Re: [Trans] AIA/cRL for logged certificates
Ben Laurie <benl@google.com> Fri, 27 March 2015 12:47 UTC
Return-Path: <benl@google.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 065BC1ACDA8 for <trans@ietfa.amsl.com>; Fri, 27 Mar 2015 05:47:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.388
X-Spam-Level:
X-Spam-Status: No, score=-1.388 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7fUJaFaJ-sm9 for <trans@ietfa.amsl.com>; Fri, 27 Mar 2015 05:47:44 -0700 (PDT)
Received: from mail-qc0-x233.google.com (mail-qc0-x233.google.com [IPv6:2607:f8b0:400d:c01::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A49531ACD95 for <trans@ietf.org>; Fri, 27 Mar 2015 05:47:44 -0700 (PDT)
Received: by qcay5 with SMTP id y5so15038305qca.1 for <trans@ietf.org>; Fri, 27 Mar 2015 05:47:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=nYTshOSwMpYsKRhYWF/W/D4sz8m09O+yvwCK76KKwUE=; b=FAPOUzgPIcDKAa5a+33FVo/cAlzUR0FXjI4MWMZ4zOA0GuewBFtlehJnmJyFOaNJEa FL7pAZzlL7X0rNXxGCwucNj6sx2sD5jfopnQ6RCKOwOw5Iw3aI5qqUHcuIMhmuefe7lj LG2QguyfKNkVfnxXJ7iLCu8jFPTVYkjfvwz2Q9HtA9uf5xnkfBeg8feIclWfgXdtqF0C /TPHB9BcO6isxd3tGe3fLs5QnWZ8AMrV8iydGYx7kx9bpxx4sp1Td7h5bB5okqHo9QKl vu0cdWoOZVleE6DcOsp+cm/DFizgfdav33GMiJIYNAGuLAahxX5dGQ55E8yzNe915JqE ip/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=nYTshOSwMpYsKRhYWF/W/D4sz8m09O+yvwCK76KKwUE=; b=lL8I15aa1qD9ijpw4kkPpbsL6KsV4dxOlkGsS9q3c77M8F3NoRcySlQ9+qGLF1Tl8W BMpNNH3onRKm1/ZTv79skkHT72c/TaGRWK9O5sj9+7iW6SPcI4xD+CJErhAdk3fIHhdA x3AeataQRZA5gyH7lwm1EltntaSvFSiasJ6cDn+y1zvL7aJMSdZlNEfbuwXCm+RvXyyO z7+z8C7+GcWM9g+SDqIY0IPvxYcFOYnF6AtYQQXbVw2Flp98r23KxRaVS/+ymZMuSoxn HkgC9JFkyRBoINs3hnHyYIGYYSKVPhELgM/qKD6F58NmC5JTcTym9MEuab8OtYLjBUCD 0iKg==
X-Gm-Message-State: ALoCoQl+Xo1Zlmmf7289dSIS3dO98EcP1pRi5/BWJRydNTVTycmdiRzJJliaUYbQqFyTHl6Pf2lx
MIME-Version: 1.0
X-Received: by 10.55.52.83 with SMTP id b80mr39670688qka.36.1427460463843; Fri, 27 Mar 2015 05:47:43 -0700 (PDT)
Received: by 10.229.209.3 with HTTP; Fri, 27 Mar 2015 05:47:43 -0700 (PDT)
In-Reply-To: <CALzYgEcS8DuqbcPKZRbn1DC2hpSX9WM-NnQf7dkvx_V-jL+QMQ@mail.gmail.com>
References: <CALzYgEcS8DuqbcPKZRbn1DC2hpSX9WM-NnQf7dkvx_V-jL+QMQ@mail.gmail.com>
Date: Fri, 27 Mar 2015 12:47:43 +0000
Message-ID: <CABrd9SQ1FXEVrLXS-fOHRYpsShX3R-ByBo8E3qxhkoOBMQZY5g@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: Eran Messeri <eranm@google.com>
Content-Type: multipart/alternative; boundary="001a11490774e0f6cd05124489b3"
Archived-At: <http://mailarchive.ietf.org/arch/msg/trans/GAYuSXTUbBATkDrTwCMrcLiuYcM>
Cc: "trans@ietf.org" <trans@ietf.org>
Subject: Re: [Trans] AIA/cRL for logged certificates
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Mar 2015 12:47:46 -0000
On 27 March 2015 at 12:45, Eran Messeri <eranm@google.com> wrote: > I'd like to get opinions from the list on solutions to the following > problem, which Ben originally pointed out. It applies to Precertificates > currently, but would apply to X.509 certificates if ticket #4 is accepted. > > An "undesirable" certificate is issued and logged (without including > Authority Information Access / CRL distribution point) and upon discovery > is revoked - the CRL distribution point in the issuer or one of the > intermediate certs will list it as revoked. > That certificate would be signed a second time with the same issuer key, > but not logged a second time (as the SCT produced for the first certificate > is valid for the second one). When it is served, it is served together with > a chain that is different than the one logged, and the issuer or > intermediates in this chain point to a different AIA/CRL that does *not* > show list this certificate as revoked (The implied assumption is that the > attacker controls the private key of the issuer). > > Implication: A client believes it has a legitimate certificate by > validating the SCT and performing an online revocation check. > > Potential mitigations: > - Require that the client only use the AIA/CRL distribution point from the > chain logged in the CT log (which forces the client to fetch it online, > before completing the connection). > Then its not a potential mitigation! > - Require the presence of AIA/CRL distribution point in the end-entity > certificate. > > Any other suggestions? > Eran > > _______________________________________________ > Trans mailing list > Trans@ietf.org > https://www.ietf.org/mailman/listinfo/trans > >
- [Trans] AIA/cRL for logged certificates Eran Messeri
- Re: [Trans] AIA/cRL for logged certificates Ben Laurie
- Re: [Trans] AIA/cRL for logged certificates Carl Wallace
- Re: [Trans] AIA/cRL for logged certificates Rob Stradling