Re: [Trans] Threat model outline, attack model

Tao Effect <contact@taoeffect.com> Sat, 27 September 2014 21:41 UTC

Return-Path: <contact@taoeffect.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CEC01A1A36 for <trans@ietfa.amsl.com>; Sat, 27 Sep 2014 14:41:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.334
X-Spam-Level:
X-Spam-Status: No, score=-1.334 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d_t4aAmW5QOb for <trans@ietfa.amsl.com>; Sat, 27 Sep 2014 14:41:38 -0700 (PDT)
Received: from homiemail-a38.g.dreamhost.com (homie.mail.dreamhost.com [208.97.132.208]) by ietfa.amsl.com (Postfix) with ESMTP id A39DD1A19F3 for <trans@ietf.org>; Sat, 27 Sep 2014 14:41:38 -0700 (PDT)
Received: from homiemail-a38.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a38.g.dreamhost.com (Postfix) with ESMTP id 779EA10AFC2; Sat, 27 Sep 2014 14:41:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=taoeffect.com; h= content-type:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; s=taoeffect.com; bh=Df+wR3Nmdh0XRIENO E4UjRgNntg=; b=vXMsf2mGNr/5goo520uEbdziibpUFEwIU2aInJX+lG/GZzdXI eGhQ9wjsPhV6/s5UoFWNZnBPV7Qs4cdjnfRELnWGWSIwTAHMVekk19KpeRUKoIKW vatr0d9ul1Ful3Cq30yh9rW9cvIpqseHNI7EH/MifpQsEWrPSLsdrwPtQw=
Received: from [192.168.42.78] (50-0-138-93.dsl.dynamic.sonic.net [50.0.138.93]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: contact@taoeffect.com) by homiemail-a38.g.dreamhost.com (Postfix) with ESMTPSA id 12CA210AFA5; Sat, 27 Sep 2014 14:41:37 -0700 (PDT)
Content-Type: multipart/signed; boundary="Apple-Mail=_AA12B2A8-F388-4B38-8F15-DBCB61D54144"; protocol="application/pgp-signature"; micalg=pgp-sha512
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
X-Pgp-Agent: GPGMail 2.1 (f76fd85)
From: Tao Effect <contact@taoeffect.com>
In-Reply-To: <20140927211940.GP28050@hezmatt.org>
Date: Sat, 27 Sep 2014 14:41:37 -0700
X-Mao-Original-Outgoing-Id: 433546897.093378-d54cc675d5e207973be496ff53880ba6
Message-Id: <FDC8E60C-4CB4-447D-8562-FDB7B755B0B4@taoeffect.com>
References: <54173589.3000404@bbn.com> <CABrd9SRShqm1r-2ajbqD5w1s686ciyjcEvywsXZaapgmi57NsA@mail.gmail.com> <54242F8A.2080602@bbn.com> <CABrd9SSwAdv-mAgofNT6bMWky7q=bZhAaX=L4gZUQDkROQ-3ZA@mail.gmail.com> <54258AF0.7090602@bbn.com> <4842B04F-A058-4F3C-9DA3-F29735EC7570@taoeffect.com> <alpine.LFD.2.10.1409262236210.27616@bofh.nohats.ca> <FC4A18E2-A42C-472F-B9FE-2278BB5A0BBA@taoeffect.com> <CABrd9SQBuQO1wrv7s06aT-GGyeWmu2sFzJrH6a+t81aq-dei+w@mail.gmail.com> <77D4B290-D2C8-44D7-AF84-A0A1B91B9557@taoeffect.com> <20140927211940.GP28050@hezmatt.org>
To: Matt Palmer <mpalmer@hezmatt.org>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/Uziu1w0VARfAjkjWLnQ1xA1ua4k
Cc: trans@ietf.org
Subject: Re: [Trans] Threat model outline, attack model
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Sep 2014 21:41:40 -0000

On Sep 27, 2014, at 2:19 PM, Matt Palmer <mpalmer@hezmatt.org> wrote:

> On Sat, Sep 27, 2014 at 09:58:56AM -0700, Tao Effect wrote:
>> "No barrier"? Subjects (domain owners) would need to monitor *all* the logs out there.
>> 
>> There will be like 1000+ logs out there.
> 
> "Citation needed", as the Wikipedeans say.  I'm not sure how you could
> possibly come to that conclusion.

I am citing your own documentation:

"we think “every major CA” is within limits of feasibility"

http://www.certificate-transparency.org/faq

And using Jacob's numbers from here:

http://www.ietf.org/mail-archive/web/therightkey/current/msg00745.html

> Please also see these estimates which are even higher:
> 
> https://zakird.com/slides/durumeric-https-imc13.pdf
> 
> "Identified 1,832 CA certificates  belonging to 683 organizations"
> "311 (45%) of the organizations were provided certificates by
> German National Research and Education Network (DFN) "
> 
> http://link.springer.com/chapter/10.1007%2F978-3-642-39884-1_28
> 
> "More than 1200 root and intermediate CAs can currently sign
> certificates for any domain and be trusted by popular browsers."
Now, should the number be less than 1000, it will still be in the hundreds, and that is still impractical for Monitors to provide any sort of a useful service to most website owners.

Not to mention that it does nothing to help with gossiping clients, they will still be MITM attacked, and they will likely not notice it for the aforementioned reasons.

Kind regards,
Greg Slepak

--
Please do not email me anything that you are not comfortable also sharing with the NSA.




--
Please do not email me anything that you are not comfortable also sharing with the NSA.