IETF Logo Mail Archive

Re: [therightkey] Basically, it's about keeping the CAs honest

Nico Williams <nico@cryptonector.com> Mon, 13 February 2012 18:42 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B7D921F87D0 for <therightkey@ietfa.amsl.com>; Mon, 13 Feb 2012 10:42:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.965
X-Spam-Level:
X-Spam-Status: No, score=-0.965 tagged_above=-999 required=5 tests=[AWL=-0.847, BAYES_20=-0.74, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id X8yhJyvxNELZ for <therightkey@ietfa.amsl.com>; Mon, 13 Feb 2012 10:42:04 -0800 (PST)
Received: from homiemail-a95.g.dreamhost.com (caiajhbdcaib.dreamhost.com [208.97.132.81]) by ietfa.amsl.com (Postfix) with ESMTP id C4C8321F87CA for <therightkey@ietf.org>; Mon, 13 Feb 2012 10:42:04 -0800 (PST)
Received: from homiemail-a95.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a95.g.dreamhost.com (Postfix) with ESMTP id 9174B1E076 for <therightkey@ietf.org>; Mon, 13 Feb 2012 10:42:04 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=cryptonector.com; h=mime-version :in-reply-to:references:date:message-id:subject:from:to:cc: content-type; q=dns; s=cryptonector.com; b=T+qXj5Q+a3JXEoBmoK4Cf hmT6xAhLjpEb0+LCIT75ohIKQR58+JXmw4rZpwUHDSK09GcheEOCkRl8b54TgRnd QCVcohRqqA89yDs+oMROsowO7nGvNfOuonhOOTyguAHF8VNzTVZdraeAtEA2xOz9 XWBZTOpVlaqS7aYSFm4XT4=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=LfWlM/Qdg4sI07VtO7q4 YeFD0IY=; b=ObzHPxVFAljeGomLN3ksmBCk+NagG0EixDQ9CBpWSjr/FPEpGYiE o2hcyvEbwbFQOB3i6Io2pak5NGzP3WqStHKXPX5VlbYCAZ5QnPl6p/sj5dnySAYQ g9c49mM7AnUqWq0+arHthqUtsc16+FZergD62u3DonXZJz18V4NJOWY=
Received: from mail-pw0-f44.google.com (mail-pw0-f44.google.com [209.85.160.44]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a95.g.dreamhost.com (Postfix) with ESMTPSA id 7770A1E020 for <therightkey@ietf.org>; Mon, 13 Feb 2012 10:42:04 -0800 (PST)
Received: by pbcwz7 with SMTP id wz7so5029581pbc.31 for <therightkey@ietf.org>; Mon, 13 Feb 2012 10:42:04 -0800 (PST)
MIME-Version: 1.0
Received: by 10.68.232.103 with SMTP id tn7mr49766255pbc.74.1329158524070; Mon, 13 Feb 2012 10:42:04 -0800 (PST)
Received: by 10.68.136.4 with HTTP; Mon, 13 Feb 2012 10:42:04 -0800 (PST)
In-Reply-To: <CAMm+LwjkPZm9FF=FGx+vb_JxLRbygm-y1H85Powq6U0UfxSKCQ@mail.gmail.com>
References: <201202131636.q1DGafVR006049@fs4113.wdf.sap.corp> <0600CF7A-A8CB-4E35-B729-43D626434645@virtualized.org> <CAMm+LwjkPZm9FF=FGx+vb_JxLRbygm-y1H85Powq6U0UfxSKCQ@mail.gmail.com>
Date: Mon, 13 Feb 2012 12:42:04 -0600
Message-ID: <CAK3OfOg7H5y614DQeDDnznxxAbopXiTbuy4UjPprrigSw+D_DA@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: Phillip Hallam-Baker <hallam@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Cc: therightkey@ietf.org, mrex@sap.com, David Conrad <drc@virtualized.org>
Subject: Re: [therightkey] Basically, it's about keeping the CAs honest
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Feb 2012 18:42:05 -0000

On Mon, Feb 13, 2012 at 12:32 PM, Phillip Hallam-Baker <hallam@gmail.com> wrote:
> +1
>
> It is also worth pointing out that the MITM certs stopped being
> offered commercially as soon as it became public knowledge that they
> had been.
>
> Presumably the next step the companies providing this facility will
> take is to offer their own browser with the capability built in. It is
> no good jumping up and down saying people should not make such
> devices. The choice we have is whether to do the job right or let them
> do it without any input.
>
>
> What I find wrong with the MITM proxies is that they offer a
> completely transparent mechanism. The user is not notified that they
> are being logged. I think that is a broken approach because the whole
> point of accountability controls is that people behave differently
> when they know they are being watched.

I'm confused: if this is wrong, and if preventing MITMing CAs leads to
an MITM model that is right (because the users are informed), then why
does it no good to jump up and down saying that people should not make
MITM devices?  It seems to me that it will have done plenty of good.

The object for me is not to prevent MITMing when the user knows.  I
really don't care about corporate MITM devices because I assume users
(employees, contractors) are informed.  Like you I care about MITM
devices that users *don't* know about.

Not all spy-on-your-employees solutions are bad, thus the fact that
alternatives will arise does not necessarily bother me.  Only those
that can be used against users who are not informed or have no way to
avoid the MITM (employees can always... not use employer networks for
personal use).  Think of people in Iran, Syria, ...

Nico
--

v2.23.0 | Report a Bug | By Email