IETF Logo Mail Archive

Re: [Wpack] On double-hashing (was: Re: About content-based origins)

Devin Mullins <twifkak@google.com> Mon, 30 March 2020 23:35 UTC

Return-Path: <twifkak@google.com>
X-Original-To: wpack@ietfa.amsl.com
Delivered-To: wpack@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4902B3A0EAF for <wpack@ietfa.amsl.com>; Mon, 30 Mar 2020 16:35:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.699
X-Spam-Level:
X-Spam-Status: No, score=-15.699 tagged_above=-999 required=5 tests=[DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hXSm91XdWlbY for <wpack@ietfa.amsl.com>; Mon, 30 Mar 2020 16:35:10 -0700 (PDT)
Received: from mail-wm1-x32f.google.com (mail-wm1-x32f.google.com [IPv6:2a00:1450:4864:20::32f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 513A33A0EAC for <wpack@ietf.org>; Mon, 30 Mar 2020 16:35:10 -0700 (PDT)
Received: by mail-wm1-x32f.google.com with SMTP id b12so622184wmj.3 for <wpack@ietf.org>; Mon, 30 Mar 2020 16:35:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=5byuOVo9yUZKE+LIvVyBmJpcsskRkDzMWqysjEGAj0s=; b=f+QQrwKc9sAkIr3maIuS2nIISA+ygl6r5UL/wFqocSHslxzL6fWYUHvBJ7QhHuhTSp jPJAMJLicxUmXq4iy1IWzJqMkZ4lFn4LwNUBXbQZ+Pq+zJJU92geI6uQf1uQS8vGkzgY aRtKl8MJYe7oKdy0nh7t3C8mmTMKPEVAXuwDe7gx2ZhgMTfxgopN5tGZkoAa3xHa2Iod 9H8zhieQnqDZUUIGxqq1cy7Mdn49sjONA93ZMz7381H+rdCjv5PMuFd+pCjKjH1W1+Ka 68om8Gv6b/aRymrO0BYFreRX/oDoQs5KdAFx6QvZBfSzzsT8XpwxnRZ+dHLECAdiwkb0 AZ6g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=5byuOVo9yUZKE+LIvVyBmJpcsskRkDzMWqysjEGAj0s=; b=iK1aI6HsGEPWdjkTsf0t+kBaGjCLM7SfFVTmj34dOEeGG3aekWj1zaAiTHWbvQ+7w3 6kmXxTbl+TEB6uauBQrG4vRva/EeZXon6TX5A5k02Gv/PRtUbQR46GWPvBarkob0ysOP izZxjA7Qa3uiXp6pvxBbhMDRQshDH3Ypr+ngRWIXj/2qQYDQtGP2UTLN/7Vbcy1U3GbC eCAoItuvDo5AZOeiopVp2xcVkrTRZPEFQIw7CbmUstTjvlJmSaK4hA+aJ7ooYQdNVntK JMh1jUboX9ylHKzn3JAfVyR3OUQilmF4M8IOPisKoTNkbL6OOsA9bFACuYtd33Ux6M/1 tzMQ==
X-Gm-Message-State: ANhLgQ0SyUKTtFn2JdjzxlVs50NctrgBCG2A00uBYLQJyTYWKZBi9ebT hGsSpFU5Yo4TlfA1mLBE2yoaR40YaXIh0auB8Y16Ozxy
X-Google-Smtp-Source: ADFU+vvx7HZK/DDiln5fnIV9UHFktzNkIxIpaPxWq3BZNdQ1ag5yl+OlrvuGjdtVf+JQ/K0ZTFtS/Ogd76/JEzCHJJM=
X-Received: by 2002:a1c:f409:: with SMTP id z9mr497991wma.51.1585611308468; Mon, 30 Mar 2020 16:35:08 -0700 (PDT)
MIME-Version: 1.0
References: <260dfc2f-8399-483e-859d-08f92821c823@www.fastmail.com> <CANjwSimZAkAC0JJBjUjZr4k0514QRqDxBReOkq_AGTeGJ2OTzQ@mail.gmail.com> <CANjwSiniWmO+pTfFOdxW9tasy_eQiUiGwWvTsWF2KGR8yGtXqA@mail.gmail.com> <32395446-c14e-4bca-9c09-4804934c487b@www.fastmail.com> <CANjwSikybC7tnkWJVYCGcE=mc9ScM5oFBP5HWjwtd8+-e1EPFg@mail.gmail.com> <0ae3f1b1-7133-4d12-bf6c-a1ee2c257218@www.fastmail.com>
In-Reply-To: <0ae3f1b1-7133-4d12-bf6c-a1ee2c257218@www.fastmail.com>
From: Devin Mullins <twifkak@google.com>
Date: Mon, 30 Mar 2020 16:34:41 -0700
Message-ID: <CANjwSi=wC7wnyu0Yy6BXScXf9NomeMCaMY49sochEs92icYfEA@mail.gmail.com>
To: Martin Thomson <mt@lowentropy.net>
Cc: wpack@ietf.org
Content-Type: multipart/alternative; boundary="000000000000cb690605a21ae605"
Archived-At: <https://mailarchive.ietf.org/arch/msg/wpack/5dANmEdtw7Eg8fS0CceeFwdQnpk>
Subject: Re: [Wpack] On double-hashing (was: Re: About content-based origins)
X-BeenThere: wpack@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Web Packaging <wpack.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/wpack>, <mailto:wpack-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wpack/>
List-Post: <mailto:wpack@ietf.org>
List-Help: <mailto:wpack-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/wpack>, <mailto:wpack-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Mar 2020 23:35:12 -0000

On Sun, Mar 29, 2020 at 9:28 PM Martin Thomson <mt@lowentropy.net> wrote:

> Separately, I'm about your stated desire to provide diversification of
> content for the purposes of experimentation here.  It seems to be in direct
> tension with this privacy requirement.  I'm interested in knowing how you
> might choose to trade the two off; I don't have any reference here as we
> haven't spent a whole lot of time looking at this specific problem.
>

 If you haven't seen it yet, my longer email has one proposal, but I
haven't thought about it too much; it may have holes. This is an area I
need to learn a lot more about.


> This particular threat model is a really difficult one for me to get my
> head around properly, I have to admit.
>

Only my guess, but it seems to be at least as much about re-balancing the
costs/benefits of bad actions as it is about blocking them (i.e. making the
costs infinite).

I don't mean to imply stake in any particular threat model; I think UA
vendors are in a better position to do so. (I will do my best to help
inform that decision with feasibility estimates for one use case.) Mostly
I'm trying to ensure there is rough consensus on this part. As a consumer
of the signed exchanges spec, I'm obviously interested in a successor spec
that has properties that most or all are satisfied with.

Let's say that we had a system that was able to detect and maybe block
> information transfer in URL or Referer[2].  Is the contention that this
> system would be unable to detect this sort of information transfer when it
> was general purpose content?
>

I don't know. It seems like there'd be a lot of ways to evade detection and
hide things in the URL that don't even require server changes. (For
example, many servers don't validate the URL slug, so it could be
steganographically altered and then inspected client-side.)

I don't think that a site would be particularly put off by the cost of
> transferring hashes to the sites that they link to.  32 bytes per user per
> target isn't that much data to save or transfer.  You can then rely on
> post-facto linkage.
>

Good point. This is mitigated by martinthomson/wpack-content#1, yes?

But AFAICT, this + //publisher.example/this-is-my-hash is not mitigated by
#1. That said, I guess the solution is that, for anti-fingerprinting, the
state transfer request and any previous subresource requests should be
considered in different buckets. The state transfer itself doesn't affect
the feasibility of the attack. The unverified bundle can make a fetch
to //publisher.example/distributor-id?foo, and even if the Sec-CO request
fails, the publisher can join foo with a subsequent credentialled fetch, in
order to inform future responses. The UA could consider this ~isomorphic to
the linking page making that same fetch to /distributor-id?foo.

v2.23.0 | Report a Bug | By Email