IETF Logo Mail Archive

Re: [Trans] responses to Ryan's detailed comments on draft-ietf-trans-threat-analysis-15

Benjamin Kaduk <kaduk@mit.edu> Fri, 28 September 2018 02:29 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E083130DD4 for <trans@ietfa.amsl.com>; Thu, 27 Sep 2018 19:29:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z_iI85rAFiiC for <trans@ietfa.amsl.com>; Thu, 27 Sep 2018 19:29:16 -0700 (PDT)
Received: from dmz-mailsec-scanner-1.mit.edu (dmz-mailsec-scanner-1.mit.edu [18.9.25.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A871A126F72 for <trans@ietf.org>; Thu, 27 Sep 2018 19:29:16 -0700 (PDT)
X-AuditID: 1209190c-58dff700000027c2-61-5bad91fb6afd
Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-1.mit.edu (Symantec Messaging Gateway) with SMTP id 2B.F9.10178.BF19DAB5; Thu, 27 Sep 2018 22:29:15 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-3.mit.edu (8.13.8/8.9.2) with ESMTP id w8S2TDX0003598; Thu, 27 Sep 2018 22:29:14 -0400
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id w8S2T9Cp010796 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 27 Sep 2018 22:29:12 -0400
Date: Thu, 27 Sep 2018 21:29:09 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: Ryan Sleevi <ryan-ietf@sleevi.com>
Cc: stephentkent@gmail.com, Trans <trans@ietf.org>
Message-ID: <20180928022909.GG24695@kduck.kaduk.org>
References: <071bd596-07ec-fe8a-861c-3ef181fec848@gmail.com> <CAErg=HEschK1K9UwS79uOPjgeCxVy4cEDHzhCQxpJrc3LxqNDQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAErg=HEschK1K9UwS79uOPjgeCxVy4cEDHzhCQxpJrc3LxqNDQ@mail.gmail.com>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrGIsWRmVeSWpSXmKPExsUixCmqrft74tpog2MTpCwm3Z/LaNG3qZ/F Yu3jiywOzB47Z91l91iy5CeTR/Pu3SwBzFFcNimpOZllqUX6dglcGfum9jMXzOSvWHvsKWsD 4ySeLkZODgkBE4mTy/+zdzFycQgJLGaS+Pp1BiOEs5FR4tevFawQzlUmiZlXlzOBtLAIqEoc a93NCmKzCahINHRfZgaxRQTUJB5OPwMWZxYwkmj8O4cRxBYWSJb4te8vmM0LtO7JmYfMEEOb GSXuL+tmhkgISpyc+YQFollL4sa/l0DLOIBsaYnl/zhAwpwCgRLnJv4Cmy8qoCyxt+8Q+wRG gVlIumch6Z6F0L2AkXkVo2xKbpVubmJmTnFqsm5xcmJeXmqRrqFebmaJXmpK6SZGcPBK8uxg PPPG6xCjAAejEg9vwqM10UKsiWXFlbmHGCU5mJREeR+2rY0W4kvKT6nMSCzOiC8qzUktPsQo wcGsJMK7rxoox5uSWFmVWpQPk5LmYFES553QsjhaSCA9sSQ1OzW1ILUIJivDwaEkwcsHjFIh waLU9NSKtMycEoQ0EwcnyHAeoOEPJ4AMLy5IzC3OTIfIn2JUlBLnnQaSEABJZJTmwfWCkotE 9v6aV4ziQK8I8+4DqeIBJia47ldAg5mABoscWAMyuCQRISXVwMiuyKdZH9tz5lJ69jpR7Z8u EWfdvR081h3nf3Apj8XwoWdZyuvY/Sv1ixYee8nxv915b4lyvV1KkGaVlqqw9g8zxtrw06cd 55T//WlnGrtGsfahTXex2FepgJmLuGdr3v615SfjJMHGB5a695ICXri9u3pJrKhg+oTkQ8/2 suo9nPb57N+ofCWW4oxEQy3mouJEANtJltMJAwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/E9mcTAP4dcJjmCi3Q8IfA557Y9w>
Subject: Re: [Trans] responses to Ryan's detailed comments on draft-ietf-trans-threat-analysis-15
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Sep 2018 02:29:18 -0000

On Tue, Sep 25, 2018 at 04:51:15PM -0400, Ryan Sleevi wrote:
> On Tue, Sep 25, 2018 at 2:42 PM Stephen Kent <stephentkent@gmail.com> wrote:
> 
> > This is problematic in that the assumption here is that CAs are the ones
> > performing the logging. Throughout the document, the description of CAs
> > performing logging ignores the ability of Subscribers and certificate
> > holders to perform the logging at their discretion, up to and including
> > seconds before performing the TLS handshake. As a consequence, it misses an
> > entire class of attacks that can arise when an inclusion proof for an SCT
> > can not be obtained to an STH, because the SCT is newer than the published
> > STH.
> >
> > I believe this is another instance of a compelling reason to re-evaluate
> > the ontology of attacks and to not attempt to classify them using a
> > hierarchy.
> >
> > Although 6962-bis does allow any entity to log a cert, the focus of the
> > doc is very much on CA-based logging, as evidenced by pre-cert logging. No
> > changes made.
> >
> 
> Thanks. I'll stop my analsysis at this point, as I think it fundamentally
> alters the subsequent conclusions that if we're not able to reach consensus
> on this point, it does not seem that there's much value on proceeding
> further. The entire analysis and threat model is undermined, in my view, to
> the point that it no longer accurately reflects 6962-bis as specified, but
> rather, an unspecified profile of it.

For what it's worth, I do not read 6962-bis as "very much being focused" on
CA-based logging.  Consider, for example, certificate subjects submitting
certificates to logs, something that is done without CA involvement and can
be done in response to (e.g.) Logs being distrusted or browsers increasing
the required number of SCTs.  It's unclear that CAs have as much incentive
as subjects to be responsive to changing events in this way.

-Ben

v2.23.0 | Report a Bug | By Email