IETF Logo Mail Archive

Re: [websec] HPKP & different encodings of the same public key

Brian Smith <brian@briansmith.org> Sun, 15 May 2016 22:34 UTC

Return-Path: <brian@briansmith.org>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F76312D106 for <websec@ietfa.amsl.com>; Sun, 15 May 2016 15:34:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=briansmith-org.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uj8JotR4qk-u for <websec@ietfa.amsl.com>; Sun, 15 May 2016 15:34:05 -0700 (PDT)
Received: from mail-io0-x233.google.com (mail-io0-x233.google.com [IPv6:2607:f8b0:4001:c06::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2596812B039 for <websec@ietf.org>; Sun, 15 May 2016 15:34:04 -0700 (PDT)
Received: by mail-io0-x233.google.com with SMTP id f89so190489369ioi.0 for <websec@ietf.org>; Sun, 15 May 2016 15:34:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=briansmith-org.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=+D2mKasIKUlRNSKucjt24WytKyxOVXW+fJDxdFZWiLs=; b=Z8UdskuEyaHp21hbiwUYBG81F/AM9gAStfM/g0ch7D3X3sna19vS0ap3TyRqDuIsu5 eaoiBArKqOp9lXMXOJ8kE1A9bamKvzLk0ur97A8OJY+je3Sr4lhh6hj+ux0e1JtjuD5a 4hjKrfiOt/EJiDZI/sojOhSNCwySOyn1GXjZfeVzlxwsrQqCiI6vE3j6+boy3W7si5C6 tK7VrszRsDSk9B+Fpras3r7RIY4+BUqNg4zc8dFg1TkCJ21BAI2SixcDRvbxKMIUPGJi 5HuXjlWbygRTc30Hw1HcrgB0UWVyv6ee0Bbx3zYSPNvc/tWlJQcQPjBncMdOXLaxhlJT 3xFg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=+D2mKasIKUlRNSKucjt24WytKyxOVXW+fJDxdFZWiLs=; b=mQSQXKxhEQG/IdyF6K7q9sEc6ORX4Vah4DHcosBZ4vaPqyZckr3VmO7rGBwxC6ZVqs V52eCH9cp8wPHsf2kHYTZlHlnKO7bTDDz3U3jKJLBXHzS8MCxARPoI0rAiLNi/5H0eyX 7HeWI6w52llYZG+fjMVCDpSy3PmTeYs3SacDCx+bX3EiWB0XQ3Tr+jaLtIdFqMcGT/D4 HCG0cQ+wptudq09m60iNnirZn0v5uRhw/nnWTqT90rQ9TJ8PVbNh+QzzFP26yWmu2lHm 05ddtSI+Efbl/OsvNUE7R7v6S72HlOm8kX5g3KCYm3XPGoiJ1HnSaMZyt6B2+5JjyFum XqPQ==
X-Gm-Message-State: AOPr4FVfgdg8UzDNDMVEiI6+uk4rz5OC5vyZl3GXNqSA4tDiCb/HwDzT/5D5MZM5d+FHV2vOm4lyJe8pQ8zwWA==
MIME-Version: 1.0
X-Received: by 10.36.216.196 with SMTP id b187mr7677681itg.36.1463351644123; Sun, 15 May 2016 15:34:04 -0700 (PDT)
Received: by 10.36.253.67 with HTTP; Sun, 15 May 2016 15:34:04 -0700 (PDT)
In-Reply-To: <CAH8yC8kuaBsmjJy673k+qYfo-_BbEQZFmLKGSYGQ11MMT+6LfQ@mail.gmail.com>
References: <CAME=j1=QZTFdxaMQ=_Egy296zhAiL--2hcW0_nc-3BLgz7z9XA@mail.gmail.com> <CAFewVt7u2e6184T_XP7VFJRbz4XJyrxUf2VK8XtZg3FQCquZ3g@mail.gmail.com> <CAME=j1=PimfS=rA3MBAY_8YwsvYzg1x8+FvkgzMEw-qBR9PTyw@mail.gmail.com> <CAH8yC8kuaBsmjJy673k+qYfo-_BbEQZFmLKGSYGQ11MMT+6LfQ@mail.gmail.com>
Date: Sun, 15 May 2016 12:34:04 -1000
Message-ID: <CAFewVt6=sTdUKSXznjyy7WHH=MVsyWkBANF2_PJqvwkQyerwsg@mail.gmail.com>
From: Brian Smith <brian@briansmith.org>
To: noloader@gmail.com
Content-Type: multipart/alternative; boundary="94eb2c05e99aee0d7a0532e91a02"
Archived-At: <http://mailarchive.ietf.org/arch/msg/websec/0GjYITWBOBN1LoRuteWHiOZ2Lu8>
Cc: IETF WebSec WG <websec@ietf.org>
Subject: Re: [websec] HPKP & different encodings of the same public key
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/websec/>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 May 2016 22:34:07 -0000

Jeffrey Walton <noloader@gmail.com> wrote:

> On Sun, May 15, 2016 at 5:19 PM, Jesse Wilson <jesse@swank.ca> wrote:
> > Thanks Brian! I’m happy to hear that this is an implementation bug (that
> I
> > can petition to get fixed), rather than spec bug (that we all have to
> > workaround).
>
> It depends on the issuing policies.
>
> The IETF has no way to specify that a certificate was created or
> issued under PKIX, so its a moot point. (It creates a vaccum like the
> EV mess, except for standard certificates rather than EV
> certificates).
>

HPKP is specified in terms of RFC 5280, so we can assume only PKIX
certificates are used for HPKP. In particular, HPKP (RFC7469) defers to
RFC5280 for the specification of SPKI. RFC 5280 then defers to other specs
for defining SPKI: "Conforming  implementations that use the algorithms
identified in [RFC3279 <http://tools.ietf.org/html/rfc3279>], [RFC4055
<http://tools.ietf.org/html/rfc4055>], and [RFC4491
<http://tools.ietf.org/html/rfc4491>] MUST identify and encode the public
key materials and digital signatures as described in those specifications."
RFC 5480 updates RFC 3279.

So, yes, a CA can issue a certificate that's not RFC 5480 but nobody should
expect HPKP to work with such certificates.

Cheers,
Brian
-- 
https://briansmith.org/

v2.23.0 | Report a Bug | By Email