IETF Logo Mail Archive

Re: [therightkey] Basically, it's about keeping the CAs honest

Benjamin Kreuter <brk7bx@virginia.edu> Mon, 13 February 2012 19:36 UTC

Return-Path: <brk7bx@virginia.edu>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9E88C21E8011 for <therightkey@ietfa.amsl.com>; Mon, 13 Feb 2012 11:36:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.299
X-Spam-Level:
X-Spam-Status: No, score=-6.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_23=0.6, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 36YBr1Enmll4 for <therightkey@ietfa.amsl.com>; Mon, 13 Feb 2012 11:36:26 -0800 (PST)
Received: from tarragon.mail.virginia.edu (tarragon.mail.Virginia.EDU [128.143.2.35]) by ietfa.amsl.com (Postfix) with ESMTP id 17E1E21E8010 for <therightkey@ietf.org>; Mon, 13 Feb 2012 11:36:26 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by tarragon.mail.virginia.edu (Postfix) with ESMTP id 652A0246310 for <therightkey@ietf.org>; Mon, 13 Feb 2012 14:36:22 -0500 (EST)
Received: from tarragon.mail.virginia.edu ([127.0.0.1]) by localhost (tarragon-f.mail.virginia.edu [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EiFdGx3Ur8+T for <therightkey@ietf.org>; Mon, 13 Feb 2012 14:36:22 -0500 (EST)
Received: from iron0.mail.virginia.edu (iron0-s.mail.virginia.edu [10.250.200.117]) by tarragon.mail.virginia.edu (Postfix) with ESMTP id 3005E2463AA for <therightkey@ietf.org>; Mon, 13 Feb 2012 14:36:22 -0500 (EST)
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AsgAAO1kOU/RVdguimdsb2JhbABDsAgIIgEBAQoJDQcSBiOBcgEBAQMBAQEBDwJaEAsLEgYuIQYNAQUBDg4ZIodaCZtzCpQaiQeIRIJ8CCELAwIEBj2ECScBCwMEERKDQwSISoV/hmiLEYMVPYQg
X-Sender-IP: 209.85.216.46
Received: from mail-qw0-f46.google.com ([209.85.216.46]) by iron0.mail.virginia.edu with ESMTP; 13 Feb 2012 14:36:21 -0500
Received: by mail-qw0-f46.google.com with SMTP id c10so1824787qad.12 for <therightkey@ietf.org>; Mon, 13 Feb 2012 11:36:21 -0800 (PST)
Received: by 10.229.136.199 with SMTP id s7mr10043961qct.145.1329161781764; Mon, 13 Feb 2012 11:36:21 -0800 (PST)
Received: from terabyte ([137.54.21.2]) by mx.google.com with ESMTPS id eo4sm18997265qab.16.2012.02.13.11.36.20 (version=SSLv3 cipher=OTHER); Mon, 13 Feb 2012 11:36:21 -0800 (PST)
Date: Mon, 13 Feb 2012 14:34:16 -0500
From: Benjamin Kreuter <brk7bx@virginia.edu>
To: therightkey@ietf.org
Message-ID: <20120213143416.4d8cde32@terabyte>
In-Reply-To: <CAMm+LwjkPZm9FF=FGx+vb_JxLRbygm-y1H85Powq6U0UfxSKCQ@mail.gmail.com>
References: <201202131636.q1DGafVR006049@fs4113.wdf.sap.corp> <0600CF7A-A8CB-4E35-B729-43D626434645@virtualized.org> <CAMm+LwjkPZm9FF=FGx+vb_JxLRbygm-y1H85Powq6U0UfxSKCQ@mail.gmail.com>
X-Mailer: Claws Mail 3.7.8 (GTK+ 2.18.9; i686-redhat-linux-gnu)
Mime-Version: 1.0
Content-Type: multipart/signed; micalg="PGP-SHA512"; boundary="Sig_/A8Af1/rPsV21aN3aMyq=8_4"; protocol="application/pgp-signature"
X-Gm-Message-State: ALoCoQmEEqzfXULg9XpgVbRtFFbk76Y+UGbTYPBlnkwwbn9t1FpVTT0mrXVRhRO8IljIABrTTBY+
Subject: Re: [therightkey] Basically, it's about keeping the CAs honest
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Feb 2012 19:36:27 -0000

On Mon, 13 Feb 2012 13:32:48 -0500
Phillip Hallam-Baker <hallam@gmail.com> wrote:

> +1
> 
> It is also worth pointing out that the MITM certs stopped being
> offered commercially as soon as it became public knowledge that they
> had been.

Which speaks volumes about the motivation behind those certificates.

> Presumably the next step the companies providing this facility will
> take is to offer their own browser with the capability built in.  It
> is no good jumping up and down saying people should not make such
> devices. The choice we have is whether to do the job right or let them
> do it without any input.

What we need to do is a build a system that does not make compromises
when it comes to security.  Jumping up and down is not necessary; build
a system where MITM attacks are either infeasible or easily detected.

> What I find wrong with the MITM proxies is that they offer a
> completely transparent mechanism. The user is not notified that they
> are being logged. I think that is a broken approach because the whole
> point of accountability controls is that people behave differently
> when they know they are being watched.
>
> I don't mean just changing the color of the address bar either. I
> would want to see something like the following:
> 
> 0) The intercept capability is turned on in the browser, this would be
> done using a separate tool and lock the browser to a specific
> intercept cert root.

We can already do this; just import the MITM root into the target
browser, and if you want to prevent evasion, disable all other CAs.  We
do not currently see such things being done, probably because the
people who want to perform MITM attacks do not want to have to do
anything to the target system that might alert people to the
eavesdropping. Why would they cooperate with a system that informs
users about the eavesdropping, when they already have such an option
available but choose not to use it?

-- Ben

> 1) User attempts to connect to https://www.example.com
> 2) Browser throws up splash screen for 5secs stating 'Your connection
> has been intercepted'
>
> 3) Business as usual.
>
> The splash screen would appear once per session with a new host and
> reset periodically.
> 
> It should show the interception cert being used as well.
> 
> 
> On Mon, Feb 13, 2012 at 1:21 PM, David Conrad <drc@virtualized.org>
> wrote:
> > On Feb 13, 2012, at 8:36 AM, Martin Rex wrote:
> >> The fact that there are products (client-side HTTPS proxies that
> >> perform MITM and inspect content) actively sold and used,
> >> which are vitally dependent on being able to exploit weaknesses
> >> of the existing TLS X.509 PKI security&trust model, is a sure proof
> >> that something is wrong with the existing security model.
> >
> > Well, it is proof that the theoretical model in which authorized
> > MITM was disallowed was seen as too limiting.
> >
> >> I do not think there is value in maintaining backward compatible
> >> weaknesses, and personally, I do not mind the slightest about
> >> breaking those protocol subverting middle boxes, be it by the use
> >> of TLS channel bindings, or the checking of DANE TLSA records.
> >
> > Pragmatically speaking, if you come up with an architecture that
> > disallows people from doing what they want/need to do, they'll
> > either figure out ways around it or not use that architecture.
> >
> > Regards,
> > -drc
> >
> > _______________________________________________
> > therightkey mailing list
> > therightkey@ietf.org
> > https://www.ietf.org/mailman/listinfo/therightkey
> 
> 
> 
> -- 
> Website: http://hallambaker.com/
> _______________________________________________
> therightkey mailing list
> therightkey@ietf.org
> https://www.ietf.org/mailman/listinfo/therightkey


-- 
Benjamin R Kreuter
UVA Computer Science
brk7bx@virginia.edu
KK4FJZ

--

"If large numbers of people are interested in freedom of speech, there
will be freedom of speech, even if the law forbids it; if public
opinion is sluggish, inconvenient minorities will be persecuted, even
if laws exist to protect them." - George Orwell

v2.23.0 | Report a Bug | By Email