IETF Logo Mail Archive

Re: [Trans] can CT defend against dual CA compromise?

Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 24 February 2016 01:59 UTC

Return-Path: <dkg@fifthhorseman.net>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B31781B41AC for <trans@ietfa.amsl.com>; Tue, 23 Feb 2016 17:59:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a3fsnuqyYUql for <trans@ietfa.amsl.com>; Tue, 23 Feb 2016 17:59:13 -0800 (PST)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id 475D11B41A9 for <trans@ietf.org>; Tue, 23 Feb 2016 17:59:13 -0800 (PST)
Received: from fifthhorseman.net (rrcs-67-52-140-5.west.biz.rr.com [67.52.140.5]) by che.mayfirst.org (Postfix) with ESMTPSA id 73673F991; Tue, 23 Feb 2016 20:59:08 -0500 (EST)
Received: by fifthhorseman.net (Postfix, from userid 1000) id 90F3420580; Tue, 23 Feb 2016 17:59:08 -0800 (PST)
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
To: Ben Laurie <benl@google.com>, Tom Ritter <tom@ritter.vg>
In-Reply-To: <CABrd9ST2fUz+JPxoimvuw_XFeoNEmGNhPpS3w-PC22ZQDez7AA@mail.gmail.com>
References: <87io1i3gqw.fsf@alice.fifthhorseman.net> <CABrd9SQh5B8E8phCvgLdUntKBu=u4p2iUHJ7ZrjqMwz8edwLHA@mail.gmail.com> <56CAF5B2.30207@comodo.com> <CA+cU71m7akWkLFPiTVOShuTBHLVWfA+Byw2vXF-AZtH0Byik5A@mail.gmail.com> <CABrd9ST2fUz+JPxoimvuw_XFeoNEmGNhPpS3w-PC22ZQDez7AA@mail.gmail.com>
User-Agent: Notmuch/0.21+74~gb409435 (http://notmuchmail.org) Emacs/24.5.1 (x86_64-pc-linux-gnu)
Date: Tue, 23 Feb 2016 17:59:05 -0800
Message-ID: <87povm27iu.fsf@alice.fifthhorseman.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Archived-At: <http://mailarchive.ietf.org/arch/msg/trans/9E_sBCdfQ57RyXmctLurOSFucKM>
Cc: Rob Stradling <rob.stradling@comodo.com>, "trans@ietf.org" <trans@ietf.org>
Subject: Re: [Trans] can CT defend against dual CA compromise?
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Feb 2016 01:59:14 -0000

On Tue 2016-02-23 03:06:25 -0800, Ben Laurie wrote:
> Fair point. At least two ways of doing this:
>
> a) Run a log that is not trusted for HTTPS connections.

(trolling: i thought logs didn't have to be trusted...)

what encourages any party in the ecosystem to log in this untrutsed log?

> b) Continue to accept certs from X, but don't allow SCTs after the last
> good timestamp for X.

What does this buy us?  Can't an inclusion proof (post-MMD) from this
log perform the same role as the SCT?

        --dkg

v2.23.0 | Report a Bug | By Email