Re: [TLS] Please discuss: draft-housley-evidence-extns-00<
Martin Rex <martin.rex@sap.com> Mon, 29 January 2007 16:01 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HBYwR-0002F7-1A; Mon, 29 Jan 2007 11:01:11 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HBYwP-0002Eu-RU for tls@ietf.org; Mon, 29 Jan 2007 11:01:09 -0500
Received: from smtpde03.sap-ag.de ([155.56.68.140]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HBYwN-0006aC-AC for tls@ietf.org; Mon, 29 Jan 2007 11:01:09 -0500
Received: from sap-ag.de (smtpde03) by smtpde03.sap-ag.de (out) with ESMTP id RAA21786; Mon, 29 Jan 2007 17:00:59 +0100 (MEZ)
From: Martin Rex <martin.rex@sap.com>
Message-Id: <200701291558.QAA11833@uw1048.wdf.sap.corp>
Subject: Re: [TLS] Please discuss: draft-housley-evidence-extns-00<
To: home_pw@msn.com
Date: Mon, 29 Jan 2007 16:58:08 +0100
In-Reply-To: <BAY126-DAV376C11DCDFB292D422D0E92A00@phx.gbl> from "home_pw@msn.com" at Jan 27, 7 09:03:09 pm
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-SAP: out
X-SAP: out
X-SAP: out
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 6d95a152022472c7d6cdf886a0424dc6
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: martin.rex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
home_pw@msn.com wrote: > > My latest machine happens to have an Infineon TPM chip in > the motherboard, that "assists" the IE7/Vista perform the > "trusted path" feature of that OS (as described in an > earlier missive addressing UI Popups that control > interaction with rendered HTML pages). The TPM chip is > (amongst other roles) a motherboard-based RSA HSM. The > associated windows CSP helps https (in Windows OS) perform > the client auth operation in SSL. The "secure trust path(es)" in Windows (Vista) might be sufficient to apply digital restrictions management to "premium content" but it is insufficient for "digital signatures" replacing traditional end user signatures. For that, you will need a secure trust path between the user(s intent) and the digital signing device, means that it must include the entire visualization device and the user input device(s) which can add to that data pre-signature and which can trigger the signature generation. The visualization device is actually the more important part, because it will provide (application-specific) preformatted data that is to be signed. Keep in mind that the entire visualization device must be trusted, not just the path to it. I've been asking several interesting questions about TLS Evidence that have gone unanswered so far: - applications that receive communication with significant preprocessing by middleware have absolutely no chance to verify now or later whether a received application-level request matches the contents of a signed TLS Evidence blob. Not when receiving it, at never in the future. TLS Evidence applied to a traditional "notary" operation would look like this: A surveillance video camera records you when you enter the building, it records your entire walk to the office, including all details of a potential "pit stop". It records how you fill out the paperwork how you "apply the signature", and how the notary verifies your identity and counter-signs. Then that entire video-tape together with the paperwork is archived, however, it is impossible to verify whether the paperwork that is archived matches the paperwork that is captured on the video-tape. (TLS Evidence equals the video-tape here). There really is no need to secure anything other that the paperwork, the identification and the signing process. The other serious issue with TLS Evidence is its interference with middleware and application design. Think about the "signed HTTP(S) FORM" idea that was mentioned. Somehow the application must tell the TLS stack to start TLS Evidence before sending the Form. How is the app going to identify the communication channel? Actually, it can not. It could guess and "tell" the TLS stack to request TLS Evidence for the SSL session ID through which the FORM was returned. But as we know, an SSL session is not unique, Web Browsers duplicate SSL sessions massively to speed up communication with the Server, and both servers and clients will terminate HTTP/1.1 keep-alive sessions that are idle for some amount of seconds (30-60 seconds is not uncommon) -- so a Form that isn't filled an POSTed within that timeout will be sent on a different communication channel, although it might reuse the same SSL session ID. Basically all the web-shops, online-banking and online-brokerage and ebay do not hold the user responsible for the data entered into the forms for serveral reasons. Instead, some amount of processing is applied to the data and a preformatted page is presented to the user for confirmation. Reasons may be manyfold, like computing a total or checking availability or consistency of an order, but it is also a means to catch some amount of typing (or copy&paste) errors by giving the user a chance to re-think his decision or fix a typo, re-check terms&conditions, re-think warranty or shipping options, what-have-you... For brokerage-style operations, I consider it likely that the decision to by a particular stock how many is determined _before_ either the price/bid and/or the time when to issue, e.g. while watching the ticker. So a signature on the entire communication at the TLS layer might span a significant amount of time and collect large amounts or garbage in between due to how TLS session caching/resumption/duplication is designed to work. I'm wondering whether any one of those who thinks TLS Evidence is useful for applications has ever seen an auditor check a system? They expect to be able to browse through the audit trails and look at (random) samples of their choice, like "show me all audit records for this user during that day between this and that hour" and look at the details. For these auditors, TLS Evidence gobbledigoo blobs will be pretty useless, as they can not programmatically verify whether certain data as processed by the application maps to a particular archived TLS Evidence record. If app-level signed XML was used instead, it will be possible at any time (before processing and during future audits) to verify the signature and check whether the data which the application actually processed really matches the signed audit trail. -Martin _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- RE: [TLS] Please discuss: draft-housley-evidence-… Kemp, David P.
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Stefan Santesson
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Kemp, David P.
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Nelson B Bolyard
- Re: [TLS] Please discuss: draft-housley-evidence-… Peter Gutmann
- Re: [TLS] Please discuss: draft-housley-evidence-… Omirjan Batyrbaev
- Re: [TLS] Please discuss: draft-housley-evidence-… Peter Gutmann
- Re: [TLS] Please discuss: draft-housley-evidence-… Steven M. Bellovin
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Russ Housley
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Russ Housley
- RE: [TLS] Please discuss: draft-housley-evidence-… Peter Williams
- RE: [TLS] Please discuss: draft-housley-evidence-… Kemp, David P.
- Re: [TLS] Please discuss: draft-housley-evidence-… Peter Gutmann
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Peter Williams
- Re: [TLS] Please discuss: draft-housley-evidence-… Russ Housley
- RE: [TLS] Please discuss: draft-housley-evidence-… Peter Williams
- RE: [TLS] Please discuss: draft-housley-evidence-… Kemp, David P.