IETF Logo Mail Archive

Re: [lamps] Warren Kumari's Block on charter-ietf-lamps-02-00: (with BLOCK and COMMENT)

Warren Kumari <warren@kumari.net> Wed, 23 May 2018 21:16 UTC

Return-Path: <warren@kumari.net>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 63B0412D7F5 for <spasm@ietfa.amsl.com>; Wed, 23 May 2018 14:16:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.61
X-Spam-Level:
X-Spam-Status: No, score=-2.61 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=kumari-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d-GZaF7TmJZA for <spasm@ietfa.amsl.com>; Wed, 23 May 2018 14:16:13 -0700 (PDT)
Received: from mail-wm0-x22f.google.com (mail-wm0-x22f.google.com [IPv6:2a00:1450:400c:c09::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 47BF312E8EE for <spasm@ietf.org>; Wed, 23 May 2018 14:16:13 -0700 (PDT)
Received: by mail-wm0-x22f.google.com with SMTP id j5-v6so12874351wme.5 for <spasm@ietf.org>; Wed, 23 May 2018 14:16:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kumari-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Ks5UEqL/aGSo5LqC9sqFCehTO5OVj86m2Fm9zQLebks=; b=r85eVSNOffKQkZDuhlHZYWOPWKd+mbyug93bw9NMoKEf0BgA2tqZZ3clThwzjNKfZ/ VXa8lMc3NCWITxGadyl5r3UWasmxiZHqGrbeeWuCWimLcrhCBq7PWX+cJ8UmaFRcVWM9 JpBQTDWgXH1vsWqHvw7sOLuBBVO3NOef9Qi1X0FOXtfOuVHcIuU6lGOc1ssqc4K1Uv2x s6oD6qjIS/QnpX6q4hDkvCNJG3qB/z/WrpLqYPXeyfCUvy5in1bSohn7DYvoruopdjJv kYcKXjYLVN0hWs1s71sk7LTk9rG6AO1yKBuUe6DSWdqoQhFVyLzoKUnb5dQ+h70gxKrc M8dQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Ks5UEqL/aGSo5LqC9sqFCehTO5OVj86m2Fm9zQLebks=; b=b17UMtgNePrRptUFGFDW3QKmsYP+Ztl8BCifzaAb46+0MyHwY1rfu41kKlnZdfRU4L Jg5SJEWrSinl8/7xli2p6aowlZm/9x5xO5ST2oIVP+gLoWeUrmUOhvK/Uf734Bx3J58e 9tKtvaA8XFhJsN2Pe8EezcSwOhQLnZD2ffo+seRlLJSVKV5n8q3Zny/Wh88SqjH6trNU 87lEcXHaJ/26Xlk8NKDxGDccxXTxOi2aAsFH3WzYIOiWKC4WxXQSzbidVOgx4pQByfqd tu8+pUjyhvDMNP6uK3rCcGx5M7zZLS79YTAukFoYR7MF6nAgjqPP/cs9Mfd5FJwi+w5c otOw==
X-Gm-Message-State: ALKqPwciQkd2k0yLjsOktgjUMz9E45FX9Fz3mfZ9zx8ISq/FAbJ8NVo5 CBplKI/buElItr0lqbLJZtVouXblV5jIKqAptKqOlQ==
X-Google-Smtp-Source: AB8JxZqjtC4R29xutFTaGFTc9Ak017vZLThntqZS7MmvAM7cqIQsZTXt4hLY3Qskc95eXBmkSyEFssR6a1wq9Oam8yU=
X-Received: by 2002:a1c:4ad9:: with SMTP id n86-v6mr6400726wmi.0.1527110171359; Wed, 23 May 2018 14:16:11 -0700 (PDT)
MIME-Version: 1.0
References: <152709543734.26876.14669273511731581188.idtracker@ietfa.amsl.com> <64EA6F18-9275-40FC-8FDE-3E12C4458EFB@gmail.com> <CAHw9_iJSB2Ui03+-JOtpfXEotqm_2Pm91gpaFbwtx=LbKgQ_Tw@mail.gmail.com> <CABcZeBOue9JU4v=EP++VUicS=0ZcM5fW0iCw5v1n63Z__ON6hA@mail.gmail.com>
In-Reply-To: <CABcZeBOue9JU4v=EP++VUicS=0ZcM5fW0iCw5v1n63Z__ON6hA@mail.gmail.com>
From: Warren Kumari <warren@kumari.net>
Date: Wed, 23 May 2018 17:15:35 -0400
Message-ID: <CAHw9_iL2NLmpDO5tRFyqH9wbNhLt3TO-YVV83rWq9ho7_by+Mg@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: Yoav Nir <ynir.ietf@gmail.com>, spasm@ietf.org, lamps-chairs@ietf.org, The IESG <iesg@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000004c1597056ce60b21"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/1Zxku8gyPfbS3nCzq51oJnhk-mM>
Subject: Re: [lamps] Warren Kumari's Block on charter-ietf-lamps-02-00: (with BLOCK and COMMENT)
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 May 2018 21:16:22 -0000

On Wed, May 23, 2018 at 4:29 PM Eric Rescorla <ekr@rtfm.com> wrote:

>
>
> On Wed, May 23, 2018 at 12:31 PM, Warren Kumari <warren@kumari.net> wrote:
>
>>
>>
>> On Wed, May 23, 2018 at 1:39 PM Yoav Nir <ynir.ietf@gmail.com> wrote:
>>
>>> Hi Warren.
>>>
>>> Since it was my draft and presentation at SecDispatch that led to this
>>> item, I feel I can answer this.  Inline.
>>>
>>> > On 23 May 2018, at 20:10, Warren Kumari <warren@kumari.net> wrote:
>>> >
>>> > Warren Kumari has entered the following ballot position for
>>> > charter-ietf-lamps-02-00: Block
>>> >
>>> > When responding, please keep the subject line intact and reply to all
>>> > email addresses included in the To and CC lines. (Feel free to cut this
>>> > introductory paragraph, however.)
>>> >
>>> >
>>> >
>>> > The document, along with other ballot positions, can be found here:
>>> > https://datatracker.ietf.org/doc/charter-ietf-lamps/
>>> >
>>> >
>>> >
>>> > ----------------------------------------------------------------------
>>> > BLOCK:
>>> > ----------------------------------------------------------------------
>>> >
>>> > "3. Specify the use of short-lived X.509 certificates for which no
>>> > revocation information is made available by the Certification
>>> Authority.
>>> > Short-lived certificates have a lifespan that is shorter than the time
>>> > needed to detect, report, and distribute revocation information, as a
>>> > result revoking them pointless."
>>> >
>>> > This makes me twitch -- how short is "short”?
>>>
>>> [YN] I expect this to be contentious within the working group, and I
>>> expect the exact cut-off point to be different from one use-case to
>>> another. For highly reliable systems with good clock synchronization
>>> “short” could be as low as an hour. For typical systems I think the likely
>>> lifetime will be between 1 day and 1 week.  IMHO it’s valid for the working
>>> group to leave the cut-off between “short” and “not short” to per-domain
>>> profiles, but I don’t think anything beyond 2 weeks would ever count as
>>> short.
>>>
>>> > And how long is the time to
>>> > "detect, report, and distribute revocation information"? With e.g: CT,
>>> > misissued certificates may be visible before they are used in an
>>> attack,
>>> > decreasing the detection time.
>>>
>>> [YN] Someone needs to see the certificate to add it to the log, and
>>> someone needs to find the certificate on the log and understand that it is
>>> mis-issued. And then someone needs to add it to the CRL / database that
>>> feeds the OCSP responder. And when this is updated, relying parties may
>>> have cached copies of older revocation information. Add it up and it can
>>> take days on the web.  In closed environments there may not be CT at all.
>>>
>>>
>> ​So, here you say: "Add it up and it can take days on the web." and
>> above that you say: "For typical systems I think the likely lifetime will
>> be between 1 day and 1 week.  [...] , but I don’t think anything beyond 2
>> weeks would ever count as short."
>>
>> "1 week" minus "days" is still greater than zero, and so it still *seems*
>> to me that removing revocation is a bad idea -- but, my role is (or should
>> be!) to make sure that this charter doesn't conflict with other work (esp.
>> ops work), that the charter "describes the specific problem or deliverables
>> (a guideline, standards specification, etc.) it has been formed to address.
>> WG charters state the scope of work for group, and lay out goals and
>> milestones that show how this work will be completed." It is (IMO) the
>> sponsoring ADs, the WGs and IETFs decision as to if the ideas themselves
>> are acceptable.
>> I'm not (yet!) so arrogant that I'm sure I know the right answer to
>> everything, so I'd like to discuss this with EKR on the call tomorrow, and
>> will clear my block once I've been assured process is being followed
>> / this has been considered.
>>
>
> Thanks. I think the thing that's important to understand is that
> revocation on the Web is badly broken.
>

​Ok. *That* I'll buy... :-)

It sounds like the WG / people more knowledge about the subject than me
(i.e. everyone :-)) has considered this, and I'm in the rough / it isn't as
scary as I'd though.

I just cleared my Block, thank you everyone for the education,
W




> The two primary standardized ways to deal with revocation are:
>
> - OCSP -- but it's so brittle that people won't hard fail, so it's not
> very good
> - OCSP stapling - which has a lifetime of around a week or so, and so
> basically has the same security properties as short-lived certs.
>
> -Ekr
>
>
>> >
>>> > Also, I would figure that it is still useful to know that a
>>> certificate was
>>> > revoked and didn't just expire -- if I see a certificate which expired
>>> 10
>>> > minutes ago I may be willing (after some consideration, checking my
>>> clock, etc)
>>> > to decide to trust it anyway (even if that's a bad idea!), but a
>>> revoked
>>> > certificate is a clear indication that something bad happened, and
>>> changes my
>>> > risk assessment.
>>>
>>> [YN] Yes, and the candidate draft has a SHOULD-level requirement to not
>>> allow any grace periods for such certificates. One of the feedbacks I got
>>> was that this should be upgraded to MUST (or rather MUST NOT)
>>>
>>>
>> Ok. That helps.
>>
>> Thanks!
>> W
>>
>> >
>>> > It's entirely possible that there is a really good reason why I'm
>>> wrong / that
>>> > this argument doesn't make sense in some use cases (or just that I'm
>>> nuts!)
>>>
>>> [YN] There was some push-back about the name. The important point is not
>>> so much that the lifetime is short, but that there is no revocation
>>> information. We want these certificates because we don’t want to deal with
>>> revocation information. Non-revocation is the end.  Making them short-term
>>> is the means, or rather the sacrifice we need to make to make (other)
>>> security people happy.
>>>
>>> > ----------------------------------------------------------------------
>>> > COMMENT:
>>> > ----------------------------------------------------------------------
>>> >
>>> >
>>> > Also, "revoking them pointless" does not parse - perhaps "revoking
>>> them is pointless"?
>>> >
>>> >
>>> > _______________________________________________
>>> > Spasm mailing list
>>> > Spasm@ietf.org
>>> > https://www.ietf.org/mailman/listinfo/spasm
>>>
>>>
>>
>> --
>> I don't think the execution is relevant when it was obviously a bad idea
>> in the first place.
>> This is like putting rabid weasels in your pants, and later expressing
>> regret at having chosen those particular rabid weasels and that pair of
>> pants.
>>    ---maf
>>
>> _______________________________________________
>> Spasm mailing list
>> Spasm@ietf.org
>> https://www.ietf.org/mailman/listinfo/spasm
>>
>>
>

-- 
I don't think the execution is relevant when it was obviously a bad idea in
the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair of
pants.
   ---maf

v2.15.0 | Report a Bug | By Email