Re: [websec] Certificate Pinning via HSTS (.txt version)
Phillip Hallam-Baker <hallam@gmail.com> Wed, 14 September 2011 13:12 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 804C021F8BE9 for <websec@ietfa.amsl.com>; Wed, 14 Sep 2011 06:12:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.636
X-Spam-Level:
X-Spam-Status: No, score=-2.636 tagged_above=-999 required=5 tests=[AWL=-0.704, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, SARE_HTML_USL_OBFU=1.666]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 20K4eNDRTdqt for <websec@ietfa.amsl.com>; Wed, 14 Sep 2011 06:11:56 -0700 (PDT)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id 4D03721F8BE8 for <websec@ietf.org>; Wed, 14 Sep 2011 06:11:56 -0700 (PDT)
Received: by gyd12 with SMTP id 12so1539292gyd.31 for <websec@ietf.org>; Wed, 14 Sep 2011 06:14:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=74/rduiXmE91rZuFfpDX90S0nrR3Ud0upwlfJIw/lrs=; b=kEfK4Y8ld4NcUT4+CdUQzZXEN3siMjAIj2gy9QP+QZrFlmeJqJUAB+pQplgfikUWTy 8SugRrSQ5+uTt+/LTEsVIXaPV7qCDEhWToBIPF1Hy0E3otS3aZqNY56ZZUavmU0e8KBi bYkcC0DZV625ETpYzFaWA/F/8IFgLMdDuzcjM=
MIME-Version: 1.0
Received: by 10.100.55.34 with SMTP id d34mr1084715ana.30.1316006044987; Wed, 14 Sep 2011 06:14:04 -0700 (PDT)
Received: by 10.100.120.20 with HTTP; Wed, 14 Sep 2011 06:14:04 -0700 (PDT)
In-Reply-To: <4E6FD975.9010502@extendedsubset.com>
References: <4E6E9B77.1020802@KingsMountain.com> <4E6F9DC6.2080006@stpeter.im> <FA8A58ED-DD2B-446B-9F01-9D1D25140569@checkpoint.com> <4E6FB7CB.3020309@extendedsubset.com> <CAOuvq20H+pG1AF0u-=-Ow9oR=uGRb-wDwrFE6dPmT=HbvnO6VA@mail.gmail.com> <6D3E0CA6-E990-4D89-9AEE-C03066D0656E@gmail.com> <4E6FD975.9010502@extendedsubset.com>
Date: Wed, 14 Sep 2011 09:14:04 -0400
Message-ID: <CAMm+LwhEZKCHESwndkFCi8GUsC00a0x+QuEHv_J4esnwz2z+ag@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Marsh Ray <marsh@extendedsubset.com>
Content-Type: multipart/alternative; boundary="001485f6d9f4d5724004ace688b6"
Cc: IETF WebSec WG <websec@ietf.org>
Subject: Re: [websec] Certificate Pinning via HSTS (.txt version)
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Sep 2011 13:12:01 -0000
I totally agree that this is a feasible attack. It has been seen on a very large scale, Russia did a BGP redirect at a country level in their dispute with Georgia. DNSSEC on A records alone is practically worthless. There is some value but not a great deal. Most DNS attacks have been persuading registrars to put bad data into the system. On Tue, Sep 13, 2011 at 6:30 PM, Marsh Ray <marsh@extendedsubset.com> wrote: > On 09/13/2011 04:24 PM, davidillsley@gmail.com wrote: > >> >> On 13 Sep 2011, at 21:35, Chris Palmer wrote: >> >>> <snip> >>> sites; small sites may have to choose no pinning or potentially >>> bricking their site (up to the maxAge window). This is not worse than >>> the status quo.""" >>> >> >> What about sites which don't currently use https at all? The DNS records >> for theregister.co.uk <http://theregister.co.uk> were redirected the >> >> other week. An attacker who could do that could redirect to https, then >> set a very long max-age pin. At that point, they'd be dependent on the >> browser vendor unpinning affected users, right? >> > > Wouldn't they have to acquire a valid cert first? Not saying that's out of > the realm of possibility, but... > > I think you have a point. The whole premise of this is that there are > circumstances under which some attacker can obtain such a cert. If this > feature translates to a risk of perma-DoS for the (100.0 - epsilon)% of > sites that don't adopt it immediately then it may be more dangerous than > it's worth. > > Consider an adversarial country like, say, Bananastan. They have an ISP or > three, their own CA, and of course, no sense of humor. > > They may one day be subject to some criticisms in the online press which > they perceive as unfair. Or maybe something on a video sharing site is > contrary to their customs and traditions. > > So their local judge orders their local ISP to block the offending media > provider. The ISP does this by advertising more specific BGP routes for the > video site's netblocks(1). > > Being mostly streaming data of little consequence, the video site has not > yet set up HSTS or even has full support for HTTPS (2). > > The ISP also sets the country's DNS resolvers to reply to name requests for > the site with an IP address of a webserver where citizens can receive > educational information(3). > > To be sure they get everybody, they do something I didn't know could be > done with DNS (4). > > In order to save the the misguided users that accidentally used a > subversive https: bookmark, the court orders the local CA to "do what it > takes to make it work"(5). > > And just to be sure the message sticks, they set a long term HSTS pin on > this cert and/or their CA (6). > > Hilarity ensues. > > - Marsh > > > > 1. YouTube - Pakistan - 2008 > http://www.circleid.com/posts/**82258_pakistan_hijacks_** > youtube_closer_look<http://www.circleid.com/posts/82258_pakistan_hijacks_youtube_closer_look> > http://www.ripe.net/internet-**coordination/news/industry-** > developments/youtube-**hijacking-a-ripe-ncc-ris-case-**study<http://www.ripe.net/internet-coordination/news/industry-developments/youtube-hijacking-a-ripe-ncc-ris-case-study> > > 2. http://youtube.com/ > > > 3. http://web.archive.org/web/**20060418030141/http://** > chinadigitaltimes.net/2006/01/**image_of_internet_police_** > jingjing_and_chacha_online_**hon.php<http://web.archive.org/web/20060418030141/http://chinadigitaltimes.net/2006/01/image_of_internet_police_jingjing_and_chacha_online_hon.php> > > > 4. China - 2010 > https://lists.dns-oarc.net/**pipermail/dns-operations/2010-** > March/005260.html<https://lists.dns-oarc.net/pipermail/dns-operations/2010-March/005260.html> > http://www.zdnet.co.uk/news/**networking/2010/10/11/mystery-** > of-web-traffic-redirect-to-**china-remains-unsolved-**40090476/<http://www.zdnet.co.uk/news/networking/2010/10/11/mystery-of-web-traffic-redirect-to-china-remains-unsolved-40090476/> > > > 5. [...] > > > 6. Why wouldn't this attack work? > > > ______________________________**_________________ > websec mailing list > websec@ietf.org > https://www.ietf.org/mailman/**listinfo/websec<https://www.ietf.org/mailman/listinfo/websec> > -- Website: http://hallambaker.com/
- Re: [websec] Certificate Pinning via HSTS (.txt v… =JeffH
- Re: [websec] Certificate Pinning via HSTS (.txt v… Chris Palmer
- Re: [websec] Certificate Pinning via HSTS (.txt v… Peter Saint-Andre
- Re: [websec] Certificate Pinning via HSTS (.txt v… =JeffH
- Re: [websec] Certificate Pinning via HSTS (.txt v… Yoav Nir
- Re: [websec] Certificate Pinning via HSTS (.txt v… Daniel Kahn Gillmor
- Re: [websec] Certificate Pinning via HSTS (.txt v… Marsh Ray
- Re: [websec] Certificate Pinning via HSTS (.txt v… Chris Palmer
- Re: [websec] Certificate Pinning via HSTS (.txt v… Chris Palmer
- Re: [websec] Certificate Pinning via HSTS (.txt v… Gervase Markham
- Re: [websec] Certificate Pinning via HSTS (.txt v… Steingruebl, Andy
- Re: [websec] Certificate Pinning via HSTS (.txt v… Marsh Ray
- Re: [websec] Certificate Pinning via HSTS (.txt v… Chris Palmer
- Re: [websec] Certificate Pinning via HSTS (.txt v… Phillip Hallam-Baker
- Re: [websec] Certificate Pinning via HSTS (.txt v… davidillsley
- Re: [websec] Certificate Pinning via HSTS (.txt v… Marsh Ray
- Re: [websec] Certificate Pinning via HSTS (.txt v… Phillip Hallam-Baker
- Re: [websec] Certificate Pinning via HSTS (.txt v… davidillsley
- Re: [websec] Certificate Pinning via HSTS (.txt v… SM
- Re: [websec] Certificate Pinning via HSTS (.txt v… Chris Palmer
- Re: [websec] Certificate Pinning via HSTS (.txt v… Yoav Nir
- Re: [websec] Certificate Pinning via HSTS (.txt v… Phillip Hallam-Baker