[websec] Feedback on draft-ietf-websec-key-pinning-01
davidillsley@gmail.com Sun, 11 December 2011 13:04 UTC
Return-Path: <davidillsley@gmail.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C63321F8540 for <websec@ietfa.amsl.com>; Sun, 11 Dec 2011 05:04:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.14
X-Spam-Level:
X-Spam-Status: No, score=-1.14 tagged_above=-999 required=5 tests=[BAYES_20=-0.74, J_CHICKENPOX_46=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oHWFyE7cqgt6 for <websec@ietfa.amsl.com>; Sun, 11 Dec 2011 05:04:09 -0800 (PST)
Received: from mail-ww0-f42.google.com (mail-ww0-f42.google.com [74.125.82.42]) by ietfa.amsl.com (Postfix) with ESMTP id 4DC8521F851F for <websec@ietf.org>; Sun, 11 Dec 2011 05:04:09 -0800 (PST)
Received: by wgbds13 with SMTP id ds13so6464872wgb.1 for <websec@ietf.org>; Sun, 11 Dec 2011 05:04:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=from:content-type:content-transfer-encoding:subject:date:message-id :to:mime-version:x-mailer; bh=wpbhuoRe7ZHaU155BCmZUy9zDCeuB1ozjsn22hWu4pU=; b=pRCxJlyGBh9cIIoiGu/IkpwrkF0rWyqrTgEm/76437B4N2v5VEvZwC3S5THKysGfgE MKMPeyOV1Getv+HUZX41PCaBl35PpC9yIaLfDgcOdNtBezpIc2BKFWwx06F809dbm7Gk 7UoKIv2heFz9cmC3elQWrr3bs4HsqXA4Ybm1o=
Received: by 10.180.103.36 with SMTP id ft4mr18108686wib.59.1323608648440; Sun, 11 Dec 2011 05:04:08 -0800 (PST)
Received: from [10.72.156.152] ([217.39.4.84]) by mx.google.com with ESMTPS id u5sm19732179wbm.2.2011.12.11.05.04.04 (version=TLSv1/SSLv3 cipher=OTHER); Sun, 11 Dec 2011 05:04:06 -0800 (PST)
From: davidillsley@gmail.com
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Sun, 11 Dec 2011 13:03:31 +0000
Message-Id: <7C746AD7-9448-4883-9A30-85A2E72C8AF5@gmail.com>
To: IETF WebSec WG <websec@ietf.org>
Mime-Version: 1.0 (Apple Message framework v1251.1)
X-Mailer: Apple Mail (2.1251.1)
Subject: [websec] Feedback on draft-ietf-websec-key-pinning-01
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 11 Dec 2011 13:04:10 -0000
Hi all, It's good to see the progress in draft-ietf-websec-key-pinning-01. I'm still concerned about the impact of pinning on non-pinned domains, and don't see anything present to warn about or mitigate this. Apologies if I've missed discussion of this on-list/in the archives. My concern centers on domains which aren't currently secured, and in the current environment (IMHO) reasonably so e.g. news.bbc.co.uk or theregister.co.uk With pinning, if they lose control of their DNS*, visitors during that period can be HSTS+pinned to a certificate which the domain owner has no access to, leading them open to long-term denial of service (beyond reclamation of DNS) or extortion. There's a variant with TLS enabled sites without pinning which could still be pinned to keys which the domain owner doesn't have access to. There are a few responses to this I can think of: 1. It's 2011/2012... everyone should be using TLS+HSTS+Pinning 2. It's fine - important sites will have decent pull with browser vendors to ship unlock pins... 3. Modify the spec to make the vulnerability smaller 1 may be a valid response, but in that case, I think the spec should call out this potential vulnerability in section 3 and highlight that the only complete mitigation is to go to TLS+HSTS+Pinning. I think it's important to call out to implementors this possibility, and that they might have to deal with something like (2). 2 isn't really a solution and doesn't sit well as inevitably smaller sites won't have as good a pull with vendors and could be disadvantaged. Also, I doubt the vendors really want to get into the game of identifying this game. My only thought for 3 is to narrow the vulnerability by softening/not enforcing the pin until it's seen multiple times over at least some minimum period of time in which a DNS etc problem is likely to be rectified. There's already a bootstrapping hole, and I don't know that widening it by a small time period is a huge deal. Cheers, David * once your registrar is compromised and nameservers changed, getting a DV cert is trivial for the attacker
- [websec] Feedback on draft-ietf-websec-key-pinnin… davidillsley
- [websec] A few comments on draft-ietf-websec-key-… Paul Hoffman
- Re: [websec] A few comments on draft-ietf-websec-… Stephen Farrell
- Re: [websec] A few comments on draft-ietf-websec-… Yoav Nir
- Re: [websec] A few comments on draft-ietf-websec-… Paul Hoffman
- Re: [websec] A few comments on draft-ietf-websec-… Yoav Nir
- Re: [websec] A few comments on draft-ietf-websec-… Marsh Ray
- Re: [websec] A few comments on draft-ietf-websec-… Paul Hoffman
- Re: [websec] A few comments on draft-ietf-websec-… Yoav Nir
- Re: [websec] A few comments on draft-ietf-websec-… Tony Hansen
- Re: [websec] A few comments on draft-ietf-websec-… Yoav Nir
- Re: [websec] Feedback on draft-ietf-websec-key-pi… Chris Palmer
- Re: [websec] A few comments on draft-ietf-websec-… Marsh Ray
- Re: [websec] A few comments on draft-ietf-websec-… Yoav Nir
- Re: [websec] Feedback on draft-ietf-websec-key-pi… David Illsley