Re: [therightkey] The Trouble with Certificate Transparency
Nico Williams <nico@cryptonector.com> Tue, 30 September 2014 18:23 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC4BD1A3B9D for <therightkey@ietfa.amsl.com>; Tue, 30 Sep 2014 11:23:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.266
X-Spam-Level:
X-Spam-Status: No, score=-0.266 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jiyRrpsYQ1B3 for <therightkey@ietfa.amsl.com>; Tue, 30 Sep 2014 11:23:58 -0700 (PDT)
Received: from homiemail-a31.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) by ietfa.amsl.com (Postfix) with ESMTP id 3B0A61A1F04 for <therightkey@ietf.org>; Tue, 30 Sep 2014 11:23:58 -0700 (PDT)
Received: from homiemail-a31.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a31.g.dreamhost.com (Postfix) with ESMTP id BB743202022; Tue, 30 Sep 2014 11:23:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=cryptonector.com; bh=YKguywXltY06/w tt4F61ikO3bQM=; b=ZUkM5L1BQR2gHxX+0y0AL0CUjuirsRp5kC6lZ8c/iY237s u5UvJpkv6NFbR4EO7DNMRXn8ERFo/zTeDQ4wCrxDbprqxj1CODtdFJap+A7/teFN kapnrl79LXIpgnlZleFeFOisLFdk5x9HNopCiPgIB6k3jVzTzu0QtVI39FDfU=
Received: from localhost (108-207-244-174.lightspeed.austtx.sbcglobal.net [108.207.244.174]) (Authenticated sender: nico@cryptonector.com) by homiemail-a31.g.dreamhost.com (Postfix) with ESMTPA id 30C86202018; Tue, 30 Sep 2014 11:23:56 -0700 (PDT)
Date: Tue, 30 Sep 2014 13:23:56 -0500
From: Nico Williams <nico@cryptonector.com>
To: Tao Effect <contact@taoeffect.com>
Message-ID: <20140930182354.GA2630@localhost>
References: <4906532C-F002-49E4-9F9F-D8D7D1AD96DB@taoeffect.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <4906532C-F002-49E4-9F9F-D8D7D1AD96DB@taoeffect.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: http://mailarchive.ietf.org/arch/msg/therightkey/gkn7Aa6EodH3aiEvC9vKxPlrvoI
Cc: therightkey@ietf.org
Subject: Re: [therightkey] The Trouble with Certificate Transparency
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Sep 2014 18:23:59 -0000
First, no protocol can really protect you from MITM attacks when you can't have pre-shared key material a priori. Second, CT helps primarily by increasing the risk of MITMing CAs (and logs) getting caught. Anything that increases that risk will tend to make the CAs (and logs) less willing to act as or cooperate with MITMs. Sure, targeted attacks might succeed, but they might fail (e.g., they might be detected after the fact), with all the consequences that that entails (at least reputational damage). Now consider a world where we opportunistically encrypt (and authenticate, where possible). In such a world targeted attacks get much harder: because the attacker might have to MITM non-targets' connections in order to find the target's connections. The risk to the attacker then grows quite a bit (hard to quantify), and the attacker then has to do much more work to reduce their risk. All of the above is not nothing. It's a lot. It might be enough to greatly improve security on the Internet all around. IMO it will be. Nico --
- [therightkey] The Trouble with Certificate Transp… Tao Effect
- Re: [therightkey] The Trouble with Certificate Tr… Dmitry Belyavsky
- Re: [therightkey] The Trouble with Certificate Tr… Tao Effect
- Re: [therightkey] The Trouble with Certificate Tr… Paul Wouters
- Re: [therightkey] The Trouble with Certificate Tr… Nico Williams