IETF Logo Mail Archive

Re: [websec] Certificate Pinning via HSTS (.txt version)

Phillip Hallam-Baker <hallam@gmail.com> Wed, 14 September 2011 13:12 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 804C021F8BE9 for <websec@ietfa.amsl.com>; Wed, 14 Sep 2011 06:12:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.636
X-Spam-Level:
X-Spam-Status: No, score=-2.636 tagged_above=-999 required=5 tests=[AWL=-0.704, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, SARE_HTML_USL_OBFU=1.666]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 20K4eNDRTdqt for <websec@ietfa.amsl.com>; Wed, 14 Sep 2011 06:11:56 -0700 (PDT)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id 4D03721F8BE8 for <websec@ietf.org>; Wed, 14 Sep 2011 06:11:56 -0700 (PDT)
Received: by gyd12 with SMTP id 12so1539292gyd.31 for <websec@ietf.org>; Wed, 14 Sep 2011 06:14:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=74/rduiXmE91rZuFfpDX90S0nrR3Ud0upwlfJIw/lrs=; b=kEfK4Y8ld4NcUT4+CdUQzZXEN3siMjAIj2gy9QP+QZrFlmeJqJUAB+pQplgfikUWTy 8SugRrSQ5+uTt+/LTEsVIXaPV7qCDEhWToBIPF1Hy0E3otS3aZqNY56ZZUavmU0e8KBi bYkcC0DZV625ETpYzFaWA/F/8IFgLMdDuzcjM=
MIME-Version: 1.0
Received: by 10.100.55.34 with SMTP id d34mr1084715ana.30.1316006044987; Wed, 14 Sep 2011 06:14:04 -0700 (PDT)
Received: by 10.100.120.20 with HTTP; Wed, 14 Sep 2011 06:14:04 -0700 (PDT)
In-Reply-To: <4E6FD975.9010502@extendedsubset.com>
References: <4E6E9B77.1020802@KingsMountain.com> <4E6F9DC6.2080006@stpeter.im> <FA8A58ED-DD2B-446B-9F01-9D1D25140569@checkpoint.com> <4E6FB7CB.3020309@extendedsubset.com> <CAOuvq20H+pG1AF0u-=-Ow9oR=uGRb-wDwrFE6dPmT=HbvnO6VA@mail.gmail.com> <6D3E0CA6-E990-4D89-9AEE-C03066D0656E@gmail.com> <4E6FD975.9010502@extendedsubset.com>
Date: Wed, 14 Sep 2011 09:14:04 -0400
Message-ID: <CAMm+LwhEZKCHESwndkFCi8GUsC00a0x+QuEHv_J4esnwz2z+ag@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Marsh Ray <marsh@extendedsubset.com>
Content-Type: multipart/alternative; boundary="001485f6d9f4d5724004ace688b6"
Cc: IETF WebSec WG <websec@ietf.org>
Subject: Re: [websec] Certificate Pinning via HSTS (.txt version)
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Sep 2011 13:12:01 -0000

I totally agree that this is a feasible attack. It has been seen on a very
large scale, Russia did a BGP redirect at a country level in their dispute
with Georgia.

DNSSEC on A records alone is practically worthless. There is some value but
not a great deal. Most DNS attacks have been persuading registrars to put
bad data into the system.



On Tue, Sep 13, 2011 at 6:30 PM, Marsh Ray <marsh@extendedsubset.com> wrote:

> On 09/13/2011 04:24 PM, davidillsley@gmail.com wrote:
>
>>
>> On 13 Sep 2011, at 21:35, Chris Palmer wrote:
>>
>>> <snip>
>>> sites; small sites may have to choose no pinning or potentially
>>> bricking their site (up to the maxAge window). This is not worse than
>>> the status quo."""
>>>
>>
>> What about sites which don't currently use https at all? The DNS records
>> for theregister.co.uk <http://theregister.co.uk> were redirected the
>>
>> other week. An attacker who could do that could redirect to https, then
>> set a very long max-age pin. At that point, they'd be dependent on the
>> browser vendor unpinning affected users, right?
>>
>
> Wouldn't they have to acquire a valid cert first? Not saying that's out of
> the realm of possibility, but...
>
> I think you have a point. The whole premise of this is that there are
> circumstances under which some attacker can obtain such a cert. If this
> feature translates to a risk of perma-DoS for the (100.0 - epsilon)% of
> sites that don't adopt it immediately then it may be more dangerous than
> it's worth.
>
> Consider an adversarial country like, say, Bananastan. They have an ISP or
> three, their own CA, and of course, no sense of humor.
>
> They may one day be subject to some criticisms in the online press which
> they perceive as unfair. Or maybe something on a video sharing site is
> contrary to their customs and traditions.
>
> So their local judge orders their local ISP to block the offending media
> provider. The ISP does this by advertising more specific BGP routes for the
> video site's netblocks(1).
>
> Being mostly streaming data of little consequence, the video site has not
> yet set up HSTS or even has full support for HTTPS (2).
>
> The ISP also sets the country's DNS resolvers to reply to name requests for
> the site with an IP address of a webserver where citizens can receive
> educational information(3).
>
> To be sure they get everybody, they do something I didn't know could be
> done with DNS (4).
>
> In order to save the the misguided users that accidentally used a
> subversive https: bookmark, the court orders the local CA to "do what it
> takes to make it work"(5).
>
> And just to be sure the message sticks, they set a long term HSTS pin on
> this cert and/or their CA (6).
>
> Hilarity ensues.
>
> - Marsh
>
>
>
> 1. YouTube - Pakistan - 2008
> http://www.circleid.com/posts/**82258_pakistan_hijacks_**
> youtube_closer_look<http://www.circleid.com/posts/82258_pakistan_hijacks_youtube_closer_look>
> http://www.ripe.net/internet-**coordination/news/industry-**
> developments/youtube-**hijacking-a-ripe-ncc-ris-case-**study<http://www.ripe.net/internet-coordination/news/industry-developments/youtube-hijacking-a-ripe-ncc-ris-case-study>
>
> 2. http://youtube.com/
>
>
> 3. http://web.archive.org/web/**20060418030141/http://**
> chinadigitaltimes.net/2006/01/**image_of_internet_police_**
> jingjing_and_chacha_online_**hon.php<http://web.archive.org/web/20060418030141/http://chinadigitaltimes.net/2006/01/image_of_internet_police_jingjing_and_chacha_online_hon.php>
>
>
> 4. China - 2010
> https://lists.dns-oarc.net/**pipermail/dns-operations/2010-**
> March/005260.html<https://lists.dns-oarc.net/pipermail/dns-operations/2010-March/005260.html>
> http://www.zdnet.co.uk/news/**networking/2010/10/11/mystery-**
> of-web-traffic-redirect-to-**china-remains-unsolved-**40090476/<http://www.zdnet.co.uk/news/networking/2010/10/11/mystery-of-web-traffic-redirect-to-china-remains-unsolved-40090476/>
>
>
> 5. [...]
>
>
> 6. Why wouldn't this attack work?
>
>
> ______________________________**_________________
> websec mailing list
> websec@ietf.org
> https://www.ietf.org/mailman/**listinfo/websec<https://www.ietf.org/mailman/listinfo/websec>
>



-- 
Website: http://hallambaker.com/

v2.23.0 | Report a Bug | By Email