Re: [therightkey] DNSNMC deprecates Certificate Authorities and fixes HTTPS security

Phillip Hallam-Baker <hallam@gmail.com> Mon, 16 December 2013 22:37 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B73E81AD8F2 for <therightkey@ietfa.amsl.com>; Mon, 16 Dec 2013 14:37:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rm409YwHiAiA for <therightkey@ietfa.amsl.com>; Mon, 16 Dec 2013 14:37:10 -0800 (PST)
Received: from mail-wi0-x229.google.com (mail-wi0-x229.google.com [IPv6:2a00:1450:400c:c05::229]) by ietfa.amsl.com (Postfix) with ESMTP id C342A1AC7EE for <therightkey@ietf.org>; Mon, 16 Dec 2013 14:37:09 -0800 (PST)
Received: by mail-wi0-f169.google.com with SMTP id hn6so2796249wib.4 for <therightkey@ietf.org>; Mon, 16 Dec 2013 14:37:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=8PWw9TTt5xtiMlqbl27mtQATBoGdaFsayEhkkgvvsGU=; b=x03yIOv0ZDDDYqcpg18MX/KMP3DNjMfqFmMs7B3AF+lqMZMc/ygSieXnBYclL3ICRu 6hmCRVBjcPw6Jx41gKlO/RodwnfUG6GbXk/aUNEoeWdYd/nsJ1Fez7Xk8SCh/OyIDzNm 9Vrb/lyQCoNxCvWLtruBfYA92awV8o4JFAKIUYIkNOamJOZwILdC5kfZEf7oc9vFIuFk 1rk0b1WA6+Bd5vF8Cs65ly9W8LKTOY+BQJTKnqo88S6/SA60DqU4i9D3zrbShGn1QXzG pefOpV5kxnCV5symZOzFfLa3wEBOHeMXTzZ3HJyeUnb3uqwTq/0o3cJ7hrhf1N7GgGNs KSBg==
MIME-Version: 1.0
X-Received: by 10.194.11.38 with SMTP id n6mr15321275wjb.25.1387233428461; Mon, 16 Dec 2013 14:37:08 -0800 (PST)
Received: by 10.194.243.136 with HTTP; Mon, 16 Dec 2013 14:37:08 -0800 (PST)
In-Reply-To: <1D1AAD8E-3787-4E95-8694-6EB0B4A60890@taoeffect.com>
References: <22429D73-4EFC-4091-8F5B-BAD38968EA54@taoeffect.com> <CAMm+LwiMXdEnHqD0y_S-fP6081Tk=A=7-9LsJQhRuawmmmfdTg@mail.gmail.com> <FEFA307D-97E0-4C58-AB43-5B9AB8E8FC70@taoeffect.com> <CAMm+Lwjwww28tV_qvqQVH3xo1xqvjb6z++258+LOqgxWn-Oh9w@mail.gmail.com> <1D1AAD8E-3787-4E95-8694-6EB0B4A60890@taoeffect.com>
Date: Mon, 16 Dec 2013 17:37:08 -0500
Message-ID: <CAMm+LwgnMhtLZ6RhE0kioRF4qEZrzsT8c5zwyP4cR=R+g6z_qw@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Tao Effect <contact@taoeffect.com>
Content-Type: multipart/alternative; boundary=047d7b5d5710b95e0b04edae7343
Cc: "therightkey@ietf.org" <therightkey@ietf.org>
Subject: Re: [therightkey] DNSNMC deprecates Certificate Authorities and fixes HTTPS security
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Dec 2013 22:37:14 -0000

When you make an assertion in a paper then you are accepting the burden of
proof.


If the source for the '600' claim was lying then the claim has to be taken
off the table completely. The DFN root issue demonstrates that the
methodology is bogus rather than just being a single inaccurate data point.

If you want to make assertions about the number of CAs then the most
accurate measure currently available is still the number of roots in the
commonly used browsers. While there are a handful of CAs using roots cross
certified by another CA, such CAs now have to have a full audit statement
and meet all the acceptance criteria in their own right. So there would be
little point in not applying to have the root entered in independently.

Since the 600 number is inaccurate and not particularly necessary, why
bother to quote it at all?




On Mon, Dec 16, 2013 at 1:44 PM, Tao Effect <contact@taoeffect.com> wrote:

> Which kind of calls their credibility into question. HALF the 'CAs' in
> their graph are from the DFN root. You can check that out for yourself, it
> is a German CA that issues certs to higher education institutions. As has
> been demonstrated (and agreed by the EFF people), DFN do not sign certs for
> key signing keys they do not hold.
>
> You can't calculate the number of CAs the way the EFF tried to. An
> intermediate certificate does not equate to a CA. Pretending it does to
> peddle an alternative PKI scheme calls into question their veracity.
>
> I have tried to get members of the EFF board to look into this but they
> never get back. Too much trouble to get it right.
>
>
> OK, in order for me to correct this in the paper I need the following
> information:
>
> 1. A link to who "DFN" is.
> 2. A 'yes' or 'no' as to whether DFN is a root cert that browsers are
> shipped with (and details about this, like, do all 3 major browsers include
> DFN?)
> 3. A link to a paper, a blog post, or an article somewhere that describes
> in detail your side of the argument
>
> Let me emphasize that none of this ultimately matters to the points that
> were made in the paper.
>
> Whether the number is 600+ or 300+, it's still an *insecure*, *broken*mess.
>
> I was under the impression that Bitcoin was the preferred currency of
> libertopia. It is the only one that gets mention in the mainstream press.
> It is not clear to me how namecoin can be part of BitCoin and another
> currency.
>
>
> I'll be happy to clear this up:
>
> - Bitcoin is not the "market leader" of distributed DNS systems. Namecoin
> is.
> - Namecoin and Bitcoin are designed with completely different goals in
> mind. They are not competitors.
> - Namecoin is not intended to be a bitcoin replacement, nor the other way
> around. It is not like "litecoin" or any of the other bitcoin competitors,
> because it is not a competitor to bitcoin.
>
> Gold Age, eGold, Liberty Reserve. All the ones that were taken apart by
> the Feds.
>
>
> I'll be happy to clear this up too:
>
> *None of these are comparable to Bitcoin or Namecoin.*
>
> Neither "Gold Age", nor "eGold", nor "Liberty Reserve" were truly
> decentralized, distributed currencies.
>
> - "Gold Age" was not a currency: https://en.wikipedia.org/wiki/Gold_Age
> - eGold: *Centralized currency* with no "reliable user identification"<https://en.wikipedia.org/wiki/E-gold#Aftermath> (not
> a problem with Bitcoin or Namecoin)
> - Liberty Reserve: *Centralized currency*
> https://en.wikipedia.org/wiki/Liberty_Reserve#Background
>
> People who are standing back and scratching their heads, wondering why
> Bitcoin is still around after years of being used to purchase illegal
> drugs, murder-for-hire, and weapons (continuing to this day btw), simply
> don't understand what Bitcoin is.
>
> I might be a little more inclined to make an effort if you hadn't attacked
> me as being 'fraudulent' in your opening.
>
>
> Do you represent a company that sells SSL certs? It seems like you might:
>
> *During twelve years as Principal Scientist at VeriSign Inc.,*
>
>
> Perhaps the paper is a bit harsh (and I welcome suggestions to improve its
> language), but the critiques it levies against companies that sell SSL
> certs are completely valid:
>
> Companies that sell SSL certificates usually claim that their certificates
> provide customers with “security.” Customers are led to believe that these
> certificates protect browser-server communication from eavesdropping and
> tampering. As elaborated in this paper, this simply isn’t true today.
>
>
> I have to say, that among the cert companies websites that I looked at,
> VeriSign's homepage makes the fewest claims about the security protections
> it provides.
>
> The words "usually claim" leaves room for exceptions. I could not find, on
> the customer-facing pages on VeriSign's site, any claims that VeriSign's
> SSL certs "protect browser-server communication from eavesdropping and
> tampering."
>
> Some close calls are:
>
> *In short, when it comes to securing online transactions, safeguarding
> customer information, and protecting business reputation, you're only as
> safe as the Certificate Authority you choose.*
> https://www.symantec.com/ssl-certificates-advantages
>
>
> *Customers Gain Confidence with the Green Address Bar: Online shoppers
> recognize the green address bar as an easy and reliable way to verify the
> site identity and security.*
>
> https://www.symantec.com/verisign/ssl-certificates/secure-site-pro-ev?fid=ssl-certificates
>
>
> VeriSign's SSL certificates do not provide websites with *meaningful
> protection* as defined in the DNSNMC paper because they cannot be
> securely authenticated in the face of a fraudulent certificate that's
> presented to customers by a MITM.
>
> If your certs can simply be replaced by any of the other CAs out there,
> then ****all** of the security they provide is thrown out the window.
>
> Furthermore, because VeriSign is a random third-party, not the company
> that user's visit when they visit a site using VeriSign's certificate, the
> protection offered by that certificate is inherently inferior to a securely
> authenticated self-signed certificate.
>
> This is simply mathematics, and not a point that's up for debate.
>
> When trust is distributed across more parties, that trust is diluted
> because it now depends on the least secure of those parties.
>
> *Sidenote:*
>
> It seems like I was sent "to the sharks" so to speak (perhaps as a
> practical joke?).
>
> So far almost half of the replies to this thread have come from
> representatives of SSL companies.
>
> The hostility is therefore no surprise.
>
> --
> Please do not email me anything that you are not comfortable also sharing
> with the NSA.
>
> On Dec 15, 2013, at 9:21 PM, Phillip Hallam-Baker <hallam@gmail.com>
> wrote:
>
>
>
>
> On Sun, Dec 15, 2013 at 8:50 PM, Tao Effect <contact@taoeffect.com> wrote:
>
>> And for someone who is accusing others of being 'fraudulent', not a good
>> move to start off repeating figures already exposed as bogus like the oft
>> repeated but still untrue claim of 600 CAs.
>>
>>
>> I thought the EFF was a reputable source.
>>
>> There has been no update or correction to their post:
>> https://www.eff.org/deeplinks/2011/10/how-secure-https-today
>>
>
> Which kind of calls their credibility into question. HALF the 'CAs' in
> their graph are from the DFN root. You can check that out for yourself, it
> is a German CA that issues certs to higher education institutions. As has
> been demonstrated (and agreed by the EFF people), DFN do not sign certs for
> key signing keys they do not hold.
>
> You can't calculate the number of CAs the way the EFF tried to. An
> intermediate certificate does not equate to a CA. Pretending it does to
> peddle an alternative PKI scheme calls into question their veracity.
>
> I have tried to get members of the EFF board to look into this but they
> never get back. Too much trouble to get it right.
>
>
> Tying the notary log to namecoin seems to be completely pointless to me,
>> unless the real objective is to promote namecoin. Why hook into namecoin
>> rather than the market leader?
>>
>>
>> What market leader?
>>
>
> I was under the impression that Bitcoin was the preferred currency of
> libertopia. It is the only one that gets mention in the mainstream press.
> It is not clear to me how namecoin can be part of BitCoin and another
> currency.
>
>
>
>> Given the success of the US government in shutting down eGold type
>> schemes I am very skeptical about the stability of 'namecoin'. If we accept
>> the purported scenarios that motivate the scheme then namecoin won't last
>> very long.
>>
>>
>> What eGold scheme are you comparing Namecoin to?
>>
>
> Gold Age, eGold, Liberty Reserve. All the ones that were taken apart by
> the Feds.
>
>
>
>> Are you sure you know what you're talking about here...? ;-)
>>
>
> I must admit that I find the scheme completely confused and assumes that I
> know a lot that I do not.
>
> I might be a little more inclined to make an effort if you hadn't attacked
> me as being 'fraudulent' in your opening.
>
>
> --
> Website: http://hallambaker.com/
>  _______________________________________________
> therightkey mailing list
> therightkey@ietf.org
> https://www.ietf.org/mailman/listinfo/therightkey
>
>
>


-- 
Website: http://hallambaker.com/