Re: [Trans] Proving certificate freshness
Ben Laurie <benl@google.com> Wed, 01 October 2014 14:08 UTC
Return-Path: <benl@google.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A51C81ACDB3 for <trans@ietfa.amsl.com>; Wed, 1 Oct 2014 07:08:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.266
X-Spam-Level:
X-Spam-Status: No, score=-0.266 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, RP_MATCHES_RCVD=-0.786, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0v3WFpR4-q4s for <trans@ietfa.amsl.com>; Wed, 1 Oct 2014 07:08:38 -0700 (PDT)
Received: from mail-qc0-x22c.google.com (mail-qc0-x22c.google.com [IPv6:2607:f8b0:400d:c01::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 897201A19FF for <trans@ietf.org>; Wed, 1 Oct 2014 07:08:38 -0700 (PDT)
Received: by mail-qc0-f172.google.com with SMTP id o8so329558qcw.3 for <trans@ietf.org>; Wed, 01 Oct 2014 07:08:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=WmSGxjqPOeWQ0Mc7B0kWy8KU1PggqxjU3mz5q15wmu8=; b=VZFKOrsc03zMYIqBhT6TEh1wvcLqOqLFvka9prztBonpp3lBQoaaKtIuD+LKlF+EA1 DfZLdfOcWa4XhwzKDG3lUetjyiOSu/vKUFIjl5sr4ZlKcCGbszS2LMsBqd/4qeGMvyUk 1WAJCutjORLIxo60fnXI/JaWuGGuWXOC+GxIR1B2czvidfws5da8LNpt9sT6wQSm7iHZ eIYJk6Hf3FS23bx8LTILUM3wEHlWLBeSL/l7LT19f8vANmPG8JE4jKNMAJpes4EBSxHx 6FZDmIhLCwhGdcRisF1j6pWEzuIBNWkn7oflHL2zn1+PGNGLfPVhJxY0GhqHEUK4pGpF HOAQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=WmSGxjqPOeWQ0Mc7B0kWy8KU1PggqxjU3mz5q15wmu8=; b=TchSFL1BoGVFvR6xbg2sCT/HoHtrUO5fReStv4mORLobHUDInJWeRA3LYseMOG+s5v WSZ2y8caI+J9OaCwN5z8xrPvsJ2JrQNe1BRf4WlADEUNPYmziIymCAv9AsR/RUh0g2Sl pmLPLLI4Zjf165koiUaMFJFb/mKZjEWBMx4Q5D9SWsBgOxK6Gj779xvB4M78dYuSWI6x IiNeVTq/laWH7UO/hyYGtQrwYtUCEbTOiClfYQ+M57V/lwnTfEqeiErNzSUC/TpqxXg2 ZF4AN2rEHkY8naPHWZ0VvJmSQpdzF+iMShDoxT6wBTD22yOCuAGdRCiA5m0iTKbTTfKu /05Q==
X-Gm-Message-State: ALoCoQn/xT5hoMhSXytFnZb7Lo6bfLBOGxDx2qoyJcC4jIkoy+BP1HzGtKfqDENn5siCDpzDnszB
MIME-Version: 1.0
X-Received: by 10.224.89.67 with SMTP id d3mr25086444qam.95.1412172517638; Wed, 01 Oct 2014 07:08:37 -0700 (PDT)
Received: by 10.229.247.198 with HTTP; Wed, 1 Oct 2014 07:08:37 -0700 (PDT)
In-Reply-To: <542C0587.3080702@fifthhorseman.net>
References: <CAA7UWsXpTzMgrDNo73cB5U_Q3wS2xDsGpws-4njXqEDJm-TG3A@mail.gmail.com> <542C0587.3080702@fifthhorseman.net>
Date: Wed, 01 Oct 2014 15:08:37 +0100
Message-ID: <CABrd9SQurpoFUmbDLXs4viSr=BHmFrFTMicDBSJ0HzBs_cU14A@mail.gmail.com>
From: Ben Laurie <benl@google.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/bvY0kDr_DK_j5vR2dyWDVdqQM00
Cc: "trans@ietf.org" <trans@ietf.org>
Subject: Re: [Trans] Proving certificate freshness
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Oct 2014 14:08:40 -0000
On 1 October 2014 14:45, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: > On 09/30/2014 11:56 PM, David Leon Gil wrote: >> Something that is rather difficult to prove, at present, is that a >> certificate has been used after it has expired or been revoked. > > To be clear, this is a concern because it's otherwise possible to claim > abuse of a revoked/expired cert without being able to substantiate the > claim. > > That makes reports of cert misuse less trustworthy, which makes it > harder to act on them. > > However, CT is designed to detect (and hopefully deter) misissuance, not > misuse. Is this scope creep? It doesn't require anything from CT, though, so not really scope creep for CT itself. That said, clearly an append-only log can be used for timestamping directly, so if people think this is a good idea, then it could be implemented using a log that, say, issues a timestamp for certs periodically - and you require from the server a reasonably fresh timestamp. However, if you're prepared to modify servers, then you might as well go the whole hog and implement revocation transparency, which would make it impossible to use a revoked certificate from some short-ish time after revocation. Outline protocol: server periodically goes to an RT server and gets proof of non-inclusion in the list of currently revoked certificates (this proof would use a verifiable map, as documented in http://www.links.org/files/RevocationTransparency.pdf - note that our current thinking on verifying maps is you have a CT-like log of state changes, which the verifiable map is required to be consistent with, rather than maintaining a log of root hashes as suggested in that paper).
- [Trans] Proving certificate freshness David Leon Gil
- Re: [Trans] Proving certificate freshness Daniel Kahn Gillmor
- Re: [Trans] Proving certificate freshness Ben Laurie
- Re: [Trans] Proving certificate freshness Ben Laurie
- Re: [Trans] Proving certificate freshness David Leon Gil
- Re: [Trans] Proving certificate freshness Ben Laurie