IETF Logo Mail Archive

Re: [Spasm] certspec work (draft-seantek-certspec-06.txt)

Wei Chuang <weihaw@google.com> Wed, 15 June 2016 21:26 UTC

Return-Path: <weihaw@google.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 43F9912DBF4 for <spasm@ietfa.amsl.com>; Wed, 15 Jun 2016 14:26:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.126
X-Spam-Level:
X-Spam-Status: No, score=-4.126 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EoBFIjm0tp6T for <spasm@ietfa.amsl.com>; Wed, 15 Jun 2016 14:26:38 -0700 (PDT)
Received: from mail-oi0-x22c.google.com (mail-oi0-x22c.google.com [IPv6:2607:f8b0:4003:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AF83A12DBF3 for <spasm@ietf.org>; Wed, 15 Jun 2016 14:26:37 -0700 (PDT)
Received: by mail-oi0-x22c.google.com with SMTP id d132so40225508oig.1 for <spasm@ietf.org>; Wed, 15 Jun 2016 14:26:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=ASa6L63K8AEFBIz1RHwd3071gFap/thl66A/Jkk6Y3I=; b=V7dl4KLdYRyJsVYttkHPnRDlHTwISxZVzuyxduqX106J2NMoTTBY9UfU+l7vbCuWjn cvPFE+mIsEsmXcWjZuRhlTqTfKAhTdXT1jv/MsFte4RyzFViLhrbTIGSqTGLLIUWSysV ibnWEu9k4ikLSBzAHBlGXf++afIdjDPBboVVe4UnjNTTSuafoIjIHgC5QiZEg45bDNhn ny7aCsEeYzOj1o7/yKGZ4BvwazNzWBqtWM44vn5WEd9EvIvKjNIIRMd03U1q7ZlrmWX8 FqcCkTjIdTYka4gseZSDYc70p7mmrt7w/IrVSzr3OUy+z3qe66R2nnunwtIBdNQT6rXb woWQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=ASa6L63K8AEFBIz1RHwd3071gFap/thl66A/Jkk6Y3I=; b=LFSRwV77BhG8fWtQq/fwVwiFJQY3IbhiNBncAmQYH2hlTOFaI73zw56Rbsgt28aJXk ofHxIrHZnb9Y/TzTTzDDTRemqAOwJJs+GOV6VJ+oqnc4VlXJBc2pf0htyf9ddz6PuJ1g r9V8qhpvO3CP5Ecc3x4E+tl4TDqibhBGrXspWybMSQG4GgwjzpuPADX4OI6HUGYQW533 8MmwrRRhZ68e8SWbHY0rv1/qyGas8M+SsnXg2x0QAc5kdwJXY0RY9a9WCeGN3n8jNoZo F/5JblS+fcafv7XPOwpOIanVridjBXZbVHkugJu+NONdSAOrxV2K8bxtJ2V7GSvUcKPf 2yxw==
X-Gm-Message-State: ALyK8tLqTg0JkzhQCvJl6KYZt/NdjKNki9lxmSAN+oAP975w0bzJW3J/LlEj9qUVQaqXvct4H/OyTlhlUoJUeELM
X-Received: by 10.202.184.213 with SMTP id i204mr501276oif.128.1466025996594; Wed, 15 Jun 2016 14:26:36 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.157.27.139 with HTTP; Wed, 15 Jun 2016 14:26:35 -0700 (PDT)
In-Reply-To: <77fea80c-0c58-d64e-1260-074942211258@seantek.com>
References: <20160608161629.19935.86198.idtracker@ietfa.amsl.com> <f7c50b01-9d68-11ac-c343-9ffff7dbf143@seantek.com> <CAAFsWK1C4n-9rx+zCr+ig6of3XA=shE1HnvkTyJ6wfVp=BOJPw@mail.gmail.com> <77fea80c-0c58-d64e-1260-074942211258@seantek.com>
From: Wei Chuang <weihaw@google.com>
Date: Wed, 15 Jun 2016 14:26:35 -0700
Message-ID: <CAAFsWK1Y3UgaTWMOX3LHC4Y=VEfh=7VCf78FBPQH03C4ioOYsQ@mail.gmail.com>
To: Sean Leonard <dev+ietf@seantek.com>
Content-Type: multipart/alternative; boundary="001a113ce9a8c29fe1053557c61d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/pqH4IOlpNCW0a5y3cY0jovcK55w>
Cc: spasm@ietf.org
Subject: Re: [Spasm] certspec work (draft-seantek-certspec-06.txt)
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jun 2016 21:26:41 -0000

On Wed, Jun 15, 2016 at 12:15 PM, Sean Leonard <dev+ietf@seantek.com> wrote:

> Returning to the rest of the response:
>
> On 6/9/2016 10:49 AM, Wei Chuang wrote:
>
> Just some thoughts about this draft:
>
>
> 2. This document would do best when coupled with work on methods to access
> certificates such as draft-bhjl-x509-srv-00 that would use it.
>
>
> Yes, I think that would be fine and a useful coupling.
>
> However, the motivator for certspec is to identify a single certificate
> unambiguously, not a family of certificates. Use cases include in
> configuration data for Internet-connected devices, such as for
> administrators administering certificate settings on clients, server, or
> nodes on an internal network, using various configuration formats (config
> files, YANG, XML, JSON, etc.).
>
> Section 2 says "Certificate specifications, or "certspecs", are not
> designed or intended to provide a search tool or query language to match
> multiple certificates. The goal is to replace data elements that would
> otherwise have to include whole certificates, or that employ proprietary
> reference schemes." It does not attempt, for example, to provide a syntax
> for matching "any certificate for an e-mail address", as
> draft-bhjl-x509-srv-00 suggests:
>
> https://certs.example.com/certificates/search.cgi?uri=someuser%40example.com
>
>
> This is important because it is likely that such a query (it *is* a
> query) could return multiple certificates. It would be fine to use
> draft-bhjl-x509-srv-00 to construct a different query:
>
> https://certs.example.com/certificates/search.cgi?certspec=SHA-256:64DF
> 42FF3410B579958ADDCC5C35E6BAEAFCCB4EB2B3FCDD29CE4EE06857F68E
>
>
> That would be okay; the result would have to be strictly limited to a
> single application/pkix-cert, not multiple certificates (compare with
> Section 5 of draft-bhjl-x509-srv-00). However, I question the utility of
> such a thing. If you know the SHA-256 hash but not anything else about the
> certificate, are you sure you want to be asking "example.com"? Maybe you
> should be asking elsewhere? (Compare with the ni: URI scheme.) If you know
> the SHA-256 hash and you know that you are hunting for a certificate that
> matches an e-mail address, it makes more sense to use
> draft-bhjl-x509-srv-00 or something else to return all the known
> certificates, and then have the client verify that one of the certificates
> matches the SHA-256 hash. The client has to do this anyway for security
> reasons.
>
> Certspecs are meant to be "simple" enough that they can be included as
> components of broader formats, including certificate queries. For example:
>
> https://certs.example.com/certificates/search.cgi?uri=someuser%40example.com&
> certspec=SHA-256:64DF42FF3410B579958ADDC
> C5C35E6BAEAFCCB4EB2B3FCDD29CE4EE06857F68E&certspec=SHA-1:FEA3
> 64082CEACA2AC80E8AECFA2224BCC3210D2A
>
>
> Would be a better example (assuming that the client really did forget
> about the original certificate, perhaps because it is very
> resource-constrained): the premise being that bandwidth can be saved by
> doing server-side filtering.
>
> 1. The title is a little bit confusing, as much of the document is about
> naming certificates.  Perhaps "Naming and Metadata Specification for..."?
>
> Actually...none of the document is about naming certificates, because they
> aren't names.
>

Regarding the title, then perhaps something describing how this document is
to be used?


>
> Certificates don't have globally unique "names". The closest thing to a
> name is Issuer + Serial Number, as issuer is theoretically unique and
> serial number is supposed to be unique for every cert issued by a
> particular CA. But we know this is not true because CA issuers are not
> bound to follow some global Directory, which never materialized.
>
> The family of element-based specs is included for compatibility (e.g.,
> with CMS, which identifies certificates based on issuerAndSerialNumber or
> SubjectKeyIdentifier; also compatibility with the MS CryptoAPI and Mozilla
> NSS major implementations ) and efficiency (e.g., database lookups), rather
> than absolute unambiguity. They are only unambiguous given certain
> assumptions, namely assumptions about the store(s) where the certificates
> are being looked up.
>
> Several drafts ago, I tried to call these things names by stuffing them
> into the URN protocol slot. That ultimately failed, mainly because a lot of
> these things aren't names. Hashes (fingerprints) of certificates are also
> not truly unambiguous names--they are only unambiguous given certain
> engineering assumptions for certain periods of time. If you doubt this,
> consider whether MD5:01332f309262d789097cdda53be5174d is really the kind
> of "name" that we are looking for. All cryptographic hash algorithms are
> susceptible to cryptanalysis; it's just a matter of time and ingenuity. The
> data-based specs are also not really names; it would be like "naming" a
> human being by his or her entire genome sequence.
>
> So they aren't names; they are just ways of getting at a (single)
> certificate in text.
>

And yet there's value in identifying certificates for lookup and such.
Just pointing what I thought was a use for the specification.

-Wei


>
>
> 3. Modify the ABNF to clearly identify the certspec type vs data
>
>
> The current ABNF is intentional. Prior drafts had "certspec-type", but the
> most recent drafts remove that because it gets in the way of human
> usability (copy-and-paste-ability).
>
> I thought about "path:" or "file:" for the filesystem-based path specs,
> but "file:" looks too much like a file: URI (it's not a file URI), and
> "path:" is both a bit superfluous, and a bit ambiguous (i.e., what kind of
> path?). Overall, a conforming implementation can recognize additional specs
> in its own special way, if it wants to. This specification only requires
> implementations to recognize a few important string patterns.
>
> This reminds me...I was going to include Registry keys, such as
> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\CA\Certificates\
> 109F1CAED645BB78B3EA2B94C0697C740733031C\Blob
>
> In that example, it's totally obvious that "HKEY_LOCAL_MACHINE\" is the
> prefix to a Registry key or value (and, notably, not a filesystem path).
> That would be an example of a class of certspecs that is not so great to
> exchange on the open Internet, but is very useful for a managed intranet.
>
> Best regards,
>
> Sean
>

v2.23.0 | Report a Bug | By Email