Re: [Trans] DNSSEC also needs CT

Nico Williams <nico@cryptonector.com> Tue, 13 May 2014 15:12 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70F741A0124 for <trans@ietfa.amsl.com>; Tue, 13 May 2014 08:12:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.044
X-Spam-Level:
X-Spam-Status: No, score=-1.044 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KyJ7Z4uZRTPr for <trans@ietfa.amsl.com>; Tue, 13 May 2014 08:12:18 -0700 (PDT)
Received: from homiemail-a111.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) by ietfa.amsl.com (Postfix) with ESMTP id 74E2C1A0125 for <trans@ietf.org>; Tue, 13 May 2014 08:11:39 -0700 (PDT)
Received: from homiemail-a111.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a111.g.dreamhost.com (Postfix) with ESMTP id 1660A2007F008 for <trans@ietf.org>; Tue, 13 May 2014 08:11:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=g48Y6LRCtThv6aMbKR++ gMsxTes=; b=ibrT3uKFllhqDJHSbxxzotzJHWMrggbnekRvGxtmIBsj9zY8LbgX H9lNg2TXWJTUFoRW6YVnhe16uBv92GMJWUn9qebls6mkqVixkxBc0/LcJqQqnOit Va5zRtF5zyyW+iqh081bzW2+7Rm4tClVV7aCvfN+CEhyxXGEySh6u8o=
Received: from mail-wi0-f170.google.com (mail-wi0-f170.google.com [209.85.212.170]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a111.g.dreamhost.com (Postfix) with ESMTPSA id BF8212007F003 for <trans@ietf.org>; Tue, 13 May 2014 08:11:32 -0700 (PDT)
Received: by mail-wi0-f170.google.com with SMTP id bs8so7264616wib.3 for <trans@ietf.org>; Tue, 13 May 2014 08:11:31 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.180.108.147 with SMTP id hk19mr21252934wib.42.1399993891648; Tue, 13 May 2014 08:11:31 -0700 (PDT)
Received: by 10.216.29.200 with HTTP; Tue, 13 May 2014 08:11:31 -0700 (PDT)
In-Reply-To: <537231FC.4010007@fifthhorseman.net>
References: <CAK3OfOjiL2DTJPH3CaAjg8YGrrwN56SgQ+DnqPXx4MLbgXQN+A@mail.gmail.com> <CAMm+Lwieij8Tm8V-gpE0eAfwie1dgtFL_Ga8dPkJFKJKLQDAcA@mail.gmail.com> <CAK3OfOiKjY6YyiyeHiFJrecZfj_uQ-2k+KucKnzb9Yt8VCRPOQ@mail.gmail.com> <CAHw9_iKpN7AXfrH6SzroMukrKTPR5z24U9KfWpVW-F2R_wX3ag@mail.gmail.com> <alpine.LFD.2.10.1405101722240.897@bofh.nohats.ca> <CABrd9ST7K-7RGwGD2G+kDcVSceC2ZJ-5Tz2tdp5NWa3cqBK+-w@mail.gmail.com> <CAOe4Ui=nqmCfjBYNE2CJtEs1jnbavpY4Dv-T3FRDdAwAA2dScg@mail.gmail.com> <CAK3OfOiYMJkXVR+QsCzEV0ir6u53coJz0b-JdGGD5bTTz5YcMg@mail.gmail.com> <CAOe4Ui=u0fkm9_nuXx_6gpH6jHM5pBvzjzru9O8y3bpLkA0qmw@mail.gmail.com> <CAK3OfOi6y=QAMXe_2axiavxwR5nS2Uv8SM4JxQHsvEKbUyNGCA@mail.gmail.com> <537231FC.4010007@fifthhorseman.net>
Date: Tue, 13 May 2014 10:11:31 -0500
Message-ID: <CAK3OfOi1GuwuaW42B1kpaj_HM989fJOOuGkoJsortuEqUfOJxA@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Content-Type: text/plain; charset=UTF-8
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/5yM3EYb-MJlWAMsAJxnpSrFPqdo
Cc: Ben Laurie <benl@google.com>, "trans@ietf.org" <trans@ietf.org>, Joseph Bonneau <jbonneau@gmail.com>, Warren Kumari <warren@kumari.net>, Paul Wouters <paul@nohats.ca>
Subject: Re: [Trans] DNSSEC also needs CT
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 May 2014 15:12:20 -0000

On Tue, May 13, 2014 at 9:53 AM, Daniel Kahn Gillmor
<dkg@fifthhorseman.net> wrote:
> On 05/12/2014 02:01 PM, Nico Williams wrote:
>> The ones that matter most are the TLDs and the root.  Those get so
>> many users that they will be caught MITMing, if they do.
>
> I think technically what we care about is the public registries, not the
> TLDs.  This was my point about the public suffix list and DBOUND: that
> we care about .co.uk just as much as we care about .net.
>
> I know that some people use the term TLD to refer to the public
> registries instead of "top-level domains", but i think it's worthwhile
> to be precise in this discussion.

That's fair.  I do tend to think of co.uk. as a TLD... for lack of a
better term (is there one?), yes.  You're quite right: if a zone is
(has) a public registrar(s) then it should be audited w/o privacy.
Whereas if it doesn't sell registrar services, then it is less
important that it log names: we can assume that names below it are
roughly in the same administrative domain as the zone itself.

>> If evilhosting.com has lots of customers, then they'll help audit it,
>> else they might not.
>
> If evilhosting.com is handing out subdomains to its customers and
> expecting them to act as different administrative sub-zones, then
> evilhosting.com effectively *is* a public registry, and as such it needs
> to be auditable as well.  (it also needs to be considered a public
> registry for the sake of cookies and other same-origin policy things on
> the web, for example, so that jbonneau.evilhosting.com can't set cookies
> that would apply to dkg.evilhosting.com).

Agreed.

> Who is actually doing the monitoring and auditing is a separate
> question, though.
>
> note that CT appears to differentiate between monitoring (RFC 6962
> section 5.3) and auditing (RFC 6962 section 5.4) in this way:
>
>   Auditors make sure that SCTs are cryptographically valid against an
> STH, and that one STH chains properly to another;
>
>   Monitors make sure that the whole log itself is cryptographically
> valid, looking at all the data.
>
> Neither of these activities describes the actual checks that would need
> to happen for misissuance to be detected.  As noted in section 7.2,
> "interested parties" need to think about how to monitor to ensure that
> items with their administrative domains are not logged by other parties.

I would think that domain owners are "interested parties", and/or
maybe agents they delegate to (e.g., hosting companies).  I can audit
the logs for my domain's parent zone.  But yes, this probably needs to
be covered in more detail.  (Are there FOSS implementations of
monitors/auditors?)

> If this is neither "Monitoring" nor "Auditing" maybe we need a name for
> this kind of activity, so we can discuss it more directly?  how about
> "misissuance review"?

It seems to fall into "monitoring" given the text of the RFC.

> How does she know what logs to look in for this misissuance review?  Is
> there a way she can do this review efficiently?  I think these questions
> are relevant for regular CT as well, but a DNSSEC-focused CT adds the
> wrinkle of delegated zones.  (maybe this isn't actually worse than X.509
> PKI with its fully-delegated intermediate CAs though?)

No, it's easier!  With the name contraint-free TLS PKI the domain
owner has to check... every root CA.  With DNSSEC, which has strict
name constraints, there's only one issuer for each zone cut.

Nico
--