IETF Logo Mail Archive

Re: [Trans] Gossip: Unsticking a client caught with potential evidence of log misbehavior

Ben Laurie <benl@google.com> Tue, 20 October 2015 08:58 UTC

Return-Path: <benl@google.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F356B1A3BA1 for <trans@ietfa.amsl.com>; Tue, 20 Oct 2015 01:58:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.388
X-Spam-Level:
X-Spam-Status: No, score=-1.388 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RVuviK6qaBqo for <trans@ietfa.amsl.com>; Tue, 20 Oct 2015 01:58:31 -0700 (PDT)
Received: from mail-yk0-x229.google.com (mail-yk0-x229.google.com [IPv6:2607:f8b0:4002:c07::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E71A81A3B9B for <trans@ietf.org>; Tue, 20 Oct 2015 01:58:30 -0700 (PDT)
Received: by ykdr3 with SMTP id r3so10057017ykd.1 for <trans@ietf.org>; Tue, 20 Oct 2015 01:58:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :content-type; bh=yma5ODi5iW2qf/ME4MsYrbMI0ekxUP6rWa6hmhlIgrI=; b=Gl+DCFpSWOAy7KfjZiIm794L60trG+Z8wEkkDEv3zywTFP8mrrT8GOT1HF5i21qgpx g+ySqdmo1Poc056ncrcqe/+ttl7uxphAX/OxWYfTHaZADkfwaeodYnFsIRwp5sH1lWhD urdI0zjhi7OKPb4Z7fpsmleuvXO6S407AT8Gr1uLhLXIY8cfEyB7kZV9akqiUZeCda3u ovSJqeuO/HfTySMTQTFariXGjw7IWH0YcVmLcbx1X6rGzqUXXt07DCT5tMxoKeQ2Si4H GqObfIv+dVb75XBEJhgwL2GiSOj0rmTFcV7Vpju9jGvQ8DPEhdCwohqqsNr1gDzIfXvP X5Tw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:content-type; bh=yma5ODi5iW2qf/ME4MsYrbMI0ekxUP6rWa6hmhlIgrI=; b=S273tSCmPntYZV/c2LMatg9aR+vYWSgpyMkNS+WQgMG4gZlZHBmHbQWqhtkzhGdogc 730bLBvpzcSYBfjDK2sS7acczptpwwrfG7EA06drmieCQ0wOR1JETfucs9v7Gu13c1P7 RgrIqRKEu+LKhlX+jecp7H846rC0+bforb6wpR2uXhi0GxQTX6upg8zDjrL9yKWLd6kF 2wKU1uv79tpW2Dmm6Se6TMpkfHxdzHPunr/rLGqjHJQX01FiSylRhvehQ0KxvuU7YVKt 9C0eDxmbscLDzeszu7pINKMEGdr5pZ9O4y9lRJMssat1pnIpnZHRUKrQpF/1mZxFMPpm 1ElA==
X-Gm-Message-State: ALoCoQmEcwrhXjNZi0pIkWa6oazHO22UdS47y2/9kx0eBwYb+jb3SFEMJOD9y37epYu8tuGyuPII
X-Received: by 10.13.246.70 with SMTP id g67mr1477370ywf.116.1445331510049; Tue, 20 Oct 2015 01:58:30 -0700 (PDT)
MIME-Version: 1.0
References: <CA+cU71m0wpnD1ZYOTtr=oW+1BjquFxyagtMt+wgCgC_PD0PE-g@mail.gmail.com>
In-Reply-To: <CA+cU71m0wpnD1ZYOTtr=oW+1BjquFxyagtMt+wgCgC_PD0PE-g@mail.gmail.com>
From: Ben Laurie <benl@google.com>
Date: Tue, 20 Oct 2015 08:58:15 +0000
Message-ID: <CABrd9SQd2RETKQWe9-_KCHufAWjBhs2k008vEz-5cyM_gbY4Qw@mail.gmail.com>
To: Tom Ritter <tom@ritter.vg>, "trans@ietf.org" <trans@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c0338d43d6eb105228577f3"
Archived-At: <http://mailarchive.ietf.org/arch/msg/trans/t1lEwXXFB16ejxkNKDMGBUH2MUA>
Subject: Re: [Trans] Gossip: Unsticking a client caught with potential evidence of log misbehavior
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Oct 2015 08:58:33 -0000

On Tue, 20 Oct 2015 at 00:26 Tom Ritter <tom@ritter.vg> wrote:

> Hi all,
>
> So as we're working through the Gossip draft we ran into a problem we're
> not really sure how to solve. The gist of it is that a client can wind
> up in a state where it has a piece of data that it is pretty suspicious
> of, and it might be evidence of log misbehavior - but it's also private
> data and it has no way to share it with the world.
>
> We have not addressed this in the -01 draft, it's an open question with no
> text currently.
>
> Here are some ways that situation can arise (not exhaustive, but the
> draft will have an exhaustive list):
>
> A client has a Cert+SCT and wants an inclusion proof. Every time it
> sends it up to the log (via an appropriately privacy-preserving
> mechanism, such as a DNS proxy), it gets the equivalent of a 500 error,
> even through other inclusion proof requests succeed.
>
> A client has an older STH and it wants a consistency proof to a newer
> STH that it can pollinate. But it gets an error on every request, even
> though other consistency proof requests succeed.
>
> A client knows a log has shut down, and it has the 'final STH'. It has
> an older STH and wants to resolve it to the final STH, but again - errors.
>
>
> We've been working off the assumption that some data would get out to
> auditors and the auditors would detect the misbehavior - but here the
> client has a piece of data that is privacy-sensitive, so it can't just
> broadcast it widely. But it also could be evidence of log misbehavior -
> and the fact that it gets other successful responses from the log makes
> it even more suspicious.
>
> What should it do?
>
> I've been talking about the possibility of an 'escape valve' where a
> client would release private information to an auditor-of-last-resort of
> its choosing (well, chosen by the developer of the client probably)
> after a sufficiently rigorous attempt to resolve it in a private
> manner... but that's not very satisfying. And it's even less satisfying
> to wave our hand and leave the criteria for releasing it undefined
> (because it ties so much into the algorithm for how to release data in
> any circumstance.)
>
> We even talked about UI/UX.  This is such a crazy and rare situation
> that there's no hope of explaining it to users.  It's also something
> disconnected from any browsing session, so it's not possible to put a
> link on an intersitial as Chrome has done. The closest analogy is
> bug/crash reporting, either active (Windows/Apple sometimes asks if you
> want to submit queued error reports) or general browser opt-in (I
> believe Chrome/Firefox have some mechanism where you 'share data with
> the company to make the experience better').
>

How about reporting it to the alleged origin? Presumably there's no privacy
issue there (the user visited the site already) ... the origin would then
have to do something with that report - I can imagine that browser vendors
would operate public endpoints for them to be forwarded to, for example.

Seems like the same kind of issue as HPKP reporting (see
https://tools.ietf.org/html/rfc7469#section-2.1.4).

v2.23.0 | Report a Bug | By Email