[secdir] Secdir review of draft-ietf-pkix-tac
Paul Hoffman <phoffman@imc.org> Mon, 22 June 2009 22:41 UTC
Return-Path: <phoffman@imc.org>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 651AA3A6AA1 for <secdir@core3.amsl.com>; Mon, 22 Jun 2009 15:41:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.366
X-Spam-Level:
X-Spam-Status: No, score=-2.366 tagged_above=-999 required=5 tests=[AWL=0.233, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rmEEIWknipDr for <secdir@core3.amsl.com>; Mon, 22 Jun 2009 15:41:01 -0700 (PDT)
Received: from balder-227.proper.com (properopus-pt.tunnel.tserv3.fmt2.ipv6.he.net [IPv6:2001:470:1f04:392::2]) by core3.amsl.com (Postfix) with ESMTP id 601A33A699F for <secdir@ietf.org>; Mon, 22 Jun 2009 15:41:01 -0700 (PDT)
Received: from [10.20.30.158] (dsl-63-249-108-169.static.cruzio.com [63.249.108.169]) (authenticated bits=0) by balder-227.proper.com (8.14.2/8.14.2) with ESMTP id n5MMfDBf037750 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 22 Jun 2009 15:41:14 -0700 (MST) (envelope-from phoffman@imc.org)
Mime-Version: 1.0
Message-Id: <p06240803c665b4f80a50@[10.20.30.158]>
In-Reply-To: <27893.1245169561.109739@puncture>
References: <27893.1245169561.109739@puncture>
Date: Mon, 22 Jun 2009 15:41:11 -0700
To: draft-ietf-pkix-tac@tools.ietf.org, Security Area Directorate <secdir@ietf.org>
From: Paul Hoffman <phoffman@imc.org>
Content-Type: text/plain; charset="us-ascii"
Subject: [secdir] Secdir review of draft-ietf-pkix-tac
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jun 2009 22:41:02 -0000
I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This is an experimental protocol for creating "traceable anonymous certificates". These certs split the authority into two entities, one who issues an end-entity cert with a pseudonym, and another who verifies that the end entity has the private key. There are many pretty deep security issues with the proposal, mostly that there are many ways where the anonymity of the user can be exposed. In many ways, this represents leap-of-faith anonymity. The security consideration section swings around wildly on recommendations for how a user can maintain their anonymity, but at least mentions a few times that this is all pretty much conditioned on factors over which the end entity has no control. On a personal note, I doubt that this will be at all useful in practice. The end entity is trading off trusting one CA to not reveal personal information against two CAs with not colluding plus having to get multiple certs over time from different CAs. Having said that, there are probably no security/privacy considerations that are not already covered in the document.
- [secdir] secdir review of draft-housley-aes-key-w… Dave Cridland
- [secdir] Secdir review of draft-ietf-pkix-tac Paul Hoffman