IETF Logo Mail Archive

Re: [Trans] updated definition and attack analysis text

Stephen Kent <kent@bbn.com> Fri, 03 October 2014 19:30 UTC

Return-Path: <kent@bbn.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 94F371A1A75 for <trans@ietfa.amsl.com>; Fri, 3 Oct 2014 12:30:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.986
X-Spam-Level:
X-Spam-Status: No, score=-4.986 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.786, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DNXVdBPS8iJM for <trans@ietfa.amsl.com>; Fri, 3 Oct 2014 12:30:53 -0700 (PDT)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.1.81]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AD4591A1A15 for <trans@ietf.org>; Fri, 3 Oct 2014 12:30:53 -0700 (PDT)
Received: from dommiel.bbn.com ([192.1.122.15]:60677 helo=comsec.home) by smtp.bbn.com with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1Xa8ZH-0000tU-B8 for trans@ietf.org; Fri, 03 Oct 2014 15:31:07 -0400
Message-ID: <542EF969.1020507@bbn.com>
Date: Fri, 03 Oct 2014 15:30:49 -0400
From: Stephen Kent <kent@bbn.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: "trans@ietf.org" <trans@ietf.org>
References: <542C3EFA.7010204@bbn.com> <4262AC0DB9856847A2D00EF817E8113923603B@scygexch10.cygnacom.com>
In-Reply-To: <4262AC0DB9856847A2D00EF817E8113923603B@scygexch10.cygnacom.com>
Content-Type: multipart/alternative; boundary="------------070607030509030206080702"
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/Dk6yZCSVnWOgSV5Qjkg8JwKcyVk
Subject: Re: [Trans] updated definition and attack analysis text
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Oct 2014 19:30:55 -0000

Santosh,
>
> Steve,
>
> Thanks.
>
> My primary concern with the analysis is that it does not discuss the 
> practicality  and resources and data required for the monitoring 
> activity.  It is quite possible that monitoring will not be done at 
> all or will miss things or will be ineffective leaving the benefit of 
> CT to largely as a deterrent as opposed to detection mechanism.  
> Threat analysis may wish to point that out with significant emphasis 
> since 6962 does not seem to emphasize this enough. I see CAs offering 
> to perform monitoring service, which will not detect problems if the 
> authorized CA or RA are compromised or have gone rogue.  In summary, 
> the last paragraph of the analysis may wish to point out the monitors 
> may require subjects to use secure means to provide a list of valid 
> certificates from time to time and for monitor to check the logs for 
> mis-issuance against this list.  6962 does not address the critical 
> aspect of monitoring from the perspective of checking that the 
> certificates are legitimate.
>
I'm happy to specific receive text to add to the analysis. I'll be 
updating it next week
to reflect the revised syntax checking anyway.  Also, I have completed 
an initial cut at
the EV cert syntax rules and pkan to issue a complete Appendix A version 
next week as well.

I agree that a CA that operates a log for itself, or a Monitor for its 
clients seems
questionable. When I think about Monitor services I look at what is 
available today for
address space monitoring. Companies monitor BGP advertisements, from 
open and proprietary
sources, looking for advertisements of prefixes that belong to client. 
If an advertised prefix
does not have the origin AS of the client, it's suspicious. The client 
is informed and can take
action, e.g., contacting the AS that is advertising itself as the origin 
of the client's prefix.
This works reasonable well, but it is a for profit activity, i.e., 
people pay to have their
prefixes monitored. If the designers of CT envision this as a likely 
deployment scenario for
CT, it ought to be mentioned.
>
> While just about everyone is against checking the certification path 
> and certificate, but if the goal is to secure Web PKI, to improve user 
> experience or at least protect less informed users from making bad 
> choices when a browser barfs, I would think checking certificate, 
> certification path, and even cipher suites including proper range for 
> RSA public exponent are good things.
>
I agree. Since I revised my proposal, so that even certs that fail 
syntactic validation are
logged, maybe we can revisit the path validation issue. One could 
imagine adding an error
code to an SCT that noted when the syntax is OK, but path validation 
fails, and why.
>
> On specifics of your analysis, on Note 2, I would think the CA may 
> wish to get the whole certificate to verify that the certificate was 
> issued by it by verifying the signature using its own public keys.
>
Good point. The log entry contains the cert, so it makes sense to 
provide that to the CA
what requesting that the cert be revoked.  I'll make that change.

Steve

v2.23.0 | Report a Bug | By Email