Re: [Trans] Write-up of the "Strict CT" variant
Ryan Sleevi <ryan-ietf@sleevi.com> Wed, 07 June 2017 13:08 UTC
Return-Path: <ryan-ietf@sleevi.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2BFDC12EC23 for <trans@ietfa.amsl.com>; Wed, 7 Jun 2017 06:08:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.298
X-Spam-Level:
X-Spam-Status: No, score=-4.298 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.8, RCVD_IN_SORBS_SPAM=0.5, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sleevi.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gb-mRPURsRR0 for <trans@ietfa.amsl.com>; Wed, 7 Jun 2017 06:08:12 -0700 (PDT)
Received: from homiemail-a74.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C6D4B12EC01 for <trans@ietf.org>; Wed, 7 Jun 2017 06:08:12 -0700 (PDT)
Received: from homiemail-a74.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a74.g.dreamhost.com (Postfix) with ESMTP id 39C4BA004921 for <trans@ietf.org>; Wed, 7 Jun 2017 06:08:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sleevi.com; h=mime-version :in-reply-to:references:from:date:message-id:subject:to:cc :content-type; s=sleevi.com; bh=Wuj8XUvqCQwouI6u11QGdC4zNQE=; b= vKiknugfKII/5Nhhi1HkadQdYr6e9BfQEgeSCZqSDygmwQ+wLLrUqpoeamyaBmnc c+2COKDj5myP7bRNZJ9jYmX8ViGwNFoS8WBagFyKtQrppmpqRGqbPJ4Ce78HiXjB aZJUiwol9pr3AljWlUsGz4sFzI8/mT4y1JHBNvvE2lU=
Received: from mail-wm0-f52.google.com (mail-wm0-f52.google.com [74.125.82.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: ryan@sleevi.com) by homiemail-a74.g.dreamhost.com (Postfix) with ESMTPSA id 0F066A00491C for <trans@ietf.org>; Wed, 7 Jun 2017 06:08:12 -0700 (PDT)
Received: by mail-wm0-f52.google.com with SMTP id d64so9486148wmf.1 for <trans@ietf.org>; Wed, 07 Jun 2017 06:08:11 -0700 (PDT)
X-Gm-Message-State: AODbwcBXLpVlYf3ULGEa9Gj7nA6cNS/jgrQGB+rjxBGzOyhyXW7l/Z+A 7TpVGYylnw+HtAZw4mmZaYKlXu6vSg==
X-Received: by 10.28.232.8 with SMTP id f8mr2147856wmh.51.1496840890440; Wed, 07 Jun 2017 06:08:10 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.128.200 with HTTP; Wed, 7 Jun 2017 06:08:09 -0700 (PDT)
In-Reply-To: <D1C7ADE2-DA28-4F29-A0AB-482435CD2B15@kth.se>
References: <CALzYgEeUCmj4BgY7uKdMnsvTcbvfAunquuqHxD7FxuzZxY1=Fg@mail.gmail.com> <0dd84938-9625-c6c8-5f31-d5d0d0683c5c@eff.org> <D1C7ADE2-DA28-4F29-A0AB-482435CD2B15@kth.se>
From: Ryan Sleevi <ryan-ietf@sleevi.com>
Date: Wed, 07 Jun 2017 09:08:09 -0400
X-Gmail-Original-Message-ID: <CAErg=HGxU7dnd1kifeCph8jTR6eLJn2GZ9=KehiyLpLgwTne=g@mail.gmail.com>
Message-ID: <CAErg=HGxU7dnd1kifeCph8jTR6eLJn2GZ9=KehiyLpLgwTne=g@mail.gmail.com>
To: Magnus Ahltorp <map@kth.se>
Cc: Jacob Hoffman-Andrews <jsha@eff.org>, Eran Messeri <eranm@google.com>, "trans@ietf.org" <trans@ietf.org>
Content-Type: multipart/alternative; boundary="001a11466ec68f8a4005515e6d1f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/9Q_Cn-XOj1FxnkTxKCML2TBLzcQ>
Subject: Re: [Trans] Write-up of the "Strict CT" variant
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jun 2017 13:08:15 -0000
On Wed, Jun 7, 2017 at 8:51 AM, Magnus Ahltorp <map@kth.se> wrote: > Well, that depends on the assurance level, doesn't it? For > domain-validated certificates, sure, but those are next to worthless > anyway. It would be hard to hold a CA responsible for issuing them, so the > need for logging them is really small. > Let's not introduce CAs' marketing distinction into the technical discussion. Domain validated certificates - the basis for the Web PKI - are the only security level that matter. The holder of such a certificate can impersonate any site named in the certificate - whether from example.com to google.com. The other forms of certificates, "Organizationally Validated" or "Extended Validation", or, in the EU, Qualified Website Authentication Certificates, while nominally trying to provide higher assurance, do not meaningfully do so in the security model of the Web (which is the Origin). To that end, the past decade of CA misissuance responses have come down, in part, to the misissuance of certificates that attest to a websites identity, and CAs have been held responsible. I can totally appreciate a perspective that believes that CAs' human processes are far more secure than their automated processes, even if that perspective is not supported by the data. However, if we accept that - from a pragmatic and practical security perspective - that identifying a website grants the capability of TLS termination (namely, lacking an EKU or having an id-kp-serverAuth EKU, and naming one or more dNSName or iPAddress identities in a SAN) - then these certificates are very much in scope of the Web PKI, and thus need to be logged, as they present risk to the Web PKI consumers. > > > > Certificate is used immediately, only with SCT: Clients accept > certificates only with SCTs for a limited duration; after that an inclusion > proof must be accompanied [4]. > > > [4] That requires auditing logs asynchronously, since an attacker with > persistent access could keep getting new SCTs issued, or some clients may > not have fresh STHs because they missed some updates. > > > > This seems potentially promising but I think it has some flaws. Would > this auditing be done by the logs themselves, or by monitors? IIUC, logs > are allowed to produce infinite SCTs for the same cert once they've logged > it, and they don't have to produce the list of SCTs they've signed. So the > only party that could meaningfully audit for excessive SCT generation would > be the log itself, which is the party we're trying to defend against. > > If we are talking about "limited duration" of SCTs, we are talking about > the age of the timestamp in the SCT. Each timestamp that is used to > generate an SCT is required to be logged in the log. That is what the log > is logging, cert+timestamp. > I think this may have resulted from a misunderstanding. I'll try to explain one such scenario. Consider at T=0, Certificate X is logged, and an SCT(X, 0) is issued. The proof that such SCT has been incorporated into the STH will not be required until T=24, so such a certificate can be used (without proof of inclusion) from T=0 to T=24. Now, if I am a malicious CA, a T=23, I approach the log again, and request SCT(X, 23). The log, colluding with the CA, issues SCT(X, 23) - rather than the expect SCT(X, 0). Further, the log does not incorporate the SCT(X, 0) into STH(24) - it silently discards it. Clients will not expect to see a proof of this inclusion until STH(47) - that is, SCT(X, 23) + 24. On T=46, I repeat this process, obtaining SCT(X, 46), and clients not expecting this until STH(70). By the CA and Log colluding, I can continue to extend the period upon which I, the Evil Log, do not log this certificate. This situation arises because the SCTs can be delivered through multiple means, so it does not necessarily need to be fixed in the certificate. Yet even if it was fixed in the certificate, so long as I, the Evil Server, stop serving the cert prior to T=24, clients won't check the inclusion proof. This is why it was remarked that some form of auditing - of the SCTs produced by the log - would need to be asynchronously done, to ensure that SCT(X, 0) wasn't 'extended' beyond that.
- [Trans] Write-up of the "Strict CT" variant Eran Messeri
- Re: [Trans] Write-up of the "Strict CT" variant Ryan Sleevi
- Re: [Trans] Write-up of the "Strict CT" variant Ryan Sleevi
- Re: [Trans] Write-up of the "Strict CT" variant Eran Messeri
- Re: [Trans] Write-up of the "Strict CT" variant Eran Messeri
- Re: [Trans] Write-up of the "Strict CT" variant Ryan Sleevi
- Re: [Trans] Write-up of the "Strict CT" variant Andrew Ayer
- Re: [Trans] Write-up of the "Strict CT" variant Andrew Ayer
- Re: [Trans] Write-up of the "Strict CT" variant Magnus Ahltorp
- Re: [Trans] Write-up of the "Strict CT" variant Tom Ritter
- Re: [Trans] Write-up of the "Strict CT" variant Filippo Valsorda
- Re: [Trans] Write-up of the "Strict CT" variant Jacob Hoffman-Andrews
- Re: [Trans] Write-up of the "Strict CT" variant Magnus Ahltorp
- Re: [Trans] Write-up of the "Strict CT" variant Ryan Sleevi
- Re: [Trans] Write-up of the "Strict CT" variant Magnus Ahltorp
- Re: [Trans] Write-up of the "Strict CT" variant Ryan Sleevi
- Re: [Trans] Write-up of the "Strict CT" variant Magnus Ahltorp
- Re: [Trans] Write-up of the "Strict CT" variant Ryan Sleevi
- Re: [Trans] Write-up of the "Strict CT" variant Phillip Hallam-Baker
- Re: [Trans] Write-up of the "Strict CT" variant Watson Ladd