[lamps] AD Review of draft-ietf-lamps-x509-policy-graph-02
Roman Danyliw <rdd@cert.org> Fri, 05 January 2024 13:48 UTC
Return-Path: <rdd@cert.org>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A237C14F68C for <spasm@ietfa.amsl.com>; Fri, 5 Jan 2024 05:48:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zf6G-VwNhyH4 for <spasm@ietfa.amsl.com>; Fri, 5 Jan 2024 05:48:51 -0800 (PST)
Received: from USG02-CY1-obe.outbound.protection.office365.us (mail-cy1usg02on0112.outbound.protection.office365.us [23.103.209.112]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E32F1C14F619 for <spasm@ietf.org>; Fri, 5 Jan 2024 05:48:50 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector5401; d=microsoft.com; cv=none; b=fvrORcZ9viSUF+iG01Kzxag3iF+ctEVCimX4RdRm8bq7SICe5/q9Sl7CgRwdlzOiYHftHve6eCGBco97wm3eeDN3QGgnOBIy9T2Mi/PHQxPn1Y8FdsPqbp1BrgcwAiZWqeBuUtaE0Aqf6pM2mWMFZ1RQMewWxtWpW5IDDKaDXPtxwQcl4esfUcQ7gUx1lThyUhk7fR4d3mvn+vNPOzbwxQJJcQQV5o3GWu9QsrTKiK2pRNa1vQnttH/R47WY8sVGUdZai9KZ//E/XljDiaVMWDggYcyGvGoMRe/I832o4wKev0WpXpHfcA/wVQRfYaEt0WqGsKemZSLfEj1sP5MUpA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector5401; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=1PV6L9fpyBhY/hnsNwBHHbY2nh7ejbmINdGMngvxxU4=; b=c/6YCfp3Zw15j1aHjPPL0WAM0SgH3ldT0Blv/9zKni23JfNq9yykgwLWx5JlnXJABrlrVjopUm1xQl2nhGfUaKgHFLnckn86ZYSRbWGFuJLohtlTFlJ5OnKFOQo1huT2Xg6qnSzXeIepsakDz3tYPzpWSGTxT5jxijtP8sBIhOeXLZQGH/7CUVga8fSZ3GjVEzZ30mthJ45Q0+pDRpP+oPZ+zPhxbw0oYKlqkQzqwnhJ8aEUBvdgsfyMfmUVSjXz2adN5vrOEsiGl3NNWTIsPWSydXji69LWH+FZ07AY0mJeofr/mW+ZK9NN/zyH0GJIxBlrabxeNR+LMFm6TC80kQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cert.org; dmarc=pass action=none header.from=cert.org; dkim=pass header.d=cert.org; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=1PV6L9fpyBhY/hnsNwBHHbY2nh7ejbmINdGMngvxxU4=; b=f7PkEgafQBWqSVatCwgXxxFpQXsuPjwT7bQ/exLViwBFH9RKA7QnAPepHjg5D3TVRP7HxK1hBSbhLwpYMhSNmdD1pOyEf+cbq4NP2k6zAJ9+zLc3ULX+oAQWr482M8yrK6X49IM7JvsrcHsCB0Jeb7CBMYsMQqrX/btonDL9rTY=
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:168::11) by BN2P110MB1010.NAMP110.PROD.OUTLOOK.COM (2001:489a:200:16a::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7159.16; Fri, 5 Jan 2024 13:48:48 +0000
Received: from BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::364:96fe:e2d6:b29f]) by BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM ([fe80::364:96fe:e2d6:b29f%4]) with mapi id 15.20.7159.015; Fri, 5 Jan 2024 13:48:48 +0000
From: Roman Danyliw <rdd@cert.org>
To: "spasm@ietf.org" <spasm@ietf.org>
Thread-Topic: AD Review of draft-ietf-lamps-x509-policy-graph-02
Thread-Index: Ado/3X6jKjhasRPySVu7hfg+Mh7w9A==
Date: Fri, 05 Jan 2024 13:48:48 +0000
Message-ID: <BN2P110MB110748B334246A2C54A3427DDC66A@BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cert.org;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BN2P110MB1107:EE_|BN2P110MB1010:EE_
x-ms-office365-filtering-correlation-id: 5d1fd53d-a196-4279-de91-08dc0df50af7
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: sHY4TIkjU841PMIAJMLITWBG6YyPVBRVI2irGXu9Os1y5m/CCldxAnA2D6fe2xeLuXOXxUch4crW3wo8bPyj9FbHi3FoJtG70fRIXLsdtajNTHHNUiBcuiUMJtMSpBAzXfOvbqowfx2jGWIxP9RXs37RplRW0ciN/8+nTsYOh1eY6NW7tknm1fgzYQ3dl/JoPQ0JMSQPjwQOtP1MN+UWZNCsI/V87DW5hlMV3IqtWtj/nT6p0YIubAqGE+aXJhPJPcXgSJSpPsrvjORqg3Sifj20779maNu5722K+OdNTqFjS/cMQnUHPw1LyO0cJ8OWvHjU2Clr67vTyPNOjh9YM2FdPMNwWPb2ydBLqyyKCiiFfwJfaeZzaGYXBocBButYE4GTZ+2N+y9D7FapXb56/86DeIn0xthHcc/LObgpI0pVy0w5X9quZNj4LH1a/iBtigPrxeNYTXTQJlGrUpGAc7Z4T41NJ47Dz1aKZZH+ARgl6LXrqBkJv+R3v7aSB2X0RM75EMic0yeXgdawUouA2ndyRKMJ0y3tsUReIqVpMCt4ygKHqKBTsVGR/6Oi6m1V7aGL0JbBu0m0LeZLSgVLfFQa3purW1IsoRbJDeuvRS6pURFHVmypSDUdKPsnMvVY
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(396003)(136003)(39830400003)(366004)(230922051799003)(451199024)(64100799003)(1800799012)(186009)(41320700001)(6916009)(52536014)(8676002)(8936002)(86362001)(5660300002)(66476007)(64756008)(66446008)(66556008)(66946007)(76116006)(2906002)(38070700009)(83380400001)(33656002)(41300700001)(38100700002)(122000001)(6506007)(7696005)(9686003)(71200400001)(508600001)(82960400001)(26005)(55016003); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: g4cQy1/wAaHlAHEZf9Iw08KJXfKyL3476JaEGugpmJXzmIB4Z/MxjCNzRlnsuSbn4fsJd9e+oJAUWqZ1n168vF+AgThHnzKLJCMb90tkSoYxSRfF5BVdTxhr0bcWgyUzjaJbJy1CmA9+SWm/l0SgSXroCSZWBv01MTFkIVxFGeg3H5IjMihs6zhKsgE/fGV2klxHDcIDUaOKKVJKTAIjxJNU+dd3X00sy4QVgl/dip8g73YIgf/Q0PrVhlmFmSK71yKZQk96ZczDlF/bY1FdWFGmGrP+74vcSMJBHou0vz7IEPpD01Oi+rdAHE+HVwnLCjU8D9dL3XFkci6rl7h2xnZz35LdOAriPJPs4X0/tHEPZ1Su6ed+D7C005+aXXSDphB91C64MKwhofVpt/IQEtpN3WfvM2Z90PZQmmkjZ8gXV9G39X/OXFQ+aY7hgVvZ8qnBkIXS28OPdm2yUK6G4/q7KEB0gr5zR9LJtjjtl2T5q/TWCYNDG1fV8buCgh6gPBS7FpOGHbxhLu7XqZxJ/fJ805YV520PT6sJMAdfH3AHSTXWJEZ6LatooY51Maz6j6ErZCUmQOWB+V1G8R/0IWsQwc6cX8h6reCcpraXNRb1xMUYBDLqvG2vEYDea6j1xIzfJlnlkmfaH3GMije2R/1vCD8EkHNL7gEGw4vsYUS16Img2/E4Bfblmp5qXt4UAeNbWJiuHw/goc34v7OQgdrsYaHYWEIh8nTxqKZKS3QXAsaFv2au/kahZwwORVxx/Iry85AkszpzT6aM/QpJad4pQ+3hQIPcJwVnMMoqXe1mheAH3T7kuds2Pran+bdx2zeH6jw+dN/cPF4dfO1pRiNhYeUlldFIhD8eZ9OYOKq96s2aVDZeccOlFfiIkYGfg8sXPD9Z5dCVR4iwkzPEwV/hkdzupO947KQyqyWFgAQgfoC026kTLEnmVkLR5MOuIGCnd4j2KXJTID4QuooehFSnk/Gvc7/atXh8yap4W5FC7wiEY6aBlhsVRRMh5mjZ1p9xY55AmTz2wMJEmkZ05lTI9Af+CRW3djwpWq5hGJl6M4X2SZyRP08n7z6YP2zNx2op6vGZFgv2cNwhKfSIuVyvrNXDhtF5tpEXtdqt78Hp6Ql9rMzevqIL3QLfJRbKr4yczkOiC1JObCzcc9Z9H8A0/Q9WqhDgoe+Hx9qcQBwtD+K3IbMhSVB81T+vV9FCt9Jx39Y8BZzkg0DnPXmh8rQU/jHYAwY/zREdTKpXcIdSTDqdtWM0jwSiu2khUFTm294nP1G4w3YnqfiMCXbVANFRZxyALx/jzcfL0Ya8zuKwTSrK6zFeWrG0vbmKxhUUystv51mN+B/soL1p0//eG2RjG7/azAyxtnxpHa4r+jA5zewOHoOM1Wrz9sR2CiIpN5UsYBJEaEA4XNpFB7oliPb9cmuHRvOQZlH2JJ3Yl3HKD7AV6QH+KXy75D+cf6kPTUnFD+nnatgiYljGBULZf12FL+XRCUVKqMOqlheUur4=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: cert.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BN2P110MB1107.NAMP110.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 5d1fd53d-a196-4279-de91-08dc0df50af7
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Jan 2024 13:48:48.1765 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 95a9dce2-04f2-4043-995d-1ec3861911c6
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN2P110MB1010
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/qeCPu2D9Nt9nPboewff_UPhpndA>
Subject: [lamps] AD Review of draft-ietf-lamps-x509-policy-graph-02
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: This is the mail list for the LAMPS Working Group <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Jan 2024 13:48:55 -0000
Hi! I performed an AD review of draft-ietf-lamps-x509-policy-graph-02. Thanks for the work on this document to address DoS vulnerabilities in X.509 policy validation. My feedback is below. It's primarily around how this guidance stiches into revising RFC5280. ** Section 3.1. * An intermediate certificate which asserts policy object identifiers (OIDs) OID1, OID2, and OID5. It contains mappings OID1 to OID3, and OID1 to OID4. … This would result in the tree shown in Figure 1. I don’t see any reference to OID5 in Figure 1. ** Section 4. Compared the original policy tree structure described in [RFC5280], the policy graph grows linearly instead of exponentially. This document deprecates the original policy tree structure. X.509 implementations SHOULD instead perform policy validation by building a policy graph. This mitigates the denial-of-service attack by removing the asymmetric cost in policy validation. -- What does “deprecates” mean in this context and how does this align with the normative SHOULD here and this document updating Section 6 of RFC5280? Under what circumstance should the RFC5280 algorithm still be used? Put in another way, deprecate seems to mean “don’t use it” but SHOULD allows for exceptional use whose rational is best documented. -- Editorial. s/Compared the original/Compared to the original/. ** Section 4.2 An implementation which outputs the entire tree may be unable switch the format to a more efficient one, as described in Section 4.1. X.509 implementations SHOULD NOT output the entire valid_policy_tree structure and instead SHOULD limit output to just the set of authorities-constrained and/or user-constrained policies, as described in [X.509]. I’m having trouble following the link between the first and second sentence. Under what circumstance should implementations that are using the algorithm in Section 4.1 output the entire valid_policy_tree? ** Section 6.1. X.509 validators typically already allow limiting the depth of a certificate chain. This can limit the attack, however a large depth limit may still admit attacks. By modifying the example in Section 3.2 to increase the number of policies asserted in each certificate, an attacker could still achieve O(N^(depth/2)) scaling or higher. If validators already limit the depth but it is not effective, is further clarifying guidance needed on how to tune this depth parameter? I’m trying to understand how this is a valid mitigation if the text notes it is still a problem. ** Section 6.2 6.2. Limit Policy Tree Size If existing stable interfaces force the validator to build a full policy tree (see Section 4.2), the validator SHOULD limit the number of nodes in the policy tree, and reject the certification path if this limit is reached. -- What are “existing stable interfaces”? -- Can the guidance be given on the configuration of the validator in limited the number of nodes? What is that a function of? Regards, Roman
- [lamps] AD Review of draft-ietf-lamps-x509-policy… Roman Danyliw
- Re: [lamps] AD Review of draft-ietf-lamps-x509-po… David Benjamin
- Re: [lamps] AD Review of draft-ietf-lamps-x509-po… Roman Danyliw