IETF Logo Mail Archive

Re: [Trans] AD Review: draft-ietf-trans-gossip-04

Tom Ritter <tom@ritter.vg> Wed, 08 November 2017 21:24 UTC

Return-Path: <tom@ritter.vg>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 24C1B124BFA for <trans@ietfa.amsl.com>; Wed, 8 Nov 2017 13:24:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ritter.vg
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UOo2PhzQdVdK for <trans@ietfa.amsl.com>; Wed, 8 Nov 2017 13:24:50 -0800 (PST)
Received: from mail-qt0-x22b.google.com (mail-qt0-x22b.google.com [IPv6:2607:f8b0:400d:c0d::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D528126DEE for <trans@ietf.org>; Wed, 8 Nov 2017 13:24:50 -0800 (PST)
Received: by mail-qt0-x22b.google.com with SMTP id f8so5217136qta.5 for <trans@ietf.org>; Wed, 08 Nov 2017 13:24:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ritter.vg; s=vg; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=HoDAFZSFV8audVn0p7hN280JnNEOLm98zCXFn2pB4FY=; b=u6G5Xq5Wu/Iw2EVbnJMhyTMj+uUlUcc/mX/6G68ec0qdqJrVXZLPItXDlSXiliGoq2 bOoqcesdRMV7tfiHmkQ3+l07GA+7EetWYqPUxR753DpZcrO6EES0L/PBJIgKldAV6JQM ExHiD3mKaYiY0QS7LDWetrif9IPMyHgOl9rdo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=HoDAFZSFV8audVn0p7hN280JnNEOLm98zCXFn2pB4FY=; b=bFqm2aw79LYWr5vjTHY+SlHgP/viTCJgck5Q/WgaiQDxX6gXb6diMGf4gYxBwO46AB VwYUXvLoDoqKev8/z7ly4n4e4DnooXQZVopfNoyH75PRIVcqYk3jsbxyGvY3e4Wwl3xy h2FdSZDGxt2daQMBZGQ5/2W7uMN57A0NOjcFTS2IxOyJhqACaO+kG3SPIUR424moiQBI RJHxrSvAWCfx61ICFkJJz/n8leaXgtIOPEdl//Q65m0iAnWtaJITDXtFgqQs3OCyD4eg ZCvoq6Sh34LayqdtyuckqGvvopIhwvaQyFpZ8HAess4IgMvn/41XvP/4v8LlpfXeaYb6 I0Og==
X-Gm-Message-State: AJaThX6ipnoAPWieaGasJ+SQLmYgFy+tUmw44aYTZg3JfjYVq1uYbfrI BoxgqZcm4BUQclOVu0BhmqLu4OJ9vn2MspiKTU82uQ==
X-Google-Smtp-Source: AGs4zMYCVR5H0VXaFYT/Wvpby7XSLEj+huoz6FrWTXQlpd6pFmJwz6ftzqx3ta5KNyh9azbY1we98ifOPF19aTBV71k=
X-Received: by 10.200.22.168 with SMTP id r37mr2983443qtj.21.1510176289093; Wed, 08 Nov 2017 13:24:49 -0800 (PST)
MIME-Version: 1.0
Received: by 10.140.108.53 with HTTP; Wed, 8 Nov 2017 13:24:28 -0800 (PST)
In-Reply-To: <CAL02cgSyB4bdjJs=iGsQFmuwPZoQTTjhrwu=ivL5rBB7EWOjNw@mail.gmail.com>
References: <CABcZeBM6=26ojcoMfkq5205z7UvCSQuhkg0PrR2_bjP-ps7W0g@mail.gmail.com> <CAL02cgSyB4bdjJs=iGsQFmuwPZoQTTjhrwu=ivL5rBB7EWOjNw@mail.gmail.com>
From: Tom Ritter <tom@ritter.vg>
Date: Wed, 08 Nov 2017 15:24:28 -0600
Message-ID: <CA+cU71n2egvMpi_CdLpnFxPx1coFdV9dF2Zh9H0Y17qB4ZwOhA@mail.gmail.com>
To: Richard Barnes <rlb@ipv.sx>
Cc: Eric Rescorla <ekr@rtfm.com>, Trans <trans@ietf.org>, draft-ietf-trans-gossip@tools.ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/AktbyKnPQUveUvXjxhE8-Utuw64>
Subject: Re: [Trans] AD Review: draft-ietf-trans-gossip-04
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Nov 2017 21:24:52 -0000

We reviewed ekr's and Richard's feedback; thanks for the detailed review.

For all (or nearly all) of the non-important issues we believe we can
make appropriate changes or address the concerns adequately. We're not
sending those right now, just to avoid a deluge of words and things to
review on the list.

For the important items:

    IMPORTANT: I don't understand what this means from an HTTP perspective...

We believe we can explain this adequately along with the non-important items.

    IMPORTANT: Neither of these mechanisms is generally usable, so I
don't think this SHOULD is reasonable...

This is a fair point. We suggest the following changes and hope they
will address this concern

Change from 'A client SHOULD perform proof fetching' to 'A client
SHOULD attempt proof fetching'

Additionally, we would integrate two new points regarding DNS:
1) The UA should first probe and learn if the network supports these DNS queries
2) If the network does not support these DNS queries then periodically
re-probe and if it does eventually support it, you can go through your
backlog.

We'd also mention the Tor option further up as it is a simple solution
from the POV of this draft, although most browsers haven't deployed it
for being a more difficult solution technically.


    IMPORTANT: This seems like kind of a dealbreaker...

Yes. We think our wording is incorrect and that leads to your comment.
We would like to suggest how we would change the wording and see if
you have the same assessment.

   If SCT Feedback is not deployed by a webserver, malicious logs will
   be able to attack all users of the webserver (who do not have a
   Trusted Auditor relationship) with impunity.

This is not true. It assumes an auditor cannot recognize a log
partition that is perpetuated by an actively malicious log. In
actuality, an auditor can (and should) be able to recognize that it
has recent STHs that can't be resolved via a consistency proof and
recognize that situation is perpetuating and is bad. If an auditor can
do that, malicious logs _can_ be detected via STH Pollination
(assuming Proof Fetching occurs) - making the document incorrect.

What is true:

   If SCT Feedback is not deployed by a webserver, the webserver may
never learn that it was the target of an attack.

The auditors would learn that the log was malicious but not what
domain names it attacked.

We would change the document to reflect the true statement, and update
various mentions and phrases to adequately convey that SCT Feedback is
necessary to learn _who_ is attacked by a malicious log, but not
necessary to learn that a particular log _is_ malicious and has
performed an attack so long as STH Pollination and Proof Fetching
occurs.

    IMPORTANT: This algorithm does not terminate...
    IMPORTANT: state that rand() has to be a CSPRNG.

You're correct, we can fix these easily enough.

    IMPORTANT: This algorithm has terrible performance...

Also correct. We'd be happy to review a suggestion that improves
performance, but I'm nervous about shuffling algorithms. In general,
we can add a note about more carefully considering these cases during
implementation when MAX_XXX_RECORDS_TO_GOSSIP is large.



With regards to Richard's suggestions: we intend to rev the doc to
address all of the minor and major issues as adequately as we can. We
aren't very excited about refactoring the document entirely though. If
the group thinks it's valuable mostly as-is, we'd be happy to see it
published. If the WG thinks it would be better to refactor it, strip
out major components and so on - we think that'd be a valuable effort
and would be happy to comment and provide feedback.

-tom

v2.23.0 | Report a Bug | By Email