IETF Logo Mail Archive

Re: [TLS] Eric Rescorla's Discuss on draft-ietf-tls-dnssec-chain-extension-06: (with DISCUSS and COMMENT)

Nico Williams <nico@cryptonector.com> Tue, 27 February 2018 23:39 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C338412EA64; Tue, 27 Feb 2018 15:39:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cryptonector.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PYLQQJ7qmXHi; Tue, 27 Feb 2018 15:38:59 -0800 (PST)
Received: from homiemail-a32.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6F4512D892; Tue, 27 Feb 2018 15:38:59 -0800 (PST)
Received: from homiemail-a32.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a32.g.dreamhost.com (Postfix) with ESMTP id 70B016000F06; Tue, 27 Feb 2018 15:38:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=cryptonector.com; bh=ZrbatDrwJTpuyx S+cVwODzcQ/uw=; b=h8n07jzSTNH3Yas89hqVEUUy3JOEAdgIXb4Zp3U7rIy0Lc KnSgmAXmty0/Hih/ZGp+OLpvvJeL8vA1L5vDddWzbPdrCbN9H9IQTZNPuSU/Cc4E wZw5ZQ0Foj1gVA60PmG0O2XRdtDL9V+xGD+U462EU43qUe8mvlWXsR5rvj4co=
Received: from localhost (cpe-70-123-158-140.austin.res.rr.com [70.123.158.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a32.g.dreamhost.com (Postfix) with ESMTPSA id E42F26000F05; Tue, 27 Feb 2018 15:38:58 -0800 (PST)
Date: Tue, 27 Feb 2018 17:38:55 -0600
From: Nico Williams <nico@cryptonector.com>
To: Shumon Huque <shuque@gmail.com>
Cc: Viktor Dukhovni <viktor@dukhovni.org>, The IESG <iesg@ietf.org>, draft-ietf-tls-dnssec-chain-extension@ietf.org, TLS WG <tls@ietf.org>, tls-chairs <tls-chairs@ietf.org>
Message-ID: <20180227233854.GE8921@localhost>
References: <CAHPuVdUgZLUf5M8ir=610mvERwQzPhbhGGOyW5s552JtP8d05g@mail.gmail.com> <CABcZeBOST2X0-MH2hhzpPJaUkbY++udsUV1bMnMhH2V2wQRPmA@mail.gmail.com> <CAHPuVdUs7mUJiqZjFjLDCNmHHGR9AP-g5YaLLbJj-zkDKd=_-w@mail.gmail.com> <alpine.LRH.2.21.1802211425260.7767@bofh.nohats.ca> <CAHPuVdX=_6b5g572-T-9Ccwek-WwL11KdTVwV9oNC9LaO5=0=Q@mail.gmail.com> <alpine.LRH.2.21.1802260913290.9977@bofh.nohats.ca> <70D42B5C-7FF9-49C1-95D4-13FDC611FF96@dukhovni.org> <CAHPuVdU8boBpYO3QutJgawH-54fKD+R9PaaT-5yWE+y2t+BwwA@mail.gmail.com> <CAHPuVdWhEnYxcLUzs-zbnKiN0zj+WO-7_cK2EobS1Gipurk7CQ@mail.gmail.com> <20180227233610.GD8921@localhost>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20180227233610.GD8921@localhost>
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/NOLtHixRoeYzuvh6QAVnwYvWfKk>
Subject: Re: [TLS] Eric Rescorla's Discuss on draft-ietf-tls-dnssec-chain-extension-06: (with DISCUSS and COMMENT)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Feb 2018 23:39:01 -0000

On Tue, Feb 27, 2018 at 05:36:12PM -0600, Nico Williams wrote:
> On Tue, Feb 27, 2018 at 11:24:31AM -0500, Shumon Huque wrote:
> > On Tue, Feb 27, 2018 at 10:59 AM, Shumon Huque <shuque@gmail.com> wrote:
> > > Several of us were well aware of this during the early days of the
> > > draft, but perhaps many folks did not fully appreciate the impacts
> > > until I elaborated on them last year, and added text that described
> > > the "adversary with fraudulently obtained PKIX credentials" attack.
> > 
> > Following up to my own message, sorry ..
> > 
> > It occurred to me that perhaps a good way to mitigate this risk is
> > a combo of mechanisms like CAA and Certificate Transparency logs.
> 
> NO.  That's insanely complicated.  A pin-for-X-minutes TTL is trivial.
> Let's do this pin-to-DANE thing.

And I should add that if you'd work around downgrades by using CT, then
why bother with this extension *AT ALL*?!

I can't be emphatic enough about this.  This is an utter waste of
everyone's time here if we don't have this pin-to-DANE feature in this
draft.  The authors' time, the WG's time, the IESG's time, and
implementors' time.

Nico
--

v2.23.0 | Report a Bug | By Email