IETF Logo Mail Archive

Re: [websec] Digest URI scheme

Phillip Hallam-Baker <hallam@gmail.com> Fri, 30 September 2011 01:52 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A7B121F8AED for <websec@ietfa.amsl.com>; Thu, 29 Sep 2011 18:52:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.48
X-Spam-Level:
X-Spam-Status: No, score=-3.48 tagged_above=-999 required=5 tests=[AWL=0.119, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zr2L8HvethyR for <websec@ietfa.amsl.com>; Thu, 29 Sep 2011 18:52:15 -0700 (PDT)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id 9017221F8AEC for <websec@ietf.org>; Thu, 29 Sep 2011 18:52:15 -0700 (PDT)
Received: by gyd12 with SMTP id 12so1355979gyd.31 for <websec@ietf.org>; Thu, 29 Sep 2011 18:55:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=AZG0PBAjoxwDgNbHC38Cld9f1vIiiAgug1D0cmts88k=; b=NL+6c49ezAoMc8f2Z3jYW8INVz32vC4w2D1O1iHqxOU0i24gV7W9R2qtmeyoAEnEuh kVJ8aRlT0Hm7vgADPJcY9VHhIKM96WSWQ9EUikrjSkFQe1nCTEMo5HIbOBYS0uItlVb1 nCmiwBwV6P2IG1eMaUo5IcCjhZyXAwlOCL5C4=
MIME-Version: 1.0
Received: by 10.101.208.2 with SMTP id k2mr10068401anq.8.1317347707917; Thu, 29 Sep 2011 18:55:07 -0700 (PDT)
Received: by 10.100.212.14 with HTTP; Thu, 29 Sep 2011 18:55:07 -0700 (PDT)
In-Reply-To: <7bd9badd19e0e9296750117013a93aa0.squirrel@webmail.scss.tcd.ie>
References: <CAMm+LwjrW=yZCfvsqtBP48ZYJ=-XHMxCGaX=4-+vicetPbLGxQ@mail.gmail.com> <7bd9badd19e0e9296750117013a93aa0.squirrel@webmail.scss.tcd.ie>
Date: Thu, 29 Sep 2011 21:55:07 -0400
Message-ID: <CAMm+LwhHDFU3_RxrdcdAAr5pTKMC6UWP-RRN2SNuD22=-pir2g@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: stephen.farrell@cs.tcd.ie
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: websec <websec@ietf.org>
Subject: Re: [websec] Digest URI scheme
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Sep 2011 01:52:16 -0000

Come to think of it, didn't you send this to us when we first proposed
the ODI thing in CAA v1.0?


I really don't care about the specifics of the design half so much as
we end up with having one, not three.

Only real issue for me is that it has to fit in URI type slots. The
scheme I was thinking of would be a pure URN scheme, your proposal
includes URL like things.

Clearly, your scheme is a better way to reference external content in
a resolvable format. I have to go look at the URN and URI specs again
in detail.


I note that you have a content type, which I have but someone here was
objecting to. I consider the content type to be essential meta-data
for obvious security reasons.


You want to share your design issue here or should we go offline, rev
the proposal and come back?




On Thu, Sep 29, 2011 at 6:00 PM,  <stephen.farrell@cs.tcd.ie> wrote:
>
> <no hats>
>
> I agree with the motivation but not the design. A while ago
> I posted my idea for a design for this. [1] It may become a
> work item for the DECADE WG, ... or not, we'll see.
>
> S.
>
> [1] http://tools.ietf.org/html/draft-farrell-ni-00
>
>
>> As I mentioned previously, the need to refer to a static data object
>> by means of a digest comes up frequently. Rather than re-invent the
>> mechanism for creating a reference each time we need one, it would be
>> better if we had a single format that could be re-used.
>>
>> We used to have this back in the days when we trusted MD5 since we
>> used that everywhere as a 'fingerprint'. Then things got muddy after
>> the Dobertin attack and it became SHA1 and MD5. With SHA2 vs SHA3 it
>> will be very muddy.
>>
>> This would be relevant to the cert pinning debate.
>>
>>
>> I wrote a draft making the proposal:
>>
>> http://www.ietf.org/id/draft-hallambaker-digesturi-00.txt
>>
>>
>> On the digest front the objective would be to make it possible to use
>> the URI format with any digest at all in theory but strongly encourage
>> people to only use the digests IETF is confident in. Use of OIDs as
>> the identifier has the nice property that anyone can get an identifier
>> to distinguish their algorithm from other people's but getting an OID
>> does not produce any paper trail that can be used to imply an IETF
>> endorsement.
>>
>> We could add in support for the text based identifiers as well, but
>> since the only identifiers that I would want to encourage are SHA2 and
>> SHA3, I don't see a need. For all applications that make sense it is
>> going to be perfectly OK to simply generate the prefix for the
>> identifier part as a static array of octets and append / verify it as
>> such whenever it is needed. I do not see any need to write ASN.1
>> handling code for these apps :-)
>>
>>
>> The basic idea here is that we need to allow for algorithm agility and
>> to prevent a content substitution attack. So imagine that we have web
>> page A linking to some off site static content via a digest. Site A
>> regards the static content as a PNG and has checked out the page and
>> it works fine. What they don't know is that buried in the PNG there is
>> some malicious Jscript and if the content server delivers it as
>> application/script the result will be a series of syntax errors (that
>> are silently ignored because the app is stupid)  and then it finds the
>> malicious code... ooops.
>>
>> OK, so maybe not an attack that you find to be a worry in every
>> circumstance, but it is definitely an attack vector we should address
>> in a general purpose crypto building block.
>>
>>
>> Having produced a static building block like this it is very easy to
>> generate a fingerprint for a static data object in a cut and paste
>> ready format. I don't need a separate tool to generate digest
>> identifiers for WebSec vs other applications. In terms of ease of use
>> we get back to what things were like when we used MD5 fingerprints.
>>
>> It is also quite easy to make use of truncated fingerprints should
>> that be necessary. For example, to put on a business card.
>>
>> --
>> Website: http://hallambaker.com/
>> _______________________________________________
>> websec mailing list
>> websec@ietf.org
>> https://www.ietf.org/mailman/listinfo/websec
>>
>
>
>



-- 
Website: http://hallambaker.com/

v2.23.0 | Report a Bug | By Email