Re: [websec] Certificate Pinning via HSTS
Daniel Kahn Gillmor <dkg@fifthhorseman.net> Wed, 14 September 2011 15:10 UTC
Return-Path: <dkg@fifthhorseman.net>
X-Original-To: websec@ietfa.amsl.com
Delivered-To: websec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C8E621F8B71 for <websec@ietfa.amsl.com>; Wed, 14 Sep 2011 08:10:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.479
X-Spam-Level:
X-Spam-Status: No, score=-2.479 tagged_above=-999 required=5 tests=[AWL=0.120, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rR8V33cJvGSd for <websec@ietfa.amsl.com>; Wed, 14 Sep 2011 08:10:57 -0700 (PDT)
Received: from che.mayfirst.org (che.mayfirst.org [209.234.253.108]) by ietfa.amsl.com (Postfix) with ESMTP id 5FDFB21F8B84 for <websec@ietf.org>; Wed, 14 Sep 2011 08:10:57 -0700 (PDT)
Received: from [192.168.23.207] (dsl254-070-154.nyc1.dsl.speakeasy.net [216.254.70.154]) by che.mayfirst.org (Postfix) with ESMTPSA id DF0E0F970; Wed, 14 Sep 2011 11:12:58 -0400 (EDT)
Message-ID: <4E70C4AB.7050206@fifthhorseman.net>
Date: Wed, 14 Sep 2011 11:13:47 -0400
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:5.0) Gecko/20110807 Icedove/5.0
MIME-Version: 1.0
To: Phillip Hallam-Baker <hallam@gmail.com>
References: <CAOuvq22p2qNnXRsK=PS=mxknnq4MrCWt0Np-N8su-iHXaWHqpg@mail.gmail.com> <4E6F5056.800@fifthhorseman.net> <CAOuvq22E-OvU_53gf_go8Nf_jXX_=wbTf7rn2XEa+GAWHTU+7w@mail.gmail.com> <4E70A8F8.80102@fifthhorseman.net> <CAMm+Lwj4LMjivR0nHWQ4eqkTz_WVTq8w5+QWGPSOat0KgvM3HA@mail.gmail.com>
In-Reply-To: <CAMm+Lwj4LMjivR0nHWQ4eqkTz_WVTq8w5+QWGPSOat0KgvM3HA@mail.gmail.com>
X-Enigmail-Version: 1.2.1
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="------------enig59D969115E03CB39ED0224AB"
Cc: Chris Evans <cevans@google.com>, IETF WebSec WG <websec@ietf.org>
Subject: Re: [websec] Certificate Pinning via HSTS
X-BeenThere: websec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: IETF WebSec WG <websec@ietf.org>
List-Id: Web Application Security Minus Authentication and Transport <websec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/websec>, <mailto:websec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/websec>
List-Post: <mailto:websec@ietf.org>
List-Help: <mailto:websec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/websec>, <mailto:websec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Sep 2011 15:10:58 -0000
On 09/14/2011 09:46 AM, Phillip Hallam-Baker wrote: > It gives you scaling and administrative convenience. > > If you have 10,000 hosts in your enterprise network you really do not want > to have to be managing trust on a per host level. You're not "managing trust on a per host level" -- you're managing *identity* on a per-host level, which is exactly what it should be. If you have 10K hosts, you need to think clearly about the identity presented by each of those hosts. > Now consider the case > where you are renting your compute power in the cloud and so the machine > instances are existing for a few hours at a time. > > Any scheme that insists on only tying to the EE cert or key is going to > create a major operational headache for those sites. It is really easy to > design a scheme that is easy to administer. is it more of an operational headache to get an external CA to sign a new key for each host each time it comes up "for a few hours"? or to just push the relevant pre-existing keys+certificates onto the hosts in question? > It is also going to cause huge amounts of state that the client has to > manage. If you have 10,000 front end web servers you are going to need > 10,000 different client keys to do the job right. eh? why? if these are front-end web servers hosting the same service, wouldn't they just share a key (and a certificate)? The only large organization i know of that uses one key per server is citibank, and many people are making decent arguments that this is problematic for other methods of identity verification (e.g. Perspectives and Convergence plugins) > So what most of the large enterprises would likely do if they introduced any > form of security policy would be to have a private CA run up that is an > intermediate in a larger hierarchy. Sure, as i pointed out, the only reason you'd want to pin a CA is if the CA is under your own organization's direct control. > This is why the bogus EFF study came up > with the absurd number of 600 CAs. What they have never come clean on is the > fact that 150 of those 'CAs' are in fact merely intermediate roots tied to a > single customer that are managed in the same infrastructure as the root CA > operations. if those intermediate authorities are not explicitly domain-restricted *in their own certificate*, then yes -- the risk is larger. i don't > What pinning to a CA does raise is the absolute need to have the ability to > pin more than one CA at a time. i think for rollover purposes, you already need to be able to pin multiple certs if you're pinning an EE. Still unconvinced, --dkg
- [websec] Certificate Pinning via HSTS Chris Palmer
- Re: [websec] Certificate Pinning via HSTS Richard L. Barnes
- Re: [websec] Certificate Pinning via HSTS SM
- Re: [websec] Certificate Pinning via HSTS =JeffH
- Re: [websec] Certificate Pinning via HSTS Richard L. Barnes
- Re: [websec] Certificate Pinning via HSTS Marsh Ray
- Re: [websec] Certificate Pinning via HSTS Yoav Nir
- Re: [websec] Certificate Pinning via HSTS Adam Langley
- Re: [websec] Certificate Pinning via HSTS James Nicoll
- Re: [websec] Certificate Pinning via HSTS Adam Langley
- Re: [websec] Certificate Pinning via HSTS Tobias Gondrom
- Re: [websec] Certificate Pinning via HSTS Tom Ritter
- Re: [websec] Certificate Pinning via HSTS Daniel Kahn Gillmor
- Re: [websec] Certificate Pinning via HSTS Philip Gladstone
- Re: [websec] Certificate Pinning via HSTS Chris Palmer
- Re: [websec] Certificate Pinning via HSTS Phillip Hallam-Baker
- Re: [websec] Certificate Pinning via HSTS Phillip Hallam-Baker
- Re: [websec] Certificate Pinning via HSTS Chris Palmer
- Re: [websec] Certificate Pinning via HSTS Chris Palmer
- Re: [websec] Certificate Pinning via HSTS Daniel Kahn Gillmor
- Re: [websec] Certificate Pinning via HSTS Phillip Hallam-Baker
- Re: [websec] Certificate Pinning via HSTS Phillip Hallam-Baker
- Re: [websec] Certificate Pinning via HSTS Daniel Kahn Gillmor
- Re: [websec] Certificate Pinning via HSTS Daniel Kahn Gillmor
- Re: [websec] Certificate Pinning via HSTS Phillip Hallam-Baker
- Re: [websec] Certificate Pinning via HSTS Phillip Hallam-Baker
- Re: [websec] Certificate Pinning via HSTS Daniel Kahn Gillmor
- Re: [websec] Certificate Pinning via HSTS Phillip Hallam-Baker