IETF Logo Mail Archive

Re: [TLS] security considerations for draft-rescorla-tls-subcerts

Simon Friedberger <simon.tls@a-oben.org> Wed, 05 April 2017 12:32 UTC

Return-Path: <simon.tls@a-oben.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F2D311286B2 for <tls@ietfa.amsl.com>; Wed, 5 Apr 2017 05:32:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pxcnhFjTwfGa for <tls@ietfa.amsl.com>; Wed, 5 Apr 2017 05:32:54 -0700 (PDT)
Received: from a-oben.org (squint.a-oben.org [144.76.111.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 844F8120227 for <tls@ietf.org>; Wed, 5 Apr 2017 05:32:54 -0700 (PDT)
Received: from [91.183.52.43] (helo=[192.168.1.207]) by a-oben.org with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.88) (envelope-from <simon.tls@a-oben.org>) id 1cvk73-0008Gc-V2 for tls@ietf.org; Wed, 05 Apr 2017 14:32:53 +0200
From: Simon Friedberger <simon.tls@a-oben.org>
To: tls@ietf.org
References: <m27f362zxm.fsf@dhcp-89ad.meeting.ietf.org> <MWHPR15MB1455F0758BE196CAB4BDF8BDB6360@MWHPR15MB1455.namprd15.prod.outlook.com> <c5799647-4568-4cbf-1708-52934a961f67@akamai.com>
Message-ID: <d93fe5c1-5236-f86c-34d0-2606204d672d@a-oben.org>
Date: Wed, 05 Apr 2017 14:32:37 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <c5799647-4568-4cbf-1708-52934a961f67@akamai.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/H4Ayh7m3b5E3beHW7sZV0HhekiI>
Subject: Re: [TLS] security considerations for draft-rescorla-tls-subcerts
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Apr 2017 12:32:56 -0000

It seems the intention behind short lived certificates is pretty clear:

   Server operators
   often want to create short-lived certificates for servers in low-
   trust zones such as CDNs or remote data centers.


But even if this is true it needs to be analyzed why server operators want
to do this and if their reasons are good ones.


The only example of a security gain I can think of is the following:
If a breach remains undetected but is accidentally fixed for example
through automatic updates. In this case a revocation will not be issued
but short-lived certificates would still invalidate the certificates an
attacker may have stolen.

I suppose, this is similar to the common notion of rotating secrets.


To me the increase in security weighted with the difficulty of obtaining
such short-lived certificates from a CA probably does not justify the extra
complexity of adding subcerts.


Best,
Simon

v2.23.0 | Report a Bug | By Email