Re: [websec] Decouple HSTS's two orthogonal effects?
Adam Barth <ietf@adambarth.com> Tue, 29 March 2011 21:34 UTC
Return-Path: <ietf@adambarth.com>
X-Original-To: websec@core3.amsl.com
Delivered-To: websec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B418B3A698F for <websec@core3.amsl.com>; Tue, 29 Mar 2011 14:34:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.297
X-Spam-Level:
X-Spam-Status: No, score=-2.297 tagged_above=-999 required=5 tests=[AWL=-0.320, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ryNiTC5VH2T5 for <websec@core3.amsl.com>; Tue, 29 Mar 2011 14:34:52 -0700 (PDT)
Received: from mail-vx0-f172.google.com (mail-vx0-f172.google.com [209.85.220.172]) by core3.amsl.com (Postfix) with ESMTP id 4D10D3A6825 for <websec@ietf.org>; Tue, 29 Mar 2011 14:34:52 -0700 (PDT)
Received: by vxg33 with SMTP id 33so633673vxg.31 for <websec@ietf.org>; Tue, 29 Mar 2011 14:36:30 -0700 (PDT)
Received: by 10.52.65.69 with SMTP id v5mr493362vds.200.1301434590206; Tue, 29 Mar 2011 14:36:30 -0700 (PDT)
Received: from mail-qy0-f172.google.com (mail-qy0-f172.google.com [209.85.216.172]) by mx.google.com with ESMTPS id cc3sm1126295vdb.24.2011.03.29.14.36.28 (version=SSLv3 cipher=OTHER); Tue, 29 Mar 2011 14:36:29 -0700 (PDT)
Received: by qyk29 with SMTP id 29so2206978qyk.10 for <websec@ietf.org>; Tue, 29 Mar 2011 14:36:28 -0700 (PDT)
Received: by 10.224.216.197 with SMTP id hj5mr367713qab.264.1301434588107; Tue, 29 Mar 2011 14:36:28 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.224.89.83 with HTTP; Tue, 29 Mar 2011 14:35:58 -0700 (PDT)
In-Reply-To: <AANLkTim8svP4Fu+1+GQVVRT48b0EhA9qnig5WeUBiN4w@mail.gmail.com>
References: <4D92317B.6020804@fifthhorseman.net> <BANLkTinGEt42DM1NqbrjOfdqTqLUjnQ5KQ@mail.gmail.com> <AANLkTim8svP4Fu+1+GQVVRT48b0EhA9qnig5WeUBiN4w@mail.gmail.com>
From: Adam Barth <ietf@adambarth.com>
Date: Tue, 29 Mar 2011 14:35:58 -0700
Message-ID: <BANLkTinPMRRVwBrvRh-rHdprtgEaU=Eq=w@mail.gmail.com>
To: Tom Ritter <tom@ritter.vg>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: websec@ietf.org
Subject: Re: [websec] Decouple HSTS's two orthogonal effects?
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Mar 2011 21:34:53 -0000
On Tue, Mar 29, 2011 at 2:29 PM, Tom Ritter <tom@ritter.vg> wrote: > On Tue, Mar 29, 2011 at 4:58 PM, Adam Barth <ietf@adambarth.com> wrote: >> There's no coupling between HSTS and the particular algorithm a UA >> uses to verify certificates. The UA is free to use whatever >> verification mechanism it desires. > > This is good, but perhaps some clarification to the draft would be in order: > > Section 2.2 states: > > 2. The UA terminates, without user recourse, any secure transport > connection attempts upon any and all secure transport errors or > warnings, including those caused by a site presenting self-signed > certificates If a self-signed certificate does not cause a secure transport error, then you're all set. For example, it's fine for a self-signed certificate to be in the list of explicitly trusted certificates. In that case, no secure transport error is generated. Try it. :) > Knowing that HSTS allows any validation method a posteriori allows you > interpret this correctly - that self-signed certs *may* be allowed > under HSTS, if the user has added them to their store. But without > that, it may be interpretted incorrectly - that no self-signed certs > would be allowed. That's not what it says. > Furthermore, I'm not sure, but "any and all secure > transport errors or warnings" may be ambiguous. I don't know if it's > an existing standard to enter a warning or error state in event of > (for example) a revocation check failure - although we do know that > most browsers do not present any warning or error. There's more on > that in Adam Langley's thread. If HSTS does not define whether or > not a revocation check failure is an error condition, I think it > should. Indeed. A reference there would be helpful. > Also Section 9 recommends distributing root CA certs to users' > browsers, and does not mention the possibly of distributing the leaf > certs instead. Less related, but I prefer to trust organizations leaf > certs individually than their root cert. I don't have a problem with also recommending leaf certs, but you should check with =JeffH. Adam
- [websec] Decouple HSTS's two orthogonal effects? Matt McCutchen
- Re: [websec] Decouple HSTS's two orthogonal effec… Tom Ritter
- Re: [websec] Decouple HSTS's two orthogonal effec… Devdatta Akhawe
- Re: [websec] Decouple HSTS's two orthogonal effec… Tobias Gondrom
- Re: [websec] Decouple HSTS's two orthogonal effec… =JeffH
- Re: [websec] Decouple HSTS's two orthogonal effec… Daniel Kahn Gillmor
- Re: [websec] Decouple HSTS's two orthogonal effec… Yoav Nir
- Re: [websec] Decouple HSTS's two orthogonal effec… Adam Barth
- Re: [websec] Decouple HSTS's two orthogonal effec… Tom Ritter
- Re: [websec] Decouple HSTS's two orthogonal effec… Adam Barth
- Re: [websec] Decouple HSTS's two orthogonal effec… Daniel Kahn Gillmor
- Re: [websec] Decouple HSTS's two orthogonal effec… Adam Barth
- Re: [websec] Decouple HSTS's two orthogonal effec… Phillip Hallam-Baker