IETF Logo Mail Archive

Re: [saag] A case against algorithm agility (long)

Paul Lambert <paul@marvell.com> Mon, 05 May 2014 16:10 UTC

Return-Path: <paul@marvell.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E6AE81A0381 for <saag@ietfa.amsl.com>; Mon, 5 May 2014 09:10:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.267
X-Spam-Level:
X-Spam-Status: No, score=-2.267 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Oq_-RglVJGDI for <saag@ietfa.amsl.com>; Mon, 5 May 2014 09:10:44 -0700 (PDT)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by ietfa.amsl.com (Postfix) with ESMTP id DD5D11A03AA for <saag@ietf.org>; Mon, 5 May 2014 09:10:43 -0700 (PDT)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.14.5/8.14.5) with SMTP id s45G9vlu005641; Mon, 5 May 2014 09:10:38 -0700
Received: from sc-owa01.marvell.com ([199.233.58.136]) by mx0b-0016f401.pphosted.com with ESMTP id 1kngkfn422-1 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Mon, 05 May 2014 09:10:38 -0700
Received: from SC-vEXCH2.marvell.com ([10.93.76.134]) by SC-OWA01.marvell.com ([10.93.76.21]) with mapi; Mon, 5 May 2014 09:10:37 -0700
From: Paul Lambert <paul@marvell.com>
To: Yoav Nir <ynir.ietf@gmail.com>, ianG <iang@iang.org>
Date: Mon, 5 May 2014 09:11:59 -0700
Thread-Topic: [saag] A case against algorithm agility (long)
Thread-Index: Ac9ofI08AFSWTjHaSsa7rCsIfE9KrA==
Message-ID: <CF8D04BA.3A328%paul@marvell.com>
References: <53650F27.6040607@iang.org> <alpine.GSO.1.10.1405032309040.9713@multics.mit.edu> <53662898.7040808@iang.org> <9A635D15-5F35-4FDE-BD73-9A923B53EDBF@gmail.com>
In-Reply-To: <9A635D15-5F35-4FDE-BD73-9A923B53EDBF@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.1.140326
acceptlanguage: en-US
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.11.96, 1.0.14, 0.0.0000 definitions=2014-05-05_02:2014-05-05,2014-05-05,1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1402240000 definitions=main-1405050261
Archived-At: http://mailarchive.ietf.org/arch/msg/saag/Qvqw2eQu1qc87uqoAfpZ9KcgCBM
Cc: "saag@ietf.org" <saag@ietf.org>
Subject: Re: [saag] A case against algorithm agility (long)
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 May 2014 16:10:46 -0000

>
>> On 4/05/2014 04:10 am, Benjamin Kaduk wrote:
>> 
>>> That there is even a
>>> commercial market for it suggests that they are in use, and not just by
>>> people who could by pass the crypto.
>> 
>> 
>> Yes, this is fascinating.  There's also the SSL-interceptor boxes which
>> allegedly will take your commercially provided sub-Root.  Who uses those
>> machines and why?
>
>These boxes are used for whatever purpose people want access to the
>plaintext for. Uses range from running so-called "next generation
>firewall²([1]) policy on them, to looking for dissidents in certain
>countries.
>
>Commercial CAs rarely give sub-root certificates, and when they do, they
>have  name constraints ([2]), so they can¹t be used for generating fake
>certificates for mail.google.com.

No, the intermediate certificates sometimes do not have constraints. There
is a medium sized country that issued unconstrained intermediate
certificates to all of their middle school districts.  Also, revocation
checking for intermediates is typically broken in implementations -
particularly for OCSP stapling.

Paul


>These boxes generally either generate their own self-signed CA, or get a
>corporate sub-CA. Either way, it requires clients to be configured with
>the interception CA.
>
>Yoav 
>
>[1] ³next generation firewall² is a marketing term, but in general
>classic firewall can block addresses, protocols and ports, whereas ³next
>generation² looks at higher layers as well. So a classic firewall can
>block your access to Facebook, a next-generation firewall can block your
>access to Farmville.
>[2] Yes, there were cases where this was not followed.
>_______________________________________________
>saag mailing list
>saag@ietf.org
>https://www.ietf.org/mailman/listinfo/saag

v2.8.7 | Report a Bug | By Email