[Trans] Proving certificate freshness
David Leon Gil <coruus@gmail.com> Wed, 01 October 2014 03:57 UTC
Return-Path: <coruus@gmail.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF7BB1A00EC for <trans@ietfa.amsl.com>; Tue, 30 Sep 2014 20:57:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.4
X-Spam-Level:
X-Spam-Status: No, score=-1.4 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, J_CHICKENPOX_34=0.6, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k0DMDvF-4BJ3 for <trans@ietfa.amsl.com>; Tue, 30 Sep 2014 20:57:16 -0700 (PDT)
Received: from mail-la0-x22f.google.com (mail-la0-x22f.google.com [IPv6:2a00:1450:4010:c03::22f]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A98F11A00F0 for <trans@ietf.org>; Tue, 30 Sep 2014 20:57:15 -0700 (PDT)
Received: by mail-la0-f47.google.com with SMTP id pv20so208023lab.20 for <trans@ietf.org>; Tue, 30 Sep 2014 20:57:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to:content-type; bh=lTN6tPw0EmVL3HbtF/TscuneDhrBRLNlvqQFHlSdr8g=; b=QE2rnfkhdXfVai2unwkRsDE+eSL0KsVIULxxZBYRY4Iv60Pd6KTKXyzlQl3hE1X+IC 7U6hfJ0pdudeftwZbRpO/0MiZYnV4cgt3GPiSsEupqQ/N4VnlR+3h2k6yBJs1+Gq8RhT m94NUQEVKfkLi8xBR8OFDXOe+8dHOsD8roeWVDxPwhgQrEj95PR9ffI8MiNTMINnL6iG GHya/lg41xTBOWKrmE9YNrYDsmRXbpH7YDZf+m6asul9iBokBsIKKUkSrEkARImwOMxn kehsTt+aK0HKa6h8MmBlwOjrrFRDp6gNQ3QpcXDGNGtiVJkqHSGYNSx9viNFdjyT07z9 ITcQ==
X-Received: by 10.112.78.38 with SMTP id y6mr14999694lbw.94.1412135833986; Tue, 30 Sep 2014 20:57:13 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.25.218.145 with HTTP; Tue, 30 Sep 2014 20:56:53 -0700 (PDT)
From: David Leon Gil <coruus@gmail.com>
Date: Tue, 30 Sep 2014 23:56:53 -0400
Message-ID: <CAA7UWsXpTzMgrDNo73cB5U_Q3wS2xDsGpws-4njXqEDJm-TG3A@mail.gmail.com>
To: "trans@ietf.org" <trans@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/C47S7pHWpBel-3iO1cH9o4QKqjo
Subject: [Trans] Proving certificate freshness
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Oct 2014 03:57:17 -0000
Something that is rather difficult to prove, at present, is that a
certificate has been used after it has expired or been revoked.
If servers were required to include a signature over a recent STH (or
STH+OCSP staple) along with their SCT, this would provide an easy way
of showing that a *server* was behaving incorrectly. E.g., as a TLS
extension:
struct {
STH;
sign(SignedCertificateTimestamp || OCSP || STH);
} FreshnessProof;
This seems rather better than signing a timestamp; the STH isn't
predictable without a colluding log, so it isn't possible to
"accidentally" sign a future time.
Any thoughts?
- [Trans] Proving certificate freshness David Leon Gil
- Re: [Trans] Proving certificate freshness Daniel Kahn Gillmor
- Re: [Trans] Proving certificate freshness Ben Laurie
- Re: [Trans] Proving certificate freshness Ben Laurie
- Re: [Trans] Proving certificate freshness David Leon Gil
- Re: [Trans] Proving certificate freshness Ben Laurie