IETF Logo Mail Archive

Re: [TLS] some thoughts on dnssec-chain-extension, pinning, and broader semantics

Paul Wouters <paul@nohats.ca> Tue, 06 November 2018 05:02 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 945C01294D0 for <tls@ietfa.amsl.com>; Mon, 5 Nov 2018 21:02:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 26HhPqBQ4kC9 for <tls@ietfa.amsl.com>; Mon, 5 Nov 2018 21:02:00 -0800 (PST)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4CB90126BED for <tls@ietf.org>; Mon, 5 Nov 2018 21:02:00 -0800 (PST)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 42py836xYMzFnW; Tue, 6 Nov 2018 06:01:55 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1541480516; bh=+1IVPAIocbdn0ER3aZ/PjkNuDgQWC7eKv7hImyZjpm0=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=p3OM5P1Ha9FilT0SfDp35RTJ+70n60kx+VNpmH+jS+JrcV5FpGEyVkkRrXi/3omPS eUnsXI84Z93udQGjEcUuGSCPnzF3ED2mqqVerLkFiaZ5bAZpXYufuxnpXmCQ/wJzhC g1XdRs6kINzVWVZ2/schk5wTTEQTPBVlOHCpJ0zc=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id fEbKQ0sFsR9p; Tue, 6 Nov 2018 06:01:54 +0100 (CET)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Tue, 6 Nov 2018 06:01:53 +0100 (CET)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 6442B681889; Tue, 6 Nov 2018 00:01:52 -0500 (EST)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca 6442B681889
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 5B6E441C3B26; Tue, 6 Nov 2018 00:01:52 -0500 (EST)
Date: Tue, 06 Nov 2018 00:01:52 -0500
From: Paul Wouters <paul@nohats.ca>
To: Benjamin Kaduk <bkaduk@akamai.com>
cc: "Salz, Rich" <rsalz@akamai.com>, "<tls@ietf.org>" <tls@ietf.org>
In-Reply-To: <20181106032747.GF4141@akamai.com>
Message-ID: <alpine.LRH.2.21.1811052355500.10631@bofh.nohats.ca>
References: <20181105130157.GF54966@kduck.kaduk.org> <2714F93F-3658-4E2E-8390-284C6D401447@dukhovni.org> <1450B335-5F7D-43A6-8BC6-181DFE1865C9@akamai.com> <alpine.LRH.2.21.1811052149490.3332@bofh.nohats.ca> <20181106032747.GF4141@akamai.com>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/4tyUFGzEbAKTaEW34j7Uf9jaV5w>
Subject: Re: [TLS] some thoughts on dnssec-chain-extension, pinning, and broader semantics
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Nov 2018 05:02:03 -0000

On Mon, 5 Nov 2018, Benjamin Kaduk wrote:

>> The draft tries to enable a trust model based on DNSSEC, but due to
>> missing pinning, fails to deliver that.
>>
>> A better way is saying the draft enables a trust model that restricts
>> the webpki, addressing the problems of too many unrestricted root CA
>> players being accepted by  TLS clients these days [provided the draft
>> adds a mechanism like pinning to prevent downgrade attacks]
>
> If we don't agree on what the draft is trying to do, it seems rather
> difficult to attempt to claim that there is WG consensus to publish it.
>
> This seems to suggest that we may need more precise text in the
> document about what it is (and is not) trying to do.  The slides Sean
> posted for the Wednesday session note that fairly early in the timeline
> we thought:

I havent looked at the slides yet, I didnt see anything last time I
looked to see what te Wednesday slot would be like.

>    Primarily aimed at making
>    DANE practical for HTTPS,
>    where last-mile considerations
>    on the client end are a
>    significant part of the adoption
>    barrier.
>
> Paul, are you proposing that this would only be PKIX-{EE,CA} to the
> exclusion of DANE-{EE,CA}?  (In terms of "restricts the webpki".)

No. The restriction of webpki can be to restrict to 0 webpki root CA's
and instead restrict to an EE cert or public key, as per TLSA usage selectors.

I was trying to be as short as possible for Rich, and keep the focus on
ensuring the draft gains support for restricting, for which we currently
have one proposal (pinning).

Paul

v2.23.0 | Report a Bug | By Email