IETF Logo Mail Archive

Re: [Trans] [trans] #73 (rfc6962-bis): Section 3 text re logcertvalidationis ambiguous

Stephen Kent <kent@bbn.com> Tue, 07 July 2015 19:23 UTC

Return-Path: <kent@bbn.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F8091A8779 for <trans@ietfa.amsl.com>; Tue, 7 Jul 2015 12:23:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id twm3uLnf5igt for <trans@ietfa.amsl.com>; Tue, 7 Jul 2015 12:23:34 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C0C01A1B1F for <trans@ietf.org>; Tue, 7 Jul 2015 12:23:34 -0700 (PDT)
Received: from ssh.bbn.com ([192.1.122.15]:56748 helo=COMSEC-2.home) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1ZCYSr-000MvO-4B for trans@ietf.org; Tue, 07 Jul 2015 15:23:33 -0400
From: Stephen Kent <kent@bbn.com>
To: trans@ietf.org
References: <052.b3ecc6ca8b28cc47e13443079611ce86@tools.ietf.org><067.7becba46c4f8b854834f9bb0c27374ce@tools.ietf.org><559A9977.1040808@bbn.com> <559A9B83.6040000@comodo.com> <559AA60A.1060501@bbn.com> <559AD74A.5030806@comodo.com> <559ADBF5.7000807@bbn.com> <559ADF2B.3050507@comodo.com>
Message-ID: <559C2734.9090306@bbn.com>
Date: Tue, 07 Jul 2015 15:23:32 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0) Gecko/20100101 Thunderbird/38.0.1
MIME-Version: 1.0
In-Reply-To: <559ADF2B.3050507@comodo.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/trans/2lnFuEYZQc7T4cZdR0P5qU54t5o>
Subject: Re: [Trans] [trans] #73 (rfc6962-bis): Section 3 text re logcertvalidationis ambiguous
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jul 2015 19:23:36 -0000

Rob,


> ...
>> I think may have misunderstood my point. I did not request that a log
>> return an error indicating why a cert failed the logs checks. I asked
>> that there be a deterministic way for a submitter to know whether a
>> cert will pass.
>
> Ah, I see.
>
Glad to see we're on the same page now.
>> That can be accomplished in (at least) two ways:
>> establish a standard set of checks that all logs perform
>
> The I-D already says:
>   "Logs MUST accept certificates that are fully valid according to RFC
>    5280 [RFC5280] verification rules and are submitted with such a
>    chain."
>
> So the "deterministic way for a submitter to know whether a cert will 
> pass" is for the submitter to ensure that the cert is fully compliant 
> with RFC5280 verification rules and is supplied with a chain up to a 
> root cert that the log accepts.
I agree. BUT, the argument is being made that some (many?) CAs issue 
certs that do not
comply with 5280, and that CT logs cannot reject such certs because such 
sloppiness
is too widespread. That appears to be the rationale for the text you 
cite below.
So, we are saying is that logs MAY reject certs that do not comply with 
5280, for
any set of unspecified reasons, but there is no way for a submitter to 
know which
logs do what checks, given the vast leeway accorded by the text below. 
That results in
the non-determinism, which I see as bad.

(Note that my proposal to create a set of IANA-registered profiles for types
of certs, each describing syntax and other checks,  might be applicable 
here.
A log could enumerate the profiles against which it will perform 
validation checks
and a submitter can indicate under which profile the cert was issued. 
Just a thought.)
> We don't want to encourage submitter CAs to needlessly violate RFC5280, 
I agree!
> so I see no good reason why we should turn the following behaviour 
> into something deterministic:
>
>   "Logs MAY accept certificates and precertificates that have
>    expired, are not yet valid, have been revoked, or are otherwise not
>    fully valid according to RFC 5280 verification rules in order to
>    accommodate quirks of CA certificate-issuing software."
Your argument seems to be that by introducing ambiguity and uncertainty 
into the
log validation process we will encourage CAs to adhere to 5280. That 
strikes me as a
questionable design strategy.

Steve

v2.23.0 | Report a Bug | By Email