Re: [Trans] Question regarding new gossip protocols [Was: Certificate transparency on blockchains]

paul@nohats.ca Fri, 27 March 2015 22:37 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D27D61A024E for <trans@ietfa.amsl.com>; Fri, 27 Mar 2015 15:37:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.11
X-Spam-Level:
X-Spam-Status: No, score=-1.11 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_ALL=0.8, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jcI7BQDlH34T for <trans@ietfa.amsl.com>; Fri, 27 Mar 2015 15:37:01 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A62561A0222 for <trans@ietf.org>; Fri, 27 Mar 2015 15:37:01 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3lDJ2g1jHtzJsN for <trans@ietf.org>; Fri, 27 Mar 2015 23:36:59 +0100 (CET)
X-OPENPGPKEY: Message passed unmodified
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id vDwBT9nhn70i for <trans@ietf.org>; Fri, 27 Mar 2015 23:36:57 +0100 (CET)
Received: from ns0.nohats.ca (ns0.nohats.ca [IPv6:2a03:6000:1004:1::102]) by mx.nohats.ca (Postfix) with ESMTP for <trans@ietf.org>; Fri, 27 Mar 2015 23:36:57 +0100 (CET)
Received: by ns0.nohats.ca (Postfix, from userid 500) id 09E353F7F0; Fri, 27 Mar 2015 18:36:57 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by ns0.nohats.ca (Postfix) with ESMTP id 01FF03F44A for <trans@ietf.org>; Fri, 27 Mar 2015 18:36:57 -0400 (EDT)
Date: Fri, 27 Mar 2015 18:36:56 -0400 (EDT)
From: paul@nohats.ca
To: "trans@ietf.org" <trans@ietf.org>
In-Reply-To: <EAFF927A-E95B-4D5E-A631-E7209725AF18@taoeffect.com>
Message-ID: <alpine.LRH.2.11.1503271833020.6671@ns0.nohats.ca>
References: <007F2B41-C78E-4332-8206-7E4CB27A638B@kinostudios.com> <alpine.LFD.2.10.1503252231110.16175@bofh.nohats.ca> <2A773227-61C8-4196-8AFF-EC288A8AF150@kinostudios.com> <CA+cU71=7G5ZJMx3Vy+gXN00JpB61_6C+DLQRyCS=Hcq3vLR-Sg@mail.gmail.com> <CE157D3A-079C-4B09-B138-C21FD9D1FB03@taoeffect.com> <BAD439C7-60C8-44D4-89F9-AC6E5613A5EA@taoeffect.com> <CADqLbz+8br-F3CJEgTj8K3HmaGdNKfjCSeDtWrDmySmohhjXkw@mail.gmail.com> <alpine.LRH.2.11.1503271517430.14223@ns0.nohats.ca> <EAFF927A-E95B-4D5E-A631-E7209725AF18@taoeffect.com>
User-Agent: Alpine 2.11 (LRH 23 2013-08-11)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 8BIT
Archived-At: <http://mailarchive.ietf.org/arch/msg/trans/dY-41-OtHdagx-7-S9DWD3lIZdU>
Subject: Re: [Trans] Question regarding new gossip protocols [Was: Certificate transparency on blockchains]
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Mar 2015 22:37:03 -0000

On Fri, 27 Mar 2015, Tao Effect wrote:

> To illustrate:
> 
> A = server's real certificate
> B = malicious MITM certificate
> 
> T1. Client receives A.
> T2. Client receives B, sends back A.
> T3. MITM pretends to leave, sends A. Client sends B.

T3 cannot happen. The draft states:

    SCTs and corresponding certificates are POSTed to the originating
    HTTPS server at the well-known URL:

    https://<domain>/.well-known/ct/v1/sct-feedback

This means you must have a valid TLS connection to send the data. As
long as the attacker does not have the private key of the attacked
web server, this cannot happen.

> So, my question is: does your document properly take that into account and state that the data sent in 3.1.3 *must* be sent after a
> fully encrypted TLS connection has been established?

Yes, but I'm sure the authors would love to received improved text for
this section of the document.

> P.S. FYI Paul, any time I CC your email I get a bounced "Undelivered Mail" response:
>
>       Final-Recipient: rfc822; cypherpunks@nohats.ca
> Original-Recipient: rfc822;paul@cypherpunks.ca
> Action: failed
> Status: 5.1.1
> Remote-MTA: dns; 193.110.157.102
> Diagnostic-Code: smtp; 550 5.1.1 <cypherpunks@nohats.ca>;: Recipient address
>    rejected: User unknown in local recipient table

Sorry about that. I added an alias to fix it. (my home DSL is down so
mail is rerouted temporarily, and I'm far from home)

Paul