[Secdispatch] Dispatching draft on key consistency
Christopher Wood <caw@heapingbits.net> Fri, 04 March 2022 21:09 UTC
Return-Path: <caw@heapingbits.net>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C12C3A1064 for <secdispatch@ietfa.amsl.com>; Fri, 4 Mar 2022 13:09:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=heapingbits.net header.b=VTH9ilyp; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=LoPAklPj
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 49tKm5KXbnrU for <secdispatch@ietfa.amsl.com>; Fri, 4 Mar 2022 13:09:42 -0800 (PST)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C95383A1061 for <secdispatch@ietf.org>; Fri, 4 Mar 2022 13:09:42 -0800 (PST)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id E86845C006D for <secdispatch@ietf.org>; Fri, 4 Mar 2022 16:09:41 -0500 (EST)
Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Fri, 04 Mar 2022 16:09:41 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=heapingbits.net; h=cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:message-id:mime-version:reply-to:sender:subject :subject:to:to; s=fm1; bh=a5f/HLnbLdKn4KdColCY2S1Ey8xlPRuPrskmOw QB3vI=; b=VTH9ilyp6HvdMolAoraLcRdiz1D6b/MzpFWiE39wmhNF62zc1B9bQA 6HXwJnY/S/K6AndHvzc62iPPhbexANqVZAWLjJe8W2rWm8fAWX0B982TtESlpfXh TPPP5CEqnlTEgXHE79mnR1hS6Xgj24FDwimmcvg3nKZ4sFyMenWkxHE50DFbkk6X R7sOGQ7ALUktuCg1dLSMhWy/OYaPz7rsDKiyc+lRhT0r9fZvm20wYotNtqROV8or BpMGqhtho4++bLCzbnGNk7ZNMjGqg0rI0RK6wn5SPzredTjQtVWbYjAX30IBQXHS nHhiDg/WsIbw+Tfl2NrkxDuQpU1s5UFg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:date:from:from:in-reply-to:message-id:mime-version :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=a5f/HLnbLdKn4KdCo lCY2S1Ey8xlPRuPrskmOwQB3vI=; b=LoPAklPj7sYe71DfgUOYa1y2kLGrYnBWt KeQWyuJ1YOrcQ67rDqeqpgReSnHTDfIz+fgHSREgZ2yeP88rkOl18COLjUQw+4eC LTZrVrlMz8gsHKBLHKUFOa5qL4kCTBT03edU3axZ9vNRMwM5MsB2/OwS6lCjzTXX osGeubB1pKnnblHrSUus3xGjDIJdGgXCzpQaY5NYfl5zTu96RD78zkqJx8WfOf7y AucABA8vpuNpQnzbPdCM7CiQDACXaSfMHODbEcEOvWXQfv49pYPx30CRZ5ffBnCi kPVsdT/z89oNbl2YWBhMiiNUWwjhgSNvaWH+8oBicQBUOeyr+/CiQ==
X-ME-Sender: <xms:FYAiYp4fF0dzmDLm1OF4QbkbwG1BBIsBun07KiP7cUdaPTSnNsIf2Q> <xme:FYAiYm6G3nxFrkd574i_21CZMuQ95zfpSZ_iEwjDqKEnOagd-rYeLSm_B-YvV26cM bLH6PXBD-s9Kc2y4hY>
X-ME-Received: <xmr:FYAiYgdpTmBXzuMDQTuzkTwIaLNKE_UhetTsccnkitADL6mhIS-wAOjtlkN0y3cEU6KcHdVbiTApiEPXKDOzm_OCYav3tkjTLw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvvddruddtkedgudegiecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecuogfuuhhsphgvtghtffhomhgrihhnucdlgeelmd enucfjughrpefhtgfgggfukfffvffosehtqhhmtdhhtdejnecuhfhrohhmpeevhhhrihhs thhophhhvghrucghohhougcuoegtrgifsehhvggrphhinhhgsghithhsrdhnvghtqeenuc ggtffrrghtthgvrhhnpefgudevffeutdevjeegtdefieefueeuteejueetfeejjedthefh teetfeegleevtdenucffohhmrghinhepihgvthhfrdhorhhgpdhgihhthhhusgdrihhone cuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomheptggrfies hhgvrghpihhnghgsihhtshdrnhgvth
X-ME-Proxy: <xmx:FYAiYiJuFp1kggYiKN8ZTBNBYOwhTCVZup4CNv6P_ZjfGRXXxnZ5jg> <xmx:FYAiYtI0G0lBgs38dKGWnFPlshLXEVospWf2ImjUoOKDir7j6BozDA> <xmx:FYAiYrzFiOC4P5uSD4tnqZnvGk9DQs2FoOaJv7IZ7ZU7esn7HztyOQ> <xmx:FYAiYgnZ130vb2yYwD5HeS1mwWBA_rTtW6Wx2J325bA-SzkpO5yOjw>
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <secdispatch@ietf.org>; Fri, 4 Mar 2022 16:09:41 -0500 (EST)
From: Christopher Wood <caw@heapingbits.net>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 15.0 \(3693.40.0.1.81\))
Message-Id: <8BB73374-E38C-40A5-A147-F469B8C24D01@heapingbits.net>
Date: Fri, 04 Mar 2022 13:09:38 -0800
To: secdispatch@ietf.org
X-Mailer: Apple Mail (2.3693.40.0.1.81)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/YeuNz25Q5NmmvLAwJszpqx5ppTY>
Subject: [Secdispatch] Dispatching draft on key consistency
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Mar 2022 21:09:49 -0000
There are a number of different protocols that require multiple clients to discover a common — or consistent — cryptographic public key for use, including: Privacy Pass [1], Oblivious DoH [2], and Oblivious HTTP [3]. Consistency here means that all clients obtain the same view of the public key. An inconsistent view can lead to privacy attacks. For example, in Privacy Pass, if an attacker can somehow force a single (set of) client(s) to use a public key that is distinct from all other clients, then the key used effectively partitions the set of clients into two buckets, and the size and number of these partitions influence the overall privacy posture of the protocol. As this was a pattern across at least two disjoint protocols, we felt it would be useful to document some approaches for building key consistency into systems. The result is [4]. This has been previously presented in the context of the Privacy Pass working group [5], but was not pushed forward as a work item. We’d like to ask for time during SECDISPATCH to (a) determine if there’s interest in moving this document forward in some way, and if so, (b) determine what venue would be best to move it forward. Thanks, Chris, for the authors [1] https://datatracker.ietf.org/wg/privacypass/about/ [2] https://datatracker.ietf.org/doc/draft-pauly-dprive-oblivious-doh/ [3] https://ietf-wg-ohai.github.io/oblivious-http/draft-ietf-ohai-ohttp.html [4] https://datatracker.ietf.org/doc/draft-wood-key-consistency/ [5] https://datatracker.ietf.org/doc/slides-110-privacypass-key-consistency-and-discovery/
- [Secdispatch] Dispatching draft on key consistency Christopher Wood
- Re: [Secdispatch] Dispatching draft on key consis… Michael Richardson
- Re: [Secdispatch] Dispatching draft on key consis… Christopher Wood
- Re: [Secdispatch] Dispatching draft on key consis… Michael Richardson
- Re: [Secdispatch] Dispatching draft on key consis… Christopher Wood
- Re: [Secdispatch] Dispatching draft on key consis… Eric Rescorla