IETF Logo Mail Archive

Re: [Trans] Gossip: Unsticking a client caught with potential evidence of log misbehavior

Tom Ritter <tom@ritter.vg> Tue, 20 October 2015 15:28 UTC

Return-Path: <tom@ritter.vg>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1A4301A9100 for <trans@ietfa.amsl.com>; Tue, 20 Oct 2015 08:28:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.379
X-Spam-Level:
X-Spam-Status: No, score=-1.379 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kxQd6RF-CdH1 for <trans@ietfa.amsl.com>; Tue, 20 Oct 2015 08:28:00 -0700 (PDT)
Received: from mail-qg0-x234.google.com (mail-qg0-x234.google.com [IPv6:2607:f8b0:400d:c04::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 068781B3436 for <trans@ietf.org>; Tue, 20 Oct 2015 08:22:39 -0700 (PDT)
Received: by qgad10 with SMTP id d10so17842970qga.3 for <trans@ietf.org>; Tue, 20 Oct 2015 08:22:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ritter.vg; s=vg; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=XgCUBTQtNdPovshS5RihMSkkymMZ+bKzeud/O6KMe0Y=; b=23TY2IH7HOFBBx/V4wcsy/4HsB2Gq37XI9Cxak9HOW/CPUNUh+l5/xta96fvtalTwN 7LNohlkve4HQOUB/y7b57LcyQbzmoKjAf1gmvpCglNgs/c5JxNIuwoumNdgjlapW3GBo qH48QWs6obopgsquGHtWhBfpR9dJcXienzTLk=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=XgCUBTQtNdPovshS5RihMSkkymMZ+bKzeud/O6KMe0Y=; b=kqFR2MrU+QPv4BFe4/AjEulLLdREX+pkcF5OcHX2k1E4OPs4ediOGF61YM9gjf9l2/ 5VoLor97RA0jtEtE/AWDdnBELOCaDgvnzYtZto/b4hKmT6S9z9O3IX12kBU0JAEXHxWj vXJzhU9MtiKZbnO3SXwH0LRUTmdwSu2jWXBNIRSkFI/DRyf3YHq0l7juAXVizFA7gK6N A4uzZMSUUEgePqmVodrcCpDvlJF9M8Vy1H7WciZ5fz4wXzueFN8YpamyCCvJUsATUvae Nw/xF1fzrw8qHVuZcqZqdF/lGlEQS+TkkTFJrcigtgv/xV3kLyh+uYOZQUOTzikzGAzY 7eVw==
X-Gm-Message-State: ALoCoQlDcCi40YPN4Ok2HcXjzTAMpLULJSMKa34ghpfvkO/s1g2A9yOorc8OClx7bbD4R7CLrPc/
X-Received: by 10.140.41.81 with SMTP id y75mr4634065qgy.5.1445354558115; Tue, 20 Oct 2015 08:22:38 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.94.6 with HTTP; Tue, 20 Oct 2015 08:22:18 -0700 (PDT)
In-Reply-To: <CALzYgEfsEOyuo9Ez2JqoMJ=WzZ3mFY+eTe6L2F6ZSLJEiVJAJQ@mail.gmail.com>
References: <CA+cU71m0wpnD1ZYOTtr=oW+1BjquFxyagtMt+wgCgC_PD0PE-g@mail.gmail.com> <CABrd9SQd2RETKQWe9-_KCHufAWjBhs2k008vEz-5cyM_gbY4Qw@mail.gmail.com> <E1812BE0-BD94-4050-95DB-C0483303AFF2@isoc.org> <CABEqWMC=pJUMEn8DxxTn6VTBs9hpayC-ZVUwcGdvg=PEw-Q=Rg@mail.gmail.com> <CALzYgEfsEOyuo9Ez2JqoMJ=WzZ3mFY+eTe6L2F6ZSLJEiVJAJQ@mail.gmail.com>
From: Tom Ritter <tom@ritter.vg>
Date: Tue, 20 Oct 2015 10:22:18 -0500
Message-ID: <CA+cU71=YMq3jJhdnv_CqmteUhRnnxYmbpjQ=hN0DhFbBoy+ERg@mail.gmail.com>
To: Eran Messeri <eranm@google.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/trans/-1mu-J7EoZDCF0XNdCCGojP-ibI>
Cc: Katriel Cohn-Gordon <me@katriel.co.uk>, Robin Wilton <wilton@isoc.org>, "trans@ietf.org" <trans@ietf.org>
Subject: Re: [Trans] Gossip: Unsticking a client caught with potential evidence of log misbehavior
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Oct 2015 15:28:01 -0000

On 20 October 2015 at 08:46, Eran Messeri <eranm@google.com> wrote:
> +1 for reporting it backed to the alleged origin - the problem Tom describes
> is significant as the client would want to hold onto these suspicious pieces
> of information until it is confident it has been reported, but has no way of
> knowing if the report has been acknowledged by the 'genuine' origin.
>
> One option is to not prescribe when clients drop such pieces of information,
> so clients are free to re-send it multiple times or even forever, until an
> out-of-band signal (i.e. a client software update) is received to indicate
> to the client that this information has been received and acted upon.

So reporting it back to the origin is an appropriate solution for a
subset of situations.  If I have an SCT+certificate I want to resolve
to a STH, but can't, I can report it up to the origin via SCT
Feedback.  We also (or will) have guidelines for submitting it
multiple times, and ensuring that it's reported on a connection that
'looks okay' (we have some notes in 7.1.1)

There are (at least) two cases that aren't covered by "report it to
the origin". (Maybe more, but I can only think of two right now.)

- The origin doesn't implement SCT Feedback.
- The data I have is an older STH, which is not tied to any specific origin.

-tom

v2.23.0 | Report a Bug | By Email