[Trans] CT "Lite" idea (was Re: Call for adoption, draft-linus-trans-gossip-ct)
Rob Stradling <rob.stradling@comodo.com> Fri, 14 August 2015 14:57 UTC
Return-Path: <rob.stradling@comodo.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1F7821A8A3B for <trans@ietfa.amsl.com>; Fri, 14 Aug 2015 07:57:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_40=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i6BndLmiICPU for <trans@ietfa.amsl.com>; Fri, 14 Aug 2015 07:57:46 -0700 (PDT)
Received: from mmextmx1.mcr.colo.comodoca.net (mmextmx1.mcr.colo.comodoca.net [IPv6:2a02:1788:402:c00::c0a8:9cd5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 612781A8A1E for <trans@ietf.org>; Fri, 14 Aug 2015 07:57:46 -0700 (PDT)
Received: (qmail 1042 invoked by uid 1004); 14 Aug 2015 14:57:44 -0000
Received: from ian.brad.office.comodo.net (HELO ian.brad.office.comodo.net) (192.168.0.202) by mmextmx1.mcr.colo.comodoca.net (qpsmtpd/0.84) with ESMTP; Fri, 14 Aug 2015 15:57:44 +0100
Received: (qmail 3299 invoked by uid 1000); 14 Aug 2015 14:57:44 -0000
Received: from and0004.comodo.net (HELO [192.168.0.58]) (192.168.0.58) (smtp-auth username rob, mechanism plain) by ian.brad.office.comodo.net (qpsmtpd/0.40) with (AES128-SHA encrypted) ESMTPSA; Fri, 14 Aug 2015 15:57:44 +0100
From: Rob Stradling <rob.stradling@comodo.com>
To: "trans@ietf.org" <trans@ietf.org>
References: <mailman.3884.1437667800.3631.trans@ietf.org><6E6EF479-66BE-4EBE-956C-22009BCED863@gmail.com><CABrd9SRG-SQtADhS=hee_Zf4vzMETyZOYtqg5Xp82Dq70C0puQ@mail.gmail.com><7BE2DAF1-6D52-4E6C-A00D-0F91B74B5028@gmail.com><CA+cU71mQK79=dVOOq14fOtG_QdeEUujRNbLN0y+0RchCOvOW6w@mail.gmail.com><F6F1FBBD-2471-4A66-A475-7B2F0B2C47A9@gmail.com> <CABrd9SQ2jOVyjB9aMiphVQMaZeyuC+5bhw9hDKz6kSET6xFUeQ@mail.gmail.com>
Message-ID: <55CE01E8.2050604@comodo.com>
Date: Fri, 14 Aug 2015 15:57:44 +0100
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:38.0) Gecko/20100101 Thunderbird/38.1.0
MIME-Version: 1.0
In-Reply-To: <CABrd9SQ2jOVyjB9aMiphVQMaZeyuC+5bhw9hDKz6kSET6xFUeQ@mail.gmail.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/trans/Fju0xMtfc_a14jGD3tTQuLa2aHo>
Subject: [Trans] CT "Lite" idea (was Re: Call for adoption, draft-linus-trans-gossip-ct)
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Aug 2015 14:57:49 -0000
On 10/08/15 11:28, Ben Laurie wrote: > On Sat, 8 Aug 2015 at 17:56 Bryan Ford <brynosaurus@gmail.com > <mailto:brynosaurus@gmail.com>> wrote: <snip> >> Out of curiosity, has anyone floated or elaborated on the idea of what >> CT would look like if simplified not to rely on SCTs at all? > > I believe I already mentioned that the original plan was to use > inclusion proofs, not SCTs. CAs did not like the consequent delay in > certificate issuance. Gossip seeks to strengthen CT, whereas the following idea proposes a weaker form of CT that could be much easier to deploy in the short-term. This could form part of an incremental deployment strategy towards "full" CT. PROBLEM The long-term goal is for TLS clients to be able to abort TLS handshakes if an insufficient number of valid SCTs (or inclusion proofs - see TRAC ticket #10) are provided. To achieve this goal, we will need the vast majority of the TLS servers on the planet to be upgraded and/or the vast majority of the CAs on the planet to embed SCTs in certs and/or OCSP responses. This could take years! While we wait... IDEA When a TLS server sends a cert accompanied by zero SCTs / inclusion proofs, let the TLS client attempt to fetch and verify an inclusion proof (from each known log?) for each certificate encountered. (This would require a new log API for looking up an inclusion proof by certificate hash). There are 3 possible outcomes: 1. If the TLS client obtains a valid inclusion proof, then all is well. 2. If the TLS client can't obtain any responses from any logs, it should act as if all is well (i.e. soft-fail). 3. If the TLS client receives responses from at least 1(?) log, indicating that there are zero inclusion proofs for the cert in question, it should flag the cert (to the browser vendor?) as potentially not logged. TLS clients could start behaving this way sooner rather than later, since the only prerequisite is that each cert must be logged. (And of course adding a cert to a log is something that can be done by the CA, the domain owner, or indeed anyone else that encounters the cert). If CAs are required (by browser root inclusion policies) to log all certs they issue, then any evidence of certs not being logged would prove CA misbehaviour. Ideally the "there are zero inclusion proofs for this cert" response from the log would be signed by the log, so that it's possible for anyone who has a valid and sufficiently old SCT for that cert to prove log misbehaviour. If there are a large number of logs, it might be impractical for TLS clients to try to fetch inclusion proofs from all of them, so there might need to be some sort of mechanism for figuring out which subset of logs should be checked. No doubt there are rough edges in this initial proposal, but is this idea worth pursuing? Or do folks feel that pursuing this idea would be too much of a distraction, and that we should instead focus on the long-term goal of getting "full" CT specified and deployed? -- Rob Stradling Senior Research & Development Scientist COMODO - Creating Trust Online
- [Trans] Call for adoption, draft-linus-trans-goss… Melinda Shore
- Re: [Trans] Call for adoption, draft-linus-trans-… Salz, Rich
- Re: [Trans] Call for adoption, draft-linus-trans-… Eran Messeri
- Re: [Trans] Call for adoption, draft-linus-trans-… Rob Stradling
- Re: [Trans] Call for adoption, draft-linus-trans-… Bryan Ford
- Re: [Trans] Call for adoption, draft-linus-trans-… Dmitry Belyavsky
- Re: [Trans] Call for adoption, draft-linus-trans-… Ben Laurie
- Re: [Trans] Call for adoption, draft-linus-trans-… Rob Stradling
- Re: [Trans] Call for adoption, draft-linus-trans-… Tom Ritter
- [Trans] Fwd: Call for adoption, draft-linus-trans… Melinda Shore
- Re: [Trans] Fwd: Call for adoption, draft-linus-t… Salz, Rich
- Re: [Trans] Fwd: Call for adoption, draft-linus-t… Tim Wicinski
- Re: [Trans] Fwd: Call for adoption, draft-linus-t… Leif Johansson
- Re: [Trans] Call for adoption, draft-linus-trans-… Bryan Ford
- Re: [Trans] Call for adoption, draft-linus-trans-… Ben Laurie
- Re: [Trans] Call for adoption, draft-linus-trans-… Tom Ritter
- Re: [Trans] Call for adoption, draft-linus-trans-… Karen Seo
- Re: [Trans] Call for adoption, draft-linus-trans-… Bryan Ford
- Re: [Trans] Call for adoption, draft-linus-trans-… Bryan Ford
- Re: [Trans] Call for adoption, draft-linus-trans-… Ben Laurie
- Re: [Trans] Call for adoption, draft-linus-trans-… Ben Laurie
- Re: [Trans] Call for adoption, draft-linus-trans-… Rob Stradling
- Re: [Trans] Call for adoption, draft-linus-trans-… Tom Ritter
- [Trans] CT "Lite" idea (was Re: Call for adoption… Rob Stradling
- Re: [Trans] Call for adoption, draft-linus-trans-… Ben Laurie
- Re: [Trans] Call for adoption, draft-linus-trans-… Bryan Ford
- Re: [Trans] Call for adoption, draft-linus-trans-… Ben Laurie
- Re: [Trans] Call for adoption, draft-linus-trans-… Bryan Ford
- Re: [Trans] Call for adoption, draft-linus-trans-… Ben Laurie