[saag] NSA bug in Windows 10
Phillip Hallam-Baker <phill@hallambaker.com> Wed, 15 January 2020 14:59 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C80C120077 for <saag@ietfa.amsl.com>; Wed, 15 Jan 2020 06:59:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Level:
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iCcR2nhKDnk3 for <saag@ietfa.amsl.com>; Wed, 15 Jan 2020 06:59:28 -0800 (PST)
Received: from mail-oi1-f178.google.com (mail-oi1-f178.google.com [209.85.167.178]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF245120026 for <saag@ietf.org>; Wed, 15 Jan 2020 06:59:27 -0800 (PST)
Received: by mail-oi1-f178.google.com with SMTP id c16so15640147oic.3 for <saag@ietf.org>; Wed, 15 Jan 2020 06:59:27 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=NZgXTehp5P8mGYd5Clqcl9VCeWXqnkUch5IXaGZos+s=; b=reHgb+cPRBhs5+NAYsE/rWaLGrZKfc77oyEBMtKG+M6ByhhsY1EJFdC+qHOyOX1dcb wME3aa5UpfxdvCDGOB00EJ3eV3ufdjacXhQvQG/Pi4VdB7vrlXBnHLiyI9IfYc+2Vmtt w19JSaETlFhzqWXnkHgRv1I9Y/5UKXhWy7sQoHBdz2EzFiFETHjMC+3KuqCjRB/bDLrb I97s3uwcZHrdlgBFHM2tT1tO+9XbvEYBUphQFxeEflUZrdWWd5XPOOHigyUDI8VmSOK5 aTO+4gHJ1wrb0J8GlmSL1VgJUFnbaREgO6yY/JD5XWy2xuGaFT8xCKtVaCeeqSBUy00n ACOw==
X-Gm-Message-State: APjAAAW/+EN4paADvHz4r5wZL5QSXYQCEUAq4NqBj5AH7axN7GT9wJBM WWcJyTND7UQytrfSJxFogyhc1Ak4VpOZo1yLDE0UU2i1
X-Google-Smtp-Source: APXvYqwbixnF+YvTx1AKHuKVq9yTn/FPrICPZmKTw6/ibE0uegoRcfGj4WHeZGqgsjANV/5Id620Rwf96iEhEbyIQt0=
X-Received: by 2002:a54:4f04:: with SMTP id e4mr77369oiy.111.1579100366882; Wed, 15 Jan 2020 06:59:26 -0800 (PST)
MIME-Version: 1.0
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Wed, 15 Jan 2020 09:59:15 -0500
Message-ID: <CAMm+LwjbST2imHARvngfpBsp1vvABukrC+qXmktgxvAWhDnSxA@mail.gmail.com>
To: IETF SAAG <saag@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000006ece5a059c2ef4f2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/saag/wjWWa1z6C9wuQzUd2sH5-HT0dBI>
Subject: [saag] NSA bug in Windows 10
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jan 2020 14:59:30 -0000
I have been reading the reports in the press. >From what I gather, the attack allows an incompetent or malicious CA to craft a malicious certificate. It may also be possible for a CSR to be crafted that could result in a CA issuing a bad EE cert. >From the limited information I can find, it would appear that we don't actually have much of a problem as the whole WebPKI is predicated on the idea that CAs are trusted and they have pretty much infinite ways to defect. Has anyone checked the Certificate Transparency logs to see if any bogus certs matching the NSA pattern are recorded? I would expect not as we require specific NIST curves that have specific names.
- [saag] NSA bug in Windows 10 Phillip Hallam-Baker
- Re: [saag] NSA bug in Windows 10 Peter Gutmann
- Re: [saag] NSA bug in Windows 10 Dan Brown
- Re: [saag] NSA bug in Windows 10 Santosh Chokhani
- Re: [saag] NSA bug in Windows 10 Benjamin Kaduk
- Re: [saag] NSA bug in Windows 10 Peter Gutmann
- Re: [saag] NSA bug in Windows 10 Daniel Van Geest
- Re: [saag] NSA bug in Windows 10 Phillip Hallam-Baker
- Re: [saag] NSA bug in Windows 10 Viktor Dukhovni
- Re: [saag] NSA bug in Windows 10 Dan Brown
- Re: [saag] NSA bug in Windows 10 Peter Gutmann
- Re: [saag] NSA bug in Windows 10 Benjamin Kaduk
- Re: [saag] NSA bug in Windows 10 Michael Richardson