Re: [Trans] Call for adoption: draft-strad-trans-redaction-00

Rob Stradling <rob.stradling@comodo.com> Thu, 22 September 2016 10:41 UTC

Return-Path: <rob.stradling@comodo.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B0A4212DAE3 for <trans@ietfa.amsl.com>; Thu, 22 Sep 2016 03:41:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0PnTYgY0QJyk for <trans@ietfa.amsl.com>; Thu, 22 Sep 2016 03:41:51 -0700 (PDT)
Received: from mmextmx1.mcr.colo.comodoca.net (mmextmx1.mcr.colo.comodoca.net [IPv6:2a02:1788:402:c00::c0a8:9cd5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9610712DADE for <trans@ietf.org>; Thu, 22 Sep 2016 03:41:50 -0700 (PDT)
Received: (qmail 16734 invoked by uid 1004); 22 Sep 2016 10:41:48 -0000
Received: from ian.brad.office.comodo.net (HELO ian.brad.office.comodo.net) (192.168.0.202) by mmextmx1.mcr.colo.comodoca.net (qpsmtpd/0.84) with ESMTP; Thu, 22 Sep 2016 11:41:48 +0100
Received: (qmail 28558 invoked by uid 1000); 22 Sep 2016 10:41:48 -0000
Received: from and0004.comodo.net (HELO [192.168.0.58]) (192.168.0.58) (smtp-auth username rob, mechanism plain) by ian.brad.office.comodo.net (qpsmtpd/0.40) with (AES128-SHA encrypted) ESMTPSA; Thu, 22 Sep 2016 11:41:48 +0100
References: <b7a2d798-0201-4341-0b3b-c5efff34b126@gmail.com> <5b357047-d412-70de-4aa6-9499fa8837b5@comodo.com> <CABrd9SRpg2kMdQahfVUVpvy5e6tnLMKcv-Ka56vB4_QqgLoCWA@mail.gmail.com> <ccb1675a-6215-305c-9ca5-ff12edbc2b60@gmail.com> <D40801F0.1533%tarah_wheeler@symantec.com> <c8a14597-e2f9-7270-33f3-861dc8d1ada5@gmail.com> <73d1a74ad89a671bb9ecf57cb41dbfd7.squirrel@webmail.dreamhost.com>
To: "trans@ietf.org" <trans@ietf.org>
From: Rob Stradling <rob.stradling@comodo.com>
Message-ID: <2fc6b33a-2719-7f99-720b-b7c72767b6f5@comodo.com>
Date: Thu, 22 Sep 2016 11:41:48 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0
MIME-Version: 1.0
In-Reply-To: <73d1a74ad89a671bb9ecf57cb41dbfd7.squirrel@webmail.dreamhost.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/s81b8Yt1iGbWXJ87on-H4zKIg_I>
Subject: Re: [Trans] Call for adoption: draft-strad-trans-redaction-00
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Sep 2016 10:41:55 -0000

On 21/09/16 23:00, Ryan Sleevi wrote:
> On Wed, September 21, 2016 11:15 am, Melinda Shore wrote:
>>  On 9/21/16 5:23 AM, Tarah Wheeler wrote:
>>> Hi, I'm Tarah, and I'm new at Symantec. I'll be reviewing and responding
>>> to the CT redaction thread, and actively involved in proposals.
>>
>>  A few months ago Symantec had stated that they'll be publishing
>>  redacted labels - is that still the case?
> 
> Symantec has stood up an RFC 6962-like log that supports an earlier
> version of the redaction scheme, which reflects the thinking from 6962-bis
> Draft 14.

Symantec are still doing this today (e.g., https://crt.sh/?id=33742991
is a precertificate that was logged only a few hours ago).

The following report shows all of the "redacted precertificates" that
Symantec have issued, along with the corresponding certificates (where
known to CT):

https://crt.sh/reports/20160922_redacted-precertificates.html

> It is not trusted by any CT client widely deployed, because it does not
> implement RFC 6962 (which, as we know, does not support redaction).
> 
> Symantec has also had trouble, both with first-party and third-party
> integrations (such as Venafi), with logging redacted certificates,
> resulting in what might be described as 'over-redacted' certificates. That
> is, certificates which are redacted even though their domains are public
> and widely known, which is at conflict with Symantec's stated need for the
> use case of redaction.
> 
> This has been summarized at
> https://sslmate.com/blog/post/ct_redaction_in_chrome_53 for example, but
> reflects redaction occurring for widely used, publicly disclosed domain
> names - which seems at direct odds with the stated use cases.
> 
> Such previous explanations of Symantec's redaction policies can be found
> at
> http://www.symantec.com/connect/blogs/privacy-redaction-and-certificate-transparency
> and
> http://www.symantec.com/connect/blogs/balancing-certificate-transparency-and-privacy
> , however, the evidence since these posts indicate an inconsistency in the
> actual use case and policies.
> 
> This is perhaps a useful study into the utility, and the risk, of redaction.

-- 
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online