Re: [Trans] Angle brackets in the PRIVATE option (Ticket #1)

Rob Stradling <rob.stradling@comodo.com> Mon, 31 March 2014 10:10 UTC

Return-Path: <rob.stradling@comodo.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA2DF1A0982 for <trans@ietfa.amsl.com>; Mon, 31 Mar 2014 03:10:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.168
X-Spam-Level:
X-Spam-Status: No, score=-2.168 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, GB_I_LETTER=-2, HELO_MISMATCH_NET=0.611, SPF_PASS=-0.001, URI_HEX=1.122] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bcLhcsg51V5H for <trans@ietfa.amsl.com>; Mon, 31 Mar 2014 03:10:46 -0700 (PDT)
Received: from ian.brad.office.comodo.net (eth5.brad-fw.brad.office.ccanet.co.uk [178.255.87.226]) by ietfa.amsl.com (Postfix) with ESMTP id 7A84D1A0838 for <trans@ietf.org>; Mon, 31 Mar 2014 03:10:45 -0700 (PDT)
Received: (qmail 6632 invoked by uid 1000); 31 Mar 2014 10:10:40 -0000
Received: from nigel.brad.office.comodo.net (HELO [192.168.0.58]) (192.168.0.58) (smtp-auth username rob, mechanism plain) by ian.brad.office.comodo.net (qpsmtpd/0.40) with (AES128-SHA encrypted) ESMTPSA; Mon, 31 Mar 2014 11:10:40 +0100
Message-ID: <53393F1F.6080005@comodo.com>
Date: Mon, 31 Mar 2014 11:10:39 +0100
From: Rob Stradling <rob.stradling@comodo.com>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: Peter Bowen <pzbowen@gmail.com>, Rick Andrews <Rick_Andrews@symantec.com>
References: <544B0DD62A64C1448B2DA253C011414607C85F3902@TUS1XCHEVSPIN33.SYMC.SYMANTEC.COM> <CAK6vND-NToUO3FgC-Tp-nykj-LYpDQE0AewJeF5oUHow6XSLSQ@mail.gmail.com>
In-Reply-To: <CAK6vND-NToUO3FgC-Tp-nykj-LYpDQE0AewJeF5oUHow6XSLSQ@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/nlqqsKriB-vz0DzUDHaK9LYx9V4
Cc: "trans@ietf.org" <trans@ietf.org>
Subject: Re: [Trans] Angle brackets in the PRIVATE option (Ticket #1)
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 31 Mar 2014 10:10:47 -0000

On 29/03/14 03:24, Peter Bowen wrote:
> On Fri, Mar 28, 2014 at 9:46 AM, Rick Andrews <Rick_Andrews@symantec.com> wrote:
>> We see another potential issue with the proposed PRIVATE option. Rob’s
>> current proposal would have us replace a domain label with the literal
>> string “<PRIVATE>” (without the quotes). However, we try to encode DN
>> components as PrintableString where possible, and angle brackets are not
>> part of the PrintableString set (the lowercase letters 'a' through 'z',
>> uppercase letters 'A' through 'Z', the digits '0' through '9', eleven
>> special characters ' = ( ) + , - . / : ? and space).
>>
>> As a result, the type of the DN component would be PrintableString in the
>> real cert but utf8String in the pre-certificate, and that would cause
>> problems. I suggest using parentheses instead of angle brackets.
>
> Instead of having "<PRIVATE>", what about replacing the redacted
> string with a prefixed checksum of the part?
>
> Assuming we specify CRC-32 with "+" as the prefix,
> "mail.corp.example.com" would become "+6f993bb2.example.com".  This
> could also allow redacting only some labels:
> "mail.secret.example.gov.xx" could become
> "mail.+734313b7.example.gov.xx".  This has the benefit of providing
> privacy while allowing stronger matching of the certificate.

Hi Peter.

The aim of the PRIVATE option is to keep sub-domain names _completely 
hidden_ from the Log, so I think that revealing any information about 
them is problematic.

How long would it take an attacker to perform a dictionary attack to 
discover that "6f993bb2" corresponds to "mail.corp" ?

-- 
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online