Re: [Uta] Certificate pinning?
Trevor Perrin <trevp@trevp.net> Tue, 11 March 2014 22:24 UTC
Return-Path: <trevp@trevp.net>
X-Original-To: uta@ietfa.amsl.com
Delivered-To: uta@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2183E1A085D for <uta@ietfa.amsl.com>; Tue, 11 Mar 2014 15:24:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rT0v1TUDBs8r for <uta@ietfa.amsl.com>; Tue, 11 Mar 2014 15:24:22 -0700 (PDT)
Received: from mail-we0-f176.google.com (mail-we0-f176.google.com [74.125.82.176]) by ietfa.amsl.com (Postfix) with ESMTP id 51EE81A086D for <uta@ietf.org>; Tue, 11 Mar 2014 15:24:22 -0700 (PDT)
Received: by mail-we0-f176.google.com with SMTP id x48so10711232wes.35 for <uta@ietf.org>; Tue, 11 Mar 2014 15:24:16 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=h9Tphj+LdkAA5Kt19U5rmF/e98F6twSXGRRXsJ0f6vY=; b=mCCbqirRLBgB5DL53CXFiwlYarhjQfkQX8e+VVoJTQoidPsMsFtBZRS4phE99PvsF+ 8DvXNfUpCW3gfgfAIccVlkWOrEHdeL9QIUhEG8iHNeO9ghn0hhAbttigy02sddYsv6Ix edlsw0ErYbmpPRzpdmmuI4xp+shzseLKS8uRkG2jTk2Os41I2Cpp8K5VegUzyinLqaKj +gxfoQVrUjgAPYKzdj9nEY/7WtMt+ucmEmb5YTgUfzAsg9N+IwOIz9gvVKcJO+OyfT/Z j/aSW1cT+3qrnZkitOh4Sj0qNgePFi4hF5qEhoHhzO8bScqU2UwS/Dn+Bw/HBUNaMfnz R4/Q==
X-Gm-Message-State: ALoCoQlcpmHJdvgJ+BnPPOdvx1czZMQf4rfVA3G3JoQY7OyRuIdIOUM5XOyCmxa9mf6EMHTa6f1u
MIME-Version: 1.0
X-Received: by 10.180.187.237 with SMTP id fv13mr4828849wic.26.1394576655886; Tue, 11 Mar 2014 15:24:15 -0700 (PDT)
Received: by 10.216.45.146 with HTTP; Tue, 11 Mar 2014 15:24:15 -0700 (PDT)
X-Originating-IP: [184.23.29.222]
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C711FC6D545C@USMBX1.msg.corp.akamai.com>
References: <5472A050F724AB161474A2E7@caldav.corp.apple.com> <CA+cU71mTPKjb7NqkPgtyqx=+nfmWFSvw5512Owy_Tg__=8XDHg@mail.gmail.com> <CAGZ8ZG2WC_+sLYvgjgjwL1SSOrZN1ddMMvsA2Gpnka55b2fexA@mail.gmail.com> <78aa46ac06424a378e760cc4b0f8eea8@BL2PR03MB290.namprd03.prod.outlook.com> <531F6E1E.8090207@network-heretics.com> <11402BF741C718017A2F138E@caldav.corp.apple.com> <2A0EFB9C05D0164E98F19BB0AF3708C711FC6D545C@USMBX1.msg.corp.akamai.com>
Date: Tue, 11 Mar 2014 15:24:15 -0700
Message-ID: <CAGZ8ZG2OhAcKAsFYLHvpnyvmnTmq_XKaLXkoX2QCuN+ts590bA@mail.gmail.com>
From: Trevor Perrin <trevp@trevp.net>
To: "Salz, Rich" <rsalz@akamai.com>
Content-Type: multipart/alternative; boundary="001a11c25a9c2fc64504f45c2efa"
Archived-At: http://mailarchive.ietf.org/arch/msg/uta/wiJNz0WZp6_C1wdIQ18h4IBR8og
Cc: Cyrus Daboo <cyrus@daboo.name>, "uta@ietf.org" <uta@ietf.org>, Keith Moore <moore@network-heretics.com>
Subject: Re: [Uta] Certificate pinning?
X-BeenThere: uta@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: UTA working group mailing list <uta.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/uta>, <mailto:uta-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/uta/>
List-Post: <mailto:uta@ietf.org>
List-Help: <mailto:uta-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/uta>, <mailto:uta-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Mar 2014 22:24:25 -0000
On Tue, Mar 11, 2014 at 1:37 PM, Salz, Rich <rsalz@akamai.com> wrote: > > I think one of the key goals for the websec work was to prevent attacks > in which a root certificate authority is compromised, potentially allowing > an attacker to create certificates that trick the client into thinking it > is talking to the real server when in fact it is being MITM'd. > > Did they come up with any thoughts on how to do this? Yes, the idea behind HPKP and TACK is for servers to assert that their key should be "pinned" for some period of time: http://datatracker.ietf.org/doc/draft-ietf-websec-key-pinning/ https://tools.ietf.org/html/draft-perrin-tls-tack-02 This generalizes the hard-coded ("preloaded") pinning which Google has deployed in Chrome in the last few years, and which has detected several CA failures. > So far, our best hope in this area is certificate transparency, which is > in its infancy. > Maybe. But pinning is a good idea too. And it deserves more attention, IMO, since it doesn't have the readymade constituency of PKI or DNSSEC solutions, and Google's not pushing it like they're pushing CT. Note also that CT is particularly suited to https. For a protocol like MTA-to-MTA SMTP, MTAs aren't already expected to have certs (or valid certs), so *some* sort of pinning or policy assertion from a server about how it should be authenticated seems necessary. Also, browsers are reluctant to perform online lookups to verify servers (due to latency / reliability). This is why CT needs central log authorities, trusted by all browsers, issuing signed statements. But MTAs are probably more willing to do online lookups, so trust-agile solutions become possible. This is where self-asserted pinning shines, since a site's assertion of a TACK or HPKP pin could be observed by various monitors (think Converge/Perspectives/Vantages/etc), then queried by relying parties, without a centralized infrastructure like CT. Trevor
- [Uta] Certificate pinning? Cyrus Daboo
- Re: [Uta] Certificate pinning? Tom Ritter
- Re: [Uta] Certificate pinning? Trevor Perrin
- Re: [Uta] Certificate pinning? Orit Levin (LCA)
- Re: [Uta] Certificate pinning? Keith Moore
- Re: [Uta] Certificate pinning? Cyrus Daboo
- Re: [Uta] Certificate pinning? Salz, Rich
- Re: [Uta] Certificate pinning? Keith Moore
- Re: [Uta] Certificate pinning? Cyrus Daboo
- Re: [Uta] Certificate pinning? Keith Moore
- Re: [Uta] Certificate pinning? Trevor Perrin
- Re: [Uta] Certificate pinning? Salz, Rich
- Re: [Uta] Certificate pinning? Trevor Perrin
- Re: [Uta] Certificate pinning? Trevor Perrin
- Re: [Uta] Certificate pinning? Yan Zhu
- Re: [Uta] Certificate pinning? Daniel Kahn Gillmor
- Re: [Uta] Certificate pinning? Yan Zhu
- Re: [Uta] Certificate pinning? Trevor Perrin