IETF Logo Mail Archive

Re: [Uta] Ben Campbell's Yes on draft-ietf-uta-mta-sts-17: (with COMMENT)

Daniel Margolis <dmargolis@google.com> Thu, 10 May 2018 18:13 UTC

Return-Path: <dmargolis@google.com>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B45E312D95C for <uta@ietfa.amsl.com>; Thu, 10 May 2018 11:13:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -18.209
X-Spam-Level:
X-Spam-Status: No, score=-18.209 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 60zw2fxpVJVT for <uta@ietfa.amsl.com>; Thu, 10 May 2018 11:13:36 -0700 (PDT)
Received: from mail-io0-x22c.google.com (mail-io0-x22c.google.com [IPv6:2607:f8b0:4001:c06::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CEACA12DA44 for <uta@ietf.org>; Thu, 10 May 2018 11:13:32 -0700 (PDT)
Received: by mail-io0-x22c.google.com with SMTP id c9-v6so4059649iob.12 for <uta@ietf.org>; Thu, 10 May 2018 11:13:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=4cIFXfkhiEVsQ7BE8fMuJZjoAnJBjEM4QzKvl70jMzE=; b=UWjfWJ425yPQPa26jgGxMSwiGha8CjH6hOdL/BPE1GSJcu+kkcwLYsQ9AzZrn0JPb5 rh7Cf7RsYwhkZtkweoMtlLNEg8RfsQznumuOS3YfdRH/xceF0MDWfCn3uIcBZZs8jexu ZbziXe0V172w6YjtAiduJS+F8BtI9sustaCsta9XrdBPe8aTAdWGqSL4m48I6nOgFWaa wHs+GX7V03gER+onnQ6MWGCO9EDhNI1p23NxGUZy7b/ThLZd+7e1gMu3Q8b0OvB59GUB HKqn1kigGnsDFrJVmg6ITB7vWWOS2ReIXyQ/Pj1c4supN9PEw9PqQy6wuEVAeXEzQ5dN DLlA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=4cIFXfkhiEVsQ7BE8fMuJZjoAnJBjEM4QzKvl70jMzE=; b=tPldXtbsnfQ0zVmvbxezckwbWiUjWwElPhpOTwNqzvNMfNyODdA03Ahb/WnAV8JJch gX6+Isml+GvxoSF5aNb6IVIdHmRgNJlrV+xHGYNASehirM3A4B2XzWBC7GnmHNh7FBSn iJ+2vP3vLb02mCalCAgIQiDExMmZDHfqfR3twqlwRe5CFK8TXvtBmFGaT9NYaaY23g3w ofXkXsngBmkbgDT8OSKVZRNGt4uTLrxwzFMwP3Wzqu1NMfEJ1Zni+jpdhYiZPu1oZHW/ yD2sc0h7Qt81JtOOKZP81fDecPZ10jPjHjbnq1NhFe3Q3ScLzMlBA/mL3FvDnjgSciU3 ckhg==
X-Gm-Message-State: ALKqPwcrWo6eVjuuzMFC1IwCG06vSLFu0uqwhE4qGDjOROPxLhmXTcwz QkQtYYS5T5zE0dpL2sULhux7Sia8MXU6GY3mgnINRw==
X-Google-Smtp-Source: AB8JxZqEXz12P+dMbOKNWazK1lwrbrDpzgHGJRtoVDQBPtfWucEaby04Ptdk9NIliJJgmuc2lVWdYenLK8nuFz3ZtRw=
X-Received: by 2002:a6b:24a:: with SMTP id 71-v6mr2637522ioc.123.1525976010954; Thu, 10 May 2018 11:13:30 -0700 (PDT)
MIME-Version: 1.0
References: <152591963999.10271.12550778138694053024.idtracker@ietfa.amsl.com> <90DB5F28-E939-421F-825F-1A87DBA40EF3@dukhovni.org> <CANtKdUeEwS7G6eshkz-zHJkHZQPwWXS2P2GrkS8VYDvmJZ85-w@mail.gmail.com> <0C7823C1-AE39-4455-98A4-2B980262E400@dukhovni.org> <CANtKdUdK2ctLBYXng4PP3pc3d_gzAJhakwZXzX6x=nbRdh4CQw@mail.gmail.com> <8EE141C3-33F7-4925-87BD-27E731BA74B2@dukhovni.org>
In-Reply-To: <8EE141C3-33F7-4925-87BD-27E731BA74B2@dukhovni.org>
From: Daniel Margolis <dmargolis@google.com>
Date: Thu, 10 May 2018 20:13:16 +0200
Message-ID: <CANtKdUf2iMYxG2gGAoAjgsTYK_vm+tWds_jbMJb9NM2iGVDMSQ@mail.gmail.com>
To: Viktor Dukhovni <ietf-dane@dukhovni.org>
Cc: uta-chairs@ietf.org, uta@ietf.org, draft-ietf-uta-mta-sts@ietf.org, iesg@ietf.org, Leif Johansson <leifj@sunet.se>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="0000000000002553ee056bddfa54"
Archived-At: <https://mailarchive.ietf.org/arch/msg/uta/e17W503hu6SPHTQ1oq9_Gvcj60Y>
Subject: Re: [Uta] Ben Campbell's Yes on draft-ietf-uta-mta-sts-17: (with COMMENT)
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 May 2018 18:13:39 -0000

No, it's just a rushed edit on my part. My intent was t say that you should
check the cached version against the version in HTTPS.

One *could* argue (as you speculated) that as long as the TXT is there, one
can bump the max-age parameter in the cache and not bother to do the HTTPS
fetch (since it should be a foregone conclusion). I don't see a problem
with that, really.

(In the problematic example you give, a sender can still only cache the old
version for as long as the TXT is unchanged, which is allowed in the
specification!)

In short, I think your interpretation (which was not my intent) works
perfectly fine, though I don't know that we would desire people do that. We
may want to simply not specify this--what we *do* want is for senders to
periodically and in advance of expiration refresh their cached policies;
technically this does not really require HTTPS I don't think, but it
doesn't hurt to do the fetch.

WDYT?

On Thu, May 10, 2018 at 6:44 PM Viktor Dukhovni <ietf-dane@dukhovni.org>
wrote:

>
>
> > On May 10, 2018, at 12:16 PM, Daniel Margolis <dmargolis@google.com>
> wrote:
> >
> > Yes, you're right. I take back my comment, though I'm glad I made it
> since it clarified this whole thing. ;)
> >
> > I've rewritten this to
> >
> > Because this attack is also possible upon refresh of a cached policy, we
> suggest
> > implementers do not wait until a cached policy has expired before
> checking for
> > an update; if senders attempt to refresh the cache regularly (for
> example, by
> > checking their cached version string against the live policy in a
> background
> > task that runs daily or weekly and updating their cache's "max age"
> > accordingly), an attacker would have to foil policy discovery consistent
>
> I don't understand what is meant by "checking their cached version string"
> in:
>
>   (for example, by checking their cached version string against the
>   live policy in a background task that runs daily or weekly and
>   updating their cache's "max age" accordingly)
>
> Can you elaborate.  Are you saying that it is enough to check that
> the TXT record has not changed to extend the policy max_age?  Without
> connecting to the HTTPS site?
>
> Does that mean that a site that removes its "mta-sts" HTTPS service
> endpoint but keeps a stable TXT record in place will be able to
> indefinitely support policies at senders who originally obtained
> the policy?
>
> I am ambivalent about this approach.  For example, if a site does
> the DNS and HTTPS updates out of order, a sender might never learn
> the right (most recent) policy...
>
> Or am I misreading the new text?
>
> --
>         Viktor.
>
> _______________________________________________
> Uta mailing list
> Uta@ietf.org
> https://www.ietf.org/mailman/listinfo/uta
>

v2.23.0 | Report a Bug | By Email