Re: [therightkey] DNSNMC deprecates Certificate Authorities and fixes HTTPS security

Leif Johansson <leifj@mnt.se> Thu, 02 January 2014 22:16 UTC

Return-Path: <leifj@mnt.se>
X-Original-To: therightkey@ietfa.amsl.com
Delivered-To: therightkey@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4374C1AC7F3 for <therightkey@ietfa.amsl.com>; Thu, 2 Jan 2014 14:16:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LhwG1otb_jKE for <therightkey@ietfa.amsl.com>; Thu, 2 Jan 2014 14:16:34 -0800 (PST)
Received: from mail-la0-f43.google.com (mail-la0-f43.google.com [209.85.215.43]) by ietfa.amsl.com (Postfix) with ESMTP id 698051AC4C1 for <therightkey@ietf.org>; Thu, 2 Jan 2014 14:16:34 -0800 (PST)
Received: by mail-la0-f43.google.com with SMTP id n7so7648051lam.16 for <therightkey@ietf.org>; Thu, 02 Jan 2014 14:16:26 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to; bh=fgTSgxFxUBMlkUh3Buc6V/CoskPky4HHfKHGiCv3HCk=; b=lslH2SK+Ij9Jmy+UNkTEWfJ1GusEXW62En8zYzdi9pqoW8NU9tF8BhcklMiwcsQe4E PwLDKwEadtF8r/mjCn8kwxPKh9YbOfFibe7Xlj2fXdOHofS0fZ4fL0pybHoJb8Cu/nKK fZTPKbghadlRQQqwqEwdY35j5vIExfyiwCIHkLLTyP4LLN9BQ7njFHb0QH8bRpMuDp3f Y1MtbsblrS5cYO+f3o7UY6UTEXcBdyxy+ypaEx+S1Bx4I6aK+ggR9P82nqIf6bNCbae3 GjxUC3nOzaeXTEL7DvEMoMyTHsR8tlvyBz4HE5WN3H5PJ0dY+El8RBfH0EecWhjAt6Vb h0VQ==
X-Gm-Message-State: ALoCoQmpo8NwSrCTuc8FoLlUmq2HWNEXPMsLzIi+vgOmchyn5aMASRfxl8bvofO2olEtURWmsF3s
X-Received: by 10.152.244.130 with SMTP id xg2mr35268763lac.4.1388700986715; Thu, 02 Jan 2014 14:16:26 -0800 (PST)
Received: from [10.0.0.166] (tb62-102-145-131.cust.teknikbyran.com. [62.102.145.131]) by mx.google.com with ESMTPSA id sd11sm45328506lab.2.2014.01.02.14.16.25 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 02 Jan 2014 14:16:25 -0800 (PST)
Content-Type: multipart/alternative; boundary=Apple-Mail-A5398DB1-8179-404D-8D98-819960858EEC
Mime-Version: 1.0 (1.0)
From: Leif Johansson <leifj@mnt.se>
X-Mailer: iPhone Mail (11B554a)
In-Reply-To: <CAMm+Lwh739peDF9MTh55KAvxwZ+eOfHNDArFphP_1gv_Q-1XtQ@mail.gmail.com>
Date: Thu, 2 Jan 2014 23:16:27 +0100
Content-Transfer-Encoding: 7bit
Message-Id: <B9008FC7-1EBF-4904-819C-7538CA97D38F@mnt.se>
References: <22429D73-4EFC-4091-8F5B-BAD38968EA54@taoeffect.com> <CAMm+LwiMXdEnHqD0y_S-fP6081Tk=A=7-9LsJQhRuawmmmfdTg@mail.gmail.com> <FEFA307D-97E0-4C58-AB43-5B9AB8E8FC70@taoeffect.com> <CAMm+Lwjwww28tV_qvqQVH3xo1xqvjb6z++258+LOqgxWn-Oh9w@mail.gmail.com> <52B88104.9040607@appelbaum.net> <52C2D54F.8000209@comodo.com> <52C45CDC.5020608@appelbaum.net> <96EF8E55-5860-4534-B370-83395C3985D4@vpnc.org> <52C5B67D.4050301@appelbaum.net> <CAMm+LwjMGOTueS_hu+xPTtXkjfEXqUbPeGR=WYP+t48CJdn_3w@mail.gmail.com> <DB4645B1-9247-42ED-83D2-5251538D5D96@mnt.se> <CAMm+Lwh739peDF9MTh55KAvxwZ+eOfHNDArFphP_1gv_Q-1XtQ@mail.gmail.com>
To: Phillip Hallam-Baker <hallam@gmail.com>
Cc: "therightkey@ietf.org" <therightkey@ietf.org>, Paul Hoffman <paul.hoffman@vpnc.org>, Jacob Appelbaum <jacob@appelbaum.net>
Subject: Re: [therightkey] DNSNMC deprecates Certificate Authorities and fixes HTTPS security
X-BeenThere: therightkey@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <therightkey.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/therightkey>, <mailto:therightkey-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/therightkey/>
List-Post: <mailto:therightkey@ietf.org>
List-Help: <mailto:therightkey-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/therightkey>, <mailto:therightkey-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Jan 2014 22:16:37 -0000


> 2 jan 2014 kl. 22:57 skrev Phillip Hallam-Baker <hallam@gmail.com>om>:
> 
> 
> 
> 
>> On Thu, Jan 2, 2014 at 4:00 PM, Leif Johansson <leifj@mnt.se> wrote:
>> 
>> 
>> 2 jan 2014 kl. 21:25 skrev Phillip Hallam-Baker <hallam@gmail.com>om>:
>> 
>>>> > Please don't overstate the results of
>>>> > the excellent research that you did; doing so diminishes the
>>>> > research.
>>>> 
>>>> I'm not overstating anything. I think you don't understand what we
>>>> actually did if you think that later, patching things will somehow
>>>> magically stop previously successful attacks...
>>> 
>>> 
>>> You are confusing people by using a valid attack against the algorithm to argue against the trust model. PKIX is designed on the assumption that the digest algorithm chosen is secure against a second preimage attack.
>> 
>> The fundamental flaw in the pkix trust model is that there is no deployable mechanism for limiting the impact of such an attack.
>> 
>> That realization should inform future design and that bit is certainly on topic ;-)
> 
> It is on topic but not limited to PKIX. 
> 
> We have since learned that algorithm agility is not quite the security benefit we once thought as the security of the system is determined by the weakest algorithm you support, not the strongest one you implement.
> 

A trust model based on shorter-time-to-live keys would have limited the impact too.


> 
> Problem is that I can't see a way to really control this type of attack without a very considerable cost in usability and I think it would constrain other defenses.
> 
> Anyone using Windows XP in the Enterprise for any purpose other than finding viruses is guilty of security malpractice at this point. It is an obsolete OS that would have been at EOL if lazy sysadmins hadn't begged to keep it.
>  
> 
> My current solution in my email project is to attempt to require SHA512 for all certificates. But I am not sure that is actually sustainable.
> 
> -- 
> Website: http://hallambaker.com/