Re: Request change in son-of-rfc2633
pgut001@cs.auckland.ac.nz (Peter Gutmann) Thu, 30 October 2003 04:25 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA24163 for <smime-archive@lists.ietf.org>; Wed, 29 Oct 2003 23:25:33 -0500 (EST)
Received: from above.proper.com (localhost [127.0.0.1]) by above.proper.com (8.12.10/8.12.8) with ESMTP id h9U42tkT064269 for <ietf-smime-bks@above.proper.com>; Wed, 29 Oct 2003 20:02:55 -0800 (PST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.10/8.12.9/Submit) id h9U42tMM064268 for ietf-smime-bks; Wed, 29 Oct 2003 20:02:55 -0800 (PST)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from hermes.cs.auckland.ac.nz (hermes.cs.auckland.ac.nz [130.216.33.151]) by above.proper.com (8.12.10/8.12.8) with ESMTP id h9U42qkT064257; Wed, 29 Oct 2003 20:02:53 -0800 (PST) (envelope-from pgut001@cs.auckland.ac.nz)
Received: from cs.auckland.ac.nz (medusa01.cs.auckland.ac.nz [130.216.34.33]) by hermes.cs.auckland.ac.nz (8.12.9-20030924/8.12.9) with ESMTP id h9U42no9019708; Thu, 30 Oct 2003 17:02:49 +1300
Received: (from pgut001@localhost) by cs.auckland.ac.nz (8.11.6/8.11.6) id h9U45FK16114; Thu, 30 Oct 2003 17:05:15 +1300
Date: Thu, 30 Oct 2003 17:05:15 +1300
Message-Id: <200310300405.h9U45FK16114@cs.auckland.ac.nz>
From: pgut001@cs.auckland.ac.nz
To: pgut001@cs.auckland.ac.nz, steve.hanna@sun.com
Subject: Re: Request change in son-of-rfc2633
Cc: ejnorman@doit.wisc.edu, ietf-pkix@imc.org, ietf-smime@imc.org
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Steve Hanna <steve.hanna@sun.com> writes: >Anyone who "reads the PKIX tea leaves" and thinks that it's fine to skip name >chaining checks in path validation needs to have their eyes checked. RFC 3280 >says in many places that name chaining MUST be checked. Uhh, I'm not sure who that was directed at, but if it was at me then I should point out that the tea leaves comment was an observation that no-one seemed to be able to agree on the role of the sKID, with all manner of possible interpretations having been presented in the recent thread. Seeing everyone trying to figure out how to interpret the sKID requirements reminded me of people trying to read tea leaves. Getting somewhat more tongue-in-cheek now: >I'm sure that some customers have created PKIs where name chaining doesn't >hold, Standard practice for cross-certification, re-parenting, and all the other stuff that I gave the generic label "spaghetti PKI" to (you can tell from the label I use for it what I think of it :-). >but that's an error on the customer's part. That's what I've been saying for years (see e.g. my statement a couple of months back "There is a special name for a PKI of this kind. It's called 'Broken' or 'Defective'"), but I guess that's something the spaghetti PKI fans and myself will have to agree to disagree on. >In fact, they may have opened themselves and their customers up to security >holes and perhaps even legal liability. When was anyone ever held liable for implementing a broken PKI? Usually any investment of large amounts of money that results in a broken PKI is followed by the investment of even more money in it (either that or the quiet cancellation of the project). No-one ever gets held liable. Why do you think we have products like the ones you mentioned out there? >This reminds me of Microsoft's decision to not check the Basic Constraints >extension, treating every certificate as a CA certificate. This decision, >presumably made in to please a customer, resulted in a HUGE security hole. It wasn't a conscious decision, just bad programming. Mozilla (and no doubt some others that didn't get any publicity) did the same thing, and I'm sure they didn't get asked to do that by customers. The flaw had been known for at least five years, but no-one cared until the scaremongering in the media forced vendors to fix things (see the above comments about liability - you can get away with calling anything you like "X.509 standards-compliant", so why bother doing the job properly?). Peter.
- Request change in son-of-rfc2633 Jim Schaad
- Re: Request change in son-of-rfc2633 Russ Housley
- Re: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Blake Ramsdell
- RE: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Blake Ramsdell
- RE: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Blake Ramsdell
- RE: Request change in son-of-rfc2633 Russ Housley
- RE: Request change in son-of-rfc2633 Blake Ramsdell
- RE: Request change in son-of-rfc2633 Russ Housley
- RE: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Peter Gutmann
- RE: Request change in son-of-rfc2633 Russ Housley
- RE: Request change in son-of-rfc2633 Peter Gutmann
- Re: Request change in son-of-rfc2633 Steve Hanna
- RE: Request change in son-of-rfc2633 Santosh Chokhani
- Re: Request change in son-of-rfc2633 Peter Gutmann
- Re: Request change in son-of-rfc2633 Peter Gutmann