IETF Logo Mail Archive

Re: [therightkey] [pkix] Proposal for working on PKIX revocation open issues

Phillip Hallam-Baker <phill@hallambaker.com> Mon, 17 November 2014 17:41 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BD7221A6FF9 for <therightkey@ietfa.amsl.com>; Mon, 17 Nov 2014 09:41:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fk23ktrO6i0P for <therightkey@ietfa.amsl.com>; Mon, 17 Nov 2014 09:41:55 -0800 (PST)
Received: from mail-la0-x235.google.com (mail-la0-x235.google.com [IPv6:2a00:1450:4010:c03::235]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 98FA61A0278 for <therightkey@ietf.org>; Mon, 17 Nov 2014 09:41:54 -0800 (PST)
Received: by mail-la0-f53.google.com with SMTP id pn19so1779468lab.26 for <therightkey@ietf.org>; Mon, 17 Nov 2014 09:41:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=d8UPXKtqOc64nSS74npx1q+QBJ/+bl/0b8fx/L0fWzg=; b=Z3nlvaXa+XVUZNg+vDAXaLuYJR38Z7a0MvD327bkzDULtlQNTUvWuoAen7v16UGn/T nIIEC+ps5tlBzBhiGWOuOklknTeqssYJ0/R990a4CKnZBNHr0ZzS9mmY+Ru36oAeWdsv SYCIP9D040zxy5btXGRc5+ovjUH8buQTkg7vHDEmEL8W1PNG70ofuZ/+OLK6myciMSwI 3gRp10cO4wYUnybDI8kHoMpXnV8VaEDlFHJeHx6hM69MWCl/bk+ktzyb3zyAgvapbbyG bYzvy1z5Q41S4hQOhNwPmuFkdlIjG6iR6hn58NMlpMSMfS72aAdQfwAZUcnOpCJtrpXq zRzw==
MIME-Version: 1.0
X-Received: by 10.112.199.40 with SMTP id jh8mr29491111lbc.5.1416246112757; Mon, 17 Nov 2014 09:41:52 -0800 (PST)
Sender: hallam@gmail.com
Received: by 10.112.34.212 with HTTP; Mon, 17 Nov 2014 09:41:52 -0800 (PST)
In-Reply-To: <007601d00288$fb9d9240$f2d8b6c0$@icloud.com>
References: <5466AF87.2050307@gmail.com> <CAMm+Lwg30tb+yFxVMG3qJ=_fjVT=ASqUmaf9gH8wpUhUGxgf6A@mail.gmail.com> <004501d001ce$8c669c10$a533d430$@icloud.com> <CAMm+LwjWZuKrPQYnjkLJn19nnuBTCzrSn7B+BVfAftCm4jtR=Q@mail.gmail.com> <007601d00288$fb9d9240$f2d8b6c0$@icloud.com>
Date: Mon, 17 Nov 2014 12:41:52 -0500
X-Google-Sender-Auth: 76LScTigUEbj63VXgmOOpJ2-98w
Message-ID: <CAMm+Lwhcw2ep=6BnwCpS+Vn9D9_qW2Sk0_HvuJKsabBtf55QSw@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Trevor Freeman <trevor.freeman99@icloud.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/therightkey/Ejy4NQeydUxAAbswsq3r4lxgGQs
Cc: Massimiliano Pala <massimiliano.pala@gmail.com>, "therightkey@ietf.org" <therightkey@ietf.org>
Subject: Re: [therightkey] [pkix] Proposal for working on PKIX revocation open issues
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Nov 2014 17:41:56 -0000

It is always a mistake to imagine that political outcomes are the
product of rational analysis rather than the respective power
relationships and constraints.

For Google, the risk of consequences due to CA breach are arguably
higher than the consequences of end-entity breach which they have
controlled through shifting liability onto the CAs. But for the
typical Internet user, the risk due to end-entity breach is higher.


I didn't say we shouldn't do CT, what I said is that we have to make
revocation an equal priority.

Checkpointing revocation information in CT makes great sense for all concerned.

Had Harber-Stornetta catenate certificates been available on equitable
terms prior to the expiry of the patent we would probably have done
something like CT years ago. The reason we didn't do revocation before
was that we did not develop a technology that the browser providers
considered acceptable. And then we spend ten years trying to persuade
them that up was down rather than fixing the problem.

Not trying to assign blame here, I should have arrived at this
analysis ten years ago.


On Mon, Nov 17, 2014 at 12:07 PM, Trevor Freeman
<trevor.freeman99@icloud.com> wrote:
> Obviously more that you think otherwise folks would not be working on CTJ
>
>
>
> -----Original Message-----
> From: therightkey [mailto:therightkey-bounces@ietf.org] On Behalf Of Phillip
> Hallam-Baker
> Sent: Sunday, November 16, 2014 12:30 PM
> To: Trevor Freeman
> Cc: Massimiliano Pala; therightkey@ietf.org
> Subject: Re: [therightkey] [pkix] Proposal for working on PKIX revocation
> open issues
>
>
>
> On Sun, Nov 16, 2014 at 1:53 PM, Trevor Freeman
> <trevor.freeman99@icloud.com> wrote:
>
>> Hi Max,
>
>>
>
>> I think we first need a consensus of the unmitigated threats this work
>
>> would look to address. That would help assess the technical options.
>
>> Top of my list of unmitigated threats would be compromised CA issuing
>
>> user certificates outside of the normal process e.g. attackers use
>
>> some tool to sign the certificate direly using the CA key so no log
>
>> exists of the issuance.
>
>
>
> Seriously?
>
>
>
> How often does this happen?
>
>
>
> How often does an administrator sell a machine without zeroing the hard
> drive where a live key is stored? How often does a corrupt admin sell a
> private key? How often does a machine without a TPM with a cert get rooted?
>
>
>
>
>
> End entity breach is a daily occurrence.
>
>
>
>> For example, if there is consensus on that as a threat to be
>
>> addressed, OCSP does not help much in that you want a "known to be
>
>> good" assertion, not a "know to be bad" assertion that revocation
>
>> checking provides. Certificate reissuance has been long been cited as
>
>> an alternative to revocation in that you get a restatement of the
>
>> goodness which is what you need, but it does tax the CAs. If you are
>
>> targeting server validation scenarios, then a Valid Certificate List
>
>> which was similar to CRLs but a list of good certificates could scale
>
>> much better as Phil points out. Given we know all too well what does not
>> work well with CRLs, we should be able to avoid the mistakes i.e.
>
>> use hashs to identify certificates not issue\serial number, mandate
>
>> support for partitions etc., etc.
>
>
>
> I much prefer using hash based mechanisms to issuer/serial. But in a pinch,
> I will use hash of the issuer/serial :)
>
>
>
> _______________________________________________
>
> therightkey mailing list
>
> therightkey@ietf.org
>
> https://www.ietf.org/mailman/listinfo/therightkey

v2.23.0 | Report a Bug | By Email