Re: [Trans] draft-ietf-trans-rfc6962-bis-28: "no security implications"

Rob Stradling <Rob@ComodoCA.com> Fri, 20 April 2018 21:07 UTC

From: Rob Stradling <Rob@ComodoCA.com>
To: trans@ietf.org
Cc: Andrew Ayer <agwa@andrewayer.name>
References: <20180320151249.ef2e85feaf05de8edac24479@andrewayer.name>
Message-ID: <08ec0e15-2244-ac90-3acf-d3e4153bcf75@ComodoCA.com>
Date: Fri, 20 Apr 2018 22:07:36 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <20180320151249.ef2e85feaf05de8edac24479@andrewayer.name>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Apr 2018 21:07:46.2609 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 8c12fb7e-8382-41b6-0280-08d5a702c46e
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 0e9c4894-6caa-465d-9660-4b6968b49fb7
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR17MB0295
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/q9p33Kmzrt3gAKWM4qr8eODqBrQ>
Subject: Re: [Trans] draft-ietf-trans-rfc6962-bis-28: "no security implications"
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Apr 2018 21:07:51 -0000

I think this is a good change.  I've posted a PR here:
https://github.com/google/certificate-transparency-rfcs/pull/296

Anyone have any objections?

On 20/03/18 22:12, Andrew Ayer wrote:
> draft-ietf-trans-rfc6962-bis-28 added the following text to
> section 4.2:
> 
> "While there are no security implications to a log accepting
> a submission that does not chain to one of its accepted trust
> anchors..."
> 
> This isn't true.  The certificate chain enables the logged certificate
> to be attributed to a known trust anchor.  This is security-sensitive,
> as without the chain, monitors and trust store operators can't respond
> to a misissued certificate because they don't know which trust anchor
> should be sanctioned/distrusted for misissuing the certificate.[1]
> 
> Therefore, this text should be removed.
> 
> It might also be a good idea, to avoid any future confusion about this
> requirement, to add "to ensure that logged certificates are attributable
> to a known trust anchor" to the sentence at the beginning of 4.2 that
> explains why the requirement exists.
> 
> Regards,
> Andrew
> 
> 
> [1] In the general case, a monitor could probably construct the chain
> using its own store of intermediate certificates.  But this fails if
> the intermediate isn't known, which might happen in the adversarial
> case where an intermediate certificate is issued for the sole purpose
> of evading responsibility for a misissued certificate.
> 
> _______________________________________________
> Trans mailing list
> Trans@ietf.org
> https://www.ietf.org/mailman/listinfo/trans
> 

-- 
Rob Stradling
Senior Research & Development Scientist
Email: Rob@ComodoCA.com

[Trans] draft-ietf-trans-rfc6962-bis-28: "no secu… Andrew Ayer
Re: [Trans] draft-ietf-trans-rfc6962-bis-28: "no … Rob Stradling
Re: [Trans] draft-ietf-trans-rfc6962-bis-28: "no … Ryan Sleevi