Re: [TLS] Fwd: New Version Notification for draft-sheffer-tls-pinning-ticket-00.txt
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Thu, 15 October 2015 23:55 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B85451A897B for <tls@ietfa.amsl.com>; Thu, 15 Oct 2015 16:55:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.8
X-Spam-Level:
X-Spam-Status: No, score=0.8 tagged_above=-999 required=5 tests=[BAYES_50=0.8] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9R0yat_mfRF1 for <tls@ietfa.amsl.com>; Thu, 15 Oct 2015 16:55:19 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id 358B31A8974 for <tls@ietf.org>; Thu, 15 Oct 2015 16:55:19 -0700 (PDT)
Received: from fifthhorseman.net (unknown [38.109.115.130]) by che.mayfirst.org (Postfix) with ESMTPSA id 6EBBEF984; Thu, 15 Oct 2015 19:55:17 -0400 (EDT)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 618851FFA8; Thu, 15 Oct 2015 19:54:49 -0400 (EDT)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Yaron Sheffer <yaronf.ietf@gmail.com>, "tls@ietf.org" <tls@ietf.org>
In-Reply-To: <561BB319.3050108@gmail.com>
References: <20151011193517.30413.36864.idtracker@ietfa.amsl.com> <561ABF32.20008@gmail.com> <877fmtt9mh.fsf@alice.fifthhorseman.net> <561BB319.3050108@gmail.com>
User-Agent: Notmuch/0.20.2 (http://notmuchmail.org) Emacs/24.5.1 (x86_64-pc-linux-gnu)
Date: Thu, 15 Oct 2015 19:54:49 -0400
Message-ID: <874mhrr8l2.fsf@alice.fifthhorseman.net>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/KPtxzoS9AocU6PnPpL3-b_b4EsI>
Subject: Re: [TLS] Fwd: New Version Notification for draft-sheffer-tls-pinning-ticket-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Oct 2015 23:55:21 -0000
On Mon 2015-10-12 09:18:17 -0400, Yaron Sheffer wrote: > I'm not familiar enough with TACK at the moment. I can write something > up, or if you'd like to contribute text, that'll be awesome. i'm not up-to-speed yet either, and am unlikely to be able to get to this soon, sorry! > IMO persisting the master key to disk is less of a problem than > distributing it across cluster members, and this is something that > needs to happen or session resumption will fail regularly. Regular > rotation of the master key means that persisting it to disk is not > such a risk. You are right that a session resumption master key needs > not be backed up, whereas the pinning secret may need to be backed up > securely for disaster recovery. hm, i'm not convinced of this tradeoff in general -- in today's "cloud-y" age, backing up to disk rather than keeping in RAM might trigger writes to data storage that's owned by yet another entity. This means you have the potential for traffic decryption not only to those who can access your CPU and RAM, but those who run your storage backend. Even worse, if the pinning secret is derived from the session resumption master secret as recommended in section 4.2, then the temptation will be to store the session resumption master secret to disk, which puts the forward secrecy of resumed sessions at risk. If admins don't persist the resumption master secret, but persist only the derived secret, then there are two modes of operation: one running from the derived secret, and one running from the backup secret, which sounds messy. Perhaps some implementation guidance is warranted here? > Yes, I was thinking of privacy in the face of passive attackers who > listen in to the TLS handshake. Not when the server itself is out to get > you. I suspect that there is little you can do to protect your privacy > when the server itself is malicious, but I'm sure you are more > knowledgeable about these issues. TLS servers themselves should not be able to track a TLS client in the event that the client decides to not be tracked. For example, a client could refuse to initiate session resumption, and could offer a standardized, common TLS Client Hello. Maybe privacy from a pinned-ticket server can be achieved by a client by simply never sending the ticket pinning extension, or by never sending it on subsequent connections? this would come at the cost of losing the ability to detect when a server's identity gets swapped out, of course. It's not a particularly satisfying tradeoff. > You are right. "Certificate pinning" is the more common term, but is it > less precise. fwiw, "certificate pinning" is also used in https://tools.ietf.org/html/rfc6125#page-11 to describe what browsers often call a "security exception" -- a non-validating certificate that the user explicitly decides to allow for a given site. this kind of additional grant is the *opposite* of the additional restriction you're describing. better to stick to "public key pinning", which has no such connotations. > The longer you keep a keypair, the more likely it is to be compromised. > So you may not want to keep a keypair in "cold storage" for a year, and > then use it as a production cert for another year. > > Depending on your setup, the risk may be much larger on the production > server than on some offline storage, and then your proposed process > makes perfect sense. yes, i intended the proposal to be for an admin who has access to offline storage (though even an encrypted thumb drive locked in a drawer would do). > One difference is that in HPKP, the data stored in (b) is > security-critical, in that its compromise is just as bad as compromise > of the site's regular secret key (you can use it to MITM all > connections to the server). In my proposal the pinning secret is truly > a "second factor". Its compromise is an issue only if you can *also* > generate a fake certificate. I'm not sure about this distinction. No certificate has been issued for the HPKP backup key until just before it is deployed. So the attacker has to get a certificate issued for that secret key anyway, right? > Another major difference is that my proposal avoids the manual > management steps of HPKP (at least until we have ACME widely > deployed). The pinning secret can be generated automatically when the > server is started and rolled over periodically, with no human in the > loop. Since you'd still need to persist the secret to disk in some reliable way that handles rotation, backup, etc. safely if you don't want to risk bricking the site, I think you're saying that hypothetical software stack X has a better chance at successful implementation and deployment than hypothetical software stack Y. ;) Thanks for proposing this, Yaron. --dkg
- [TLS] Fwd: New Version Notification for draft-she… Yaron Sheffer
- Re: [TLS] Fwd: New Version Notification for draft… Dave Garrett
- Re: [TLS] Fwd: New Version Notification for draft… Daniel Kahn Gillmor
- Re: [TLS] Fwd: New Version Notification for draft… Yaron Sheffer
- Re: [TLS] Fwd: New Version Notification for draft… Yaron Sheffer
- Re: [TLS] Fwd: New Version Notification for draft… Daniel Kahn Gillmor