Re: [websec] Comments on draft-ietf-websec-key-pinning

Jeffrey Walton <noloader@gmail.com> Sun, 22 February 2015 02:38 UTC

Return-Path: <noloader@gmail.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 75F011A0263 for <websec@ietfa.amsl.com>; Sat, 21 Feb 2015 18:38:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.7
X-Spam-Level:
X-Spam-Status: No, score=0.7 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qiLj6RdGFBZd for <websec@ietfa.amsl.com>; Sat, 21 Feb 2015 18:38:22 -0800 (PST)
Received: from mail-ie0-x22a.google.com (mail-ie0-x22a.google.com [IPv6:2607:f8b0:4001:c03::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B30FD1A037F for <websec@ietf.org>; Sat, 21 Feb 2015 18:38:21 -0800 (PST)
Received: by ierx19 with SMTP id x19so16307529ier.3 for <websec@ietf.org>; Sat, 21 Feb 2015 18:38:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:reply-to:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=mCMTvlkKa+1b6smLqjNJAzgDSxRE+6Smwu+ET9X3PCo=; b=e/et0M4uTwS2w28zxOnrf9aL0nwLQgIH/UfXnn/hjOSlOMPO0EYUa515rxUdAAYyPc mUdb5lmwh5B9gqAoBRhposGdyeWMXOgrJVBff4bbUQsVmYOIa8thMbhvAJsLbgBnW3jK tU0cQBCgIO3gyJ50jfK2tpsq8xQXfwNEC2Gz4pHIgDKI6MEU4mNwULIkMdjG/cwLTD51 AhwqWIg4AA4icr9UVP9Pxe9Qo2ul8z+hYBt5g4/RHiH7lviXBW5S3Xjt+FNqCy0yY/dE vrKoakNaZorvPZ4a1Db8wdDERbydgZyIyqlIzhxQb6kkysTBf58r/EIf9HyeKhRPVvqE mO7Q==
MIME-Version: 1.0
X-Received: by 10.42.112.199 with SMTP id z7mr5291498icp.46.1424572700965; Sat, 21 Feb 2015 18:38:20 -0800 (PST)
Received: by 10.36.81.15 with HTTP; Sat, 21 Feb 2015 18:38:20 -0800 (PST)
In-Reply-To: <5bd1e5f598ebde476bfdefa8993b8dc1.squirrel@webmail.dreamhost.com>
References: <CAH8yC8=XEr9q8VHarucKa0rVqSPt3=oDzDRWXA3_u4rkhpZmoQ@mail.gmail.com> <CAH8yC8==Bkw_65UALEgz73djDyQFnw5m3bHY0Wav=ABvi9ORVA@mail.gmail.com> <CAOe4UikDvdbcN-mekL25hdWEp22tUMYpsMFw-Wp3sW6O5TBrEg@mail.gmail.com> <CAH8yC8=q3BoDU4Q=5FtnLSmH+OziLyEH6K2fhfVZcZT3XtSMaQ@mail.gmail.com> <5bd1e5f598ebde476bfdefa8993b8dc1.squirrel@webmail.dreamhost.com>
Date: Sat, 21 Feb 2015 21:38:20 -0500
Message-ID: <CAH8yC8mRtuHw-ZLr70VEJSJ3a35qVx16_KtKMApH1RBh6JM0cg@mail.gmail.com>
From: Jeffrey Walton <noloader@gmail.com>
To: ryan-ietfhasmat@sleevi.com
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/websec/2af6qHdOzPJsbfQrU27g3I_py-Q>
Cc: IETF WebSec WG <websec@ietf.org>
Subject: Re: [websec] Comments on draft-ietf-websec-key-pinning
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: noloader@gmail.com
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec/>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Feb 2015 02:38:24 -0000

Thanks Ryan.

>>  I don't believe this proposal - in its current form - will prove
>>  effective in the canonical cases: (1) CA failure like Diginotar; and
>>  (2) MitM attacks like Superfish. Are there other obvious cases I
>>  missed that this control will be effective?
>
> You're factually wrong in cases like (1), and woefully misguided in cases
> like (2) if you believe _any_ software, on a general purpose operating
> system with 1-layer security principals (such as Windows and OS X), can
> defend against a program with same-or-higher privileges.

You'll have to forgive my ignorance because the document states its
use to defend against some MitM attacks. The two canonical cases are
(1) Diginotar and (2) Superfish. We can defend against them with
pinning, so its not clear to me why browsers are having such trouble
with it.

Please humor me: what are the cases this security control defends
against? Again, please forgive my ignorance. The document does not
lists the cases it defends against, so I had to ask. That points to a
gap in the document that needs to be improved.

If HPKP can't handle (1) Diginotar and (2) Superfish, then it looks
like a placebo to me. Its does a disservice by providing a false sense
of security. But I'm probably wrong and I'd like to understand what
security benefits HPKP provides.

For completeness, I have not explored how HPKP interacts with self
signed certificates. If it only serves to bar them, then I'd say the
authors managed to get the CA/B Forum agenda furthered at the IETF. I
think they call that "confused deputy" in computer security circles.
But again, I could be wrong.

> That's like complaining a program with root access can interfere with your
> usermode application. Well, yes, that's exactly correct, that's how it's
> supposed to work.

Not exactly. These are two userland programs. One is not in a more
privileged position than the other.

> There is no sane world in which anything in the HPKP spec can or should
> deal with this.

Disagree. We use pinning to control that risk.

The pain point for browsers seems to be they want strong
authentication assurances while accommodating interception. That's a
self made problem.

> It's doubly true and hopefully self-evident that "raising
> the bar" is not at all an acceptable, or even reasonable, justification.
> Malicious actors have every reason to escalate to more nefarious means
> (whether for profit or interception), while legitimate actors get shut out
> or, equally, burrow further into internals and cause worse experiences for
> everyone.

Wow, I can't believe you're begging that argument.

If I apply that thinking, then there's no need for HPKP in the first
place. Or Secure Cookies, HTTP Only, HSTS, CSP, HTTPS (and friends)
for that matter.

> I understand that you disagree. But you're also wrong if you think HPKP
> can or should have dealt with this.

Again, disagree. We use pinning to control that risk.

Again, the pain point for browsers seems to be they want strong
authentication assurances while accommodating interception. That's a
self made problem.

*****

>>  IETF leadership: Carl Sagan once asked, who speaks for the Earth. Who
>>  here speaks for the users and sites? Does it *really* sound like a
>>  good idea to suppress evidence of validation failures and unauthorized
>>  overrides for a security control that's specifically designed to
>>  contend with the threats?
>
> This spec speaks for the users, by ensuring that local privacy rights
> trump remote server policy.

Reporting and logging needs to be fixed.

One report per origin does not facilitate tracking. By definition, you
need more than one report to "track".

If browsers were really interested in fixing tracking and addressing
anonymity, then "Do Not Track" would be default out of the box; Google
would honor "Do Not Track"; Google would not be subverting "Do Not
Track" with tracker-breaking tricks; and ETAGS would be addressed.

Or, pick your poison: if "Do Not Track" is not sent, then send the
report. If "Do Not Track" is sent, then don't send the report. You
guys have painted yourself into a corner with that one because you're
insecure out of the box and you want to be part of the cover up. Until
your cause is just, you're going to fall into simple traps like that.

And I might as well hit the obvious: the user gave up expectations of
anonymity with their first TCP SYN. If a user wants anonymity, then
they need to use a suitable technology like Tor.

*****

One of the things that's clear/evident is the browser architects are
having troubles because they want strong server authentication and
accommodate interception. They are competing goals and something has
to give (they may even be diametrically opposed).

I think browser architects and the security community need a Key Usage
of INTERCEPT to help differentiate the cases. It will help browsers
and other user agents differentiate the "good" bad guys from "bad" bad
guys. It will also help them determine when its OK to break a known
good pinset.

CAs surely won't issue INTERCEPT certificates and (I believe) most
folks won't declare INTERCEPT, so you've avoided the problem for a
majority of the use cases (over 90%?). That's a huge step forward in
helping browsers and other UAs differentiate the "good" bad guys from
"bad" bad guys.

The "good" bad guys will honor it and you'll know you're dealing with
a "good" bad guy. The "bad" bad guys will not honor it and you'll know
you're dealing with a "bad" bad guy. In this case of a "bad" bad guy,
UAs should refuse to break the pinset. And UAs won't fall victim to
the Diginotar and Superfish cases.

Organizations that install a CA to perform device management or
facilitate browsers and email programs can side step the whole
interception problem by not declaring them in the first place.
Browsers and users will not be put in the middle, and the problem will
be avoided. That's a huge step forward in helping UAs differentiate
the "good" bad guys from "bad" bad guys.

UAs won't fall victim to Diginotar and Superfish in its current
rendition because they lack the declaration. In the future, it will be
easily auditable by security software so the Superfishes cannot fly
under the radar. And if a CA is compromised and starts issuing
INTERCEPT certificates, then alarm bells will go off. The audits and
alarm bells will elicit so much negative press and publicity that
something will bend or break somewhere. That's Palmer's "shame as a
security control" and its a wonderful application of it because its
proactive (and not reactive).

Users like me who want nothing to do with interception can use a
different media (like switching to 3G/4G from Wifi) or will move the
INTERCEPT certificates to the Untrusted Store. I'd rather fail the
connection, but you've taken that choice away from me.

Now, if browser architects want to continue the surreptitious
interception and help in the cover up, then that's a different
problem. I suspect that's the agenda, and now is your opportunity to
prove folks like me wrong.

Jeff