IETF Logo Mail Archive

Re: [websec] HPKP: The strict directive and TLS proxies

Chris Palmer <palmer@google.com> Tue, 26 November 2013 03:41 UTC

Return-Path: <palmer@google.com>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CCAB41ADFC6 for <websec@ietfa.amsl.com>; Mon, 25 Nov 2013 19:41:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.38
X-Spam-Level:
X-Spam-Status: No, score=-1.38 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ADEMN8sq9mbl for <websec@ietfa.amsl.com>; Mon, 25 Nov 2013 19:41:03 -0800 (PST)
Received: from mail-ie0-x235.google.com (mail-ie0-x235.google.com [IPv6:2607:f8b0:4001:c03::235]) by ietfa.amsl.com (Postfix) with ESMTP id 2EBD61ADFC3 for <websec@ietf.org>; Mon, 25 Nov 2013 19:41:02 -0800 (PST)
Received: by mail-ie0-f181.google.com with SMTP id e14so8123678iej.40 for <websec@ietf.org>; Mon, 25 Nov 2013 19:41:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=/TK/VWh+PgMtMcdDO9VfuM045FwpQDDG8bcKL4Xw4w4=; b=S6EEMGX5jALlAahSm8EuGocYajWisfTbpduqALjgvplKBq+Fzj6kmlJpxqxrGnYHO5 vnEl5oG0Htr7nSeF4ZtU1NkjVhXojrUvzffZE67bWK9a2Phq52BqUBa7opzLiIO8uYSy HH2WHrPDJt/MhMakDq/lnDUfOLkflrNXEt6hXPm5sr1jYegtDGPf7/4ch/HDzITydmWG qe//jM53jCHFLaV5fFqfByLg2cQqkGEBTMVG/sQmpWEU8uzdrKK8XRY7HTmL5ME6aFzG tmfjZLGB3i6KWwQUJsUjYnotp0il+pWxSX7rztj6H6tthL5l9Wb39NjuGvR4c27j17J/ 5v2w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=/TK/VWh+PgMtMcdDO9VfuM045FwpQDDG8bcKL4Xw4w4=; b=mM+gpZVf0M5Je7fsSyb94hd/u7E2KLEgHpEzLEuelqKRGeQ3mfvc/F9l1i2S/nUtEh eUBKVrRKWw9FKwo3JgbFX8awnykAc5LoK2wPJjEiL6ZlJGS9/3qwxdbVEniH+50THwzH GrPQIgbThPtxzuD+z5de+GJu0/7pjAre5OYQAP6+qXzdqn85/Xh3IrPcgrT4bfdsggZ+ KfrSQVqMle1AKmdV/5yX/G00WF2sGSs/m8dAWEOIatoBN+dVGs9zHLbnQv2rN/PoLcoC rYuB5s5c4AkhGxZJCMeLYJqBuA+q4Bvr9W7TqMtSOKwCm3NfazHwHvPbb11iPoBa6t/+ MT1A==
X-Gm-Message-State: ALoCoQntY/es0GkKK1C1+t6CEgLayuPfcwaGt5xNNDpGPlMHXAX5SIdi44xX4q9xeM/3FJ06ke/RIMIi7Lsaev8UgOi3PEpE6Wdj+HosGKtL4xnZf5+PafFoZofZX9uV+3SWZeNByqnf/iXEmUbY943BAFgWa0qCRe3rz3Aq06Y8672xfupG1q4yppIGl5pwo/7AA1XRC/Nm
MIME-Version: 1.0
X-Received: by 10.50.16.45 with SMTP id c13mr15131008igd.55.1385437262666; Mon, 25 Nov 2013 19:41:02 -0800 (PST)
Received: by 10.64.81.70 with HTTP; Mon, 25 Nov 2013 19:41:02 -0800 (PST)
In-Reply-To: <BLU0-SMTP1502D31ECD1444DD25AF018B1E60@phx.gbl>
References: <47CAE73E-1D48-42CF-8D75-3B9A50C286FD@checkpoint.com> <D8A135CD-E9CD-4483-A624-3D39D76E0D91@checkpoint.com> <8eea8853462937ad59b0619cca9c4953.squirrel@webmail.dreamhost.com> <BLU0-SMTP1502D31ECD1444DD25AF018B1E60@phx.gbl>
Date: Mon, 25 Nov 2013 19:41:02 -0800
Message-ID: <CAOuvq22aMYifxq1twm80tY5MPEz5GqekVFf-2S9cNeouPF-n5g@mail.gmail.com>
From: Chris Palmer <palmer@google.com>
To: Yoav Nir <synp71@live.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: IETF WebSec WG <websec@ietf.org>
Subject: Re: [websec] HPKP: The strict directive and TLS proxies
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec/>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Nov 2013 03:41:05 -0000

On Wed, Nov 20, 2013 at 1:36 PM, Yoav Nir <synp71@live.com> wrote:

>> As I recall (perhaps incorrectly), our takeaway from IETF 86 was the
>> removal of the 'strict' directive, since the notion of having a remote
>> server provide a directive to override local policy is just escalating a
>> policy arms race.
>
> That was issue #53. It was closed, and there was no consensus to remove
> 'strict'. The only things missing from the draft is the closing of #57-#60.

Issue 53 (http://tools.ietf.org/wg/websec/trac/ticket/53) was not
quite about the policy arms race.

The policy arms race between public web site www.example.com and a
given client's filtering TLS proxy is over: if the client legitimately
trusts the TLS proxy (e.g. the TLS proxy's trust anchor is installed
in the client's trust anchor store), then www.example.com cannot
enforce its policy on the client; in effect, the proxy is the true
client. On the other hand, if the client does *not* trust the TLS
proxy, then the proxy will be "caught" either by pinning or by the
usual "The server presented a certificate your operating system does
not trust" warning screen. So I don't think it is possible or sane to
promise to site operators that they can deny MITM powers to MITMs that
the client trusts.

As I (think we) intended it, strict was to mean "bypass the local
policy of not applying pinning to chains that chain to local trust
anchors" — i.e. as a way of allowing sites that install their own
trust anchors on machines to also pin the keys of the servers that the
local trust anchor signs. This would be for enterprises that want to
have their own PKI and also strictly enforce it (to ensure that, e.g.,
internal.example.com never chains to a public anchor). The utility of
this is debatable (but, I would argue, more than 0... potentially).

There is a new draft -09 in our Git repo at
https://code.google.com/p/key-pinning-draft/source/browse/draft-ietf-websec-key-pinning.xml.
Any thoughts before I actually put it in the IETF tracker as the real
-09?

v2.23.0 | Report a Bug | By Email