921A0@cisco.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Mon, 08 Feb 2021 13:46:14 -0500
Message-ID: <CAMm+Lwgv-c6-xLckof6z-+Vtj=2Cnbn25QG9JoehxrtCTozHkw@mail.gmail.com>
To: Eliot Lear <lear=40cisco.com@dmarc.ietf.org>
Cc: Ryan Sleevi <ryan-ietf@sleevi.com>, LAMPS <spasm@ietf.org>, Michael Richardson <mcr+ietf@sandelman.ca>, IETF SAAG <saag@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000395eb505bad7962e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/QTxbvRhNhBrec0H0AkyUCwudRo4>
Subject: Re: [saag] [lamps] subordinate vs intermediate certification authority
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Feb 2021 18:46:27 -0000

On Mon, Feb 8, 2021 at 1:40 PM Eliot Lear <lear=40cisco.com@dmarc.ietf.org>
wrote:

> Ryan,
>
>
> No one, anywhere, should ever pin to a CA that they don’t directly
> control, and even then, they still shouldn’t :)
>
>
>
>
> Pinning is just a poor-man’s attempt at a server controlling the client’s
> trust anchors, and thus inevitably runs into issues, since client policy is
> inherently _client_ policy. Especially important is never pinning to a
> so-called “public” CA, precisely because their very existence is predicated
> on client policy that is intentionally not controlled/controllable by
> servers.
>
>
> I think we’ve lost the point of the discussion.  In this case, the client
> starts with just one CA in its trusted root cache, and maybe not any.
> These are small devices, and that one cert is a manufacturer CA.
>
> When we are talking about pinning we are talking about an environment in
> which a public CA cert is *somehow* involved.  That “somehow” is very
> much up in the air. Another way of addressing this is with a domain
> constraint, but the problem with such a constraint is that the device needs
> to understand DNS, and it may or may not, in which case some sort of other
> method is needed to signal that a particular intermediate needs to be in
> the chain for validation.
>
> The manufacturer is the only trusted element in this picture, as far as
> the device is concerned, but it IS trusted in this scenario to
> *explicitly* configure trust for the device.  Thus it is in a very good
> position to signal that a particular intermediate certificate must be
> present in the chain.  How to do that?
>
> That’s the question of the hour, as I see it.  And how to do it such that
> it doesn’t completely cause various libraries to cough up blood?  BIGGER
> question.
>

If I had to deliver something in 12 months, I would take Microsoft's
Certificate Trust Lists as a starting point.

The better answer for IoT PKI is to start from scratch with trust
assertions that don't expire, a naming system in which permanent name
allocation is cheap and to make use of threshold cryptography to address
the fact that end users can't trust manufacturer keys and manufacturers
would be nuts to accept the liability of issuing end user keys.

Something like the Mathematical Mesh.

v2.23.0 | Report a Bug | By Email