IETF Logo Mail Archive

Re: [websec] #58: Should we pin only SPKI, or also names

Trevor Perrin <trevp@trevp.net> Sun, 11 August 2013 21:45 UTC

Return-Path: <trevp@trevp.net>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 868AF21F84CD for <websec@ietfa.amsl.com>; Sun, 11 Aug 2013 14:45:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.584
X-Spam-Level:
X-Spam-Status: No, score=-2.584 tagged_above=-999 required=5 tests=[AWL=0.393, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i1-epc3fW6rw for <websec@ietfa.amsl.com>; Sun, 11 Aug 2013 14:45:08 -0700 (PDT)
Received: from mail-we0-f178.google.com (mail-we0-f178.google.com [74.125.82.178]) by ietfa.amsl.com (Postfix) with ESMTP id 3943011E80D3 for <websec@ietf.org>; Sun, 11 Aug 2013 14:39:42 -0700 (PDT)
Received: by mail-we0-f178.google.com with SMTP id u57so4912269wes.37 for <websec@ietf.org>; Sun, 11 Aug 2013 14:39:41 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=zkDXCPfvK7HWMP9IL98m0nkaH0iVLJsRS1H1GfS0QW4=; b=NI1wGpsQt6ovoOgpbT5N/IS2W/Rww0TIT7kJgujUpmCYUCLArmGqh399PkyH/flSZI SMUCgTlQNC04SGqJmoaMCOvbbU4KVKuAHZbp8pgAFnA+oX9o1OHDh/vvJtVlU8ySrFLP mRHtykc3s0zU2PBb/OOUYVqMqHqaYids3qflpUZBvdgY7mGHjCwNQ4obz6MwZsiqeq1i vB4YqUmmrt05h0NPqGF6wjG9TiJV0pLXT4K7Qf8xacUvL5bCtihP4nrPSlDuOv56x4e/ EmVmwSou/PiTq+sh2p7qA5uBsRC4CAqhi9iKyIn2FyNDvqbcYyPPF2K3469eImSpLJk5 dtxA==
X-Gm-Message-State: ALoCoQmhbDb58OrOS75RvHdTr8b3UydeED/6Ky288yfyYtz0UtTMPQxpaAw80VRognFKBFTdjmZS
MIME-Version: 1.0
X-Received: by 10.180.20.4 with SMTP id j4mr4890952wie.48.1376257181000; Sun, 11 Aug 2013 14:39:41 -0700 (PDT)
Received: by 10.216.212.9 with HTTP; Sun, 11 Aug 2013 14:39:40 -0700 (PDT)
X-Originating-IP: [50.37.31.184]
In-Reply-To: <E0BA0FA1-8792-4F3D-BCB2-A8F0B8CEE6CD@checkpoint.com>
References: <060.be9b0009dc0350ca543f553042673944@trac.tools.ietf.org> <073501ce8c6e$f6c17d90$e44478b0$@digicert.com> <CAMm+LwjdGJC4FHCJ_OAYGRqCGGc0Nz1pLV=yVGK9M9E7drfujQ@mail.gmail.com> <CAOuvq200e9HnPX1w9sZ+e7ipBmdgZdPL5xzKDgcaDpSxz1N=gg@mail.gmail.com> <CAMm+Lwh384YBMXw-BDoxJw+AN4qv8x6GQpF9YK4PW1gQRnadpg@mail.gmail.com> <6125A841-6C85-4858-B37F-C021067F0CFA@checkpoint.com> <2035FF99-A079-4F2F-B4DE-962FE1C1B964@checkpoint.com> <CAOuvq20O9bqHGR-5eKPmasNnWEuNW7ACL7PxM09yoTmmyt1UUg@mail.gmail.com> <CAGZ8ZG2C4uB=4vgH325TWeNW89ne4E_DN0j9ZV0t2AKa1o+x9g@mail.gmail.com> <520776C0.9080202@gondrom.org> <CAGZ8ZG1s2gCUZiYaj4q=+S_9M8apRPPura5YU_n8aiW9QcoQZQ@mail.gmail.com> <5207D199.9000207@gondrom.org> <CAGZ8ZG3vnt4LZR01Gnj6oofRB3AOEjcT7OCULMVG0O4W=9HDbA@mail.gmail.com> <9B14206B-5B73-4F91-9F54-3A2F651F768F@checkpoint.com> <CAGZ8ZG3qo5MhwPRfcy+POPZE7rpFG2qH2def_tgSwap+QvAf=g@mail.gmail.com> <E0BA0FA1-8792-4F3D-BCB2-A8F0B8CEE6CD@checkpoint.com>
Date: Sun, 11 Aug 2013 14:39:40 -0700
Message-ID: <CAGZ8ZG19M3343op1OQMo63_RBaW-F5FtVCtBsAGzOta2oPS+QQ@mail.gmail.com>
From: Trevor Perrin <trevp@trevp.net>
To: Yoav Nir <ynir@checkpoint.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: IETF WebSec WG <websec@ietf.org>
Subject: Re: [websec] #58: Should we pin only SPKI, or also names
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 11 Aug 2013 21:45:14 -0000

On Sun, Aug 11, 2013 at 2:21 PM, Yoav Nir <ynir@checkpoint.com> wrote:
> There is a third party here. The web site administrators need to set one of those strings in the key pinning data, so they should be able to obtain the correct strings. There may be only 3 browsers and half a dozen CAs that would want to experiment with this, but there may be a lot more web sites. The CAs could add it to their websites: "use 'ca.example.com' for RFC 7xxx key pinning".

Sure, the CAs would tell their website customers what to use.


> Experimentation is tricky.
[...]
> When the UA connects again, the new certificate is there. The first pin no longer matches, so we need the browser to be able to verify that the new certificate matches ca.example.com. Once that is in some web sites, you can't stop the experiment. You'd have to go to each and every website that uses this pin and remove it.

It's easy to stop.  A browser that doesn't want to support named pins
could ignore any HPKP headers containing them.  If all browsers do
this, then HPKP is back to pure-SPKI pinning.


>> If named pinning proves useful and lots of other CAs and browsers want
>> to sign up, a more scaleable process can be designed then.
>
> If I was assigned to do the SecDir review on this, I would push back on this.

Why?


Trevor

v2.23.0 | Report a Bug | By Email