Re: Time to distrust (was: Sanctions short of distrust)

2016-09-21 Thread Peter Kurrasch 
  Well, well. Here we are again, Ryan, with you launching into a bullying, personal attack on me instead of seeking to understand where I'm coming from and why I say the things I say. You may have noticed that I do not reply to your messages because I generally find your tone to be disrespectful of others and occasionally narrow-minded. This time, however, I will reply.‎You know nothing of my knowledge, my experience, or the things that I need to be taught. You are not the arbiter of what is reasonable or sensible in this forum. I hardly think you are the one person in here to determine if people agree or disagree with me--and, for that matter, who qualifies as an expert. If Kathleen or Gerv or Richard decide that I'm disruptive and not providing any value to the wider population, I'll happily withdraw from this forum. I participate here because I enjoy it, though I obviously don't enjoy being attacked personally.‎If I am a fool, let me be a fool. If I say things that don't make sense and you seek to know why, ask me questions. If you see no value in what I have to say, so be it; others in this forum might think otherwise. That's all I ask of anyone.From: Ryan SleeviSent: Wednesday, September 21, 2016 2:27 PM‎...snip...It's unclear who you're referring to here. I think, judging by some of your replies, that some of the experts in this space don't agree with you or your conclusions, but this may simply be a teachable opportunity.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Re: Time to distrust (was: Sanctions short of distrust)

2016-09-21 Thread Ryan Sleevi 
On Wednesday, September 21, 2016 at 12:05:49 PM UTC-7, Peter Kurrasch wrote:
> I have a hard time seeing how any sort of white list solution will actually 
> mitigate any of the bad behavior exhibited by WoSign. 

This doesn't help understand where your disconnect is, or how we might educate 
and inform you about different perspectives.

> So the problem I have with a white list is the implication that while we 
> don't trust the CA to issue new certs, we do have trust in the continued 
> operation of other parts of the CA. 

Once a certificate is issued, it's issued. What continued operations, beyond 
revocation (which doesn't work in the Web PKI) do you see as necessary?
 
> I'm just having a hard time seeing how there is anything left to trust when 
> it comes to WoSign. Maybe the best outcome would be a finding of 
> irreconcilable differences and for us to go our separate ways? Maybe we just 
> want different things in a global PKI system?

It's unclear who you're referring to here. I think, judging by some of your 
replies, that some of the experts in this space don't agree with you or your 
conclusions, but this may simply be a teachable opportunity.

To try to explain to you:
A wholesale distrust is, in effect, a statement that we believe no certificate, 
past, present, or future, is trustworthy. This is a very strong statement, and 
it's very hard to make, even under significant evidence, but is sometimes 
necessary (for example, when an unknown number of unconstrained sub-CAs have 
been issued).

However, if you're willing to believe that no unconstrained sub-CAs exist, and 
if you're willing to accept that most, but not all, certificates were issued 
according to the policies and community expectations, then such a statement is 
overly harsh. By overly harsh, I'm not considering the reception of the CA, I'm 
considering the message that browser vendors would be sending to users and to 
sites that have chosen to use such certificates.

For example, do you believe that if a user tries to access 
https://www.wosign.com, they should be shown an interstitial? Do you believe 
that is a helpful message to end users? Do we believe that the specific 
certificate is untrustworthy?

In most CA cases, when evidence of malfeasance is discovered, it's not 100% of 
the certificates. It might be .001%. But that .001% is significant enough to be 
uncomfortable to trust NEW certificates, because that margin is too high. 
Further, once disclosed via CT, we can reasonably be confident that EXISTING 
certificates conform to appropriate policies.

The only continuinity of business that a CA would potentially need to provide, 
in the event of a distrusting, is OCSP and CRLs. And we know those simply don't 
work at the WebPKI, which is why CRLSets and OneCRL and Certificate Distrust 
List exists. So I have trouble with your suggestion that a whitelist is an 
indication of continued trust in a CA, other than it's a recognition of the 
fact: "Most" of the certs are probably OK, but "new" certs have too high a 
margin of risk to continue to be accepted.
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy

Time to distrust (was: Sanctions short of distrust)

2016-09-21 Thread Peter Kurrasch 
  I have a hard time seeing how any sort of white list solution will actually mitigate any of the bad behavior exhibited by WoSign. From my perspective, I think we can make a pretty clear case that WoSign is a poorly run CA and poses a threat to the secure Internet that many of us are trying to achieve. They have many, serious bugs in their systems. Their responsiveness in fixing these problems is slow. Their understanding of security threats is limited. Their interest in compliance seems minimal.‎ Their willingness to be forthright, honest, open in this forum can only be described as unacceptable. So the problem I have with a white list is the implication that while we don't trust the CA to issue new certs, we do have trust in the continued operation of other parts of the CA. Chief among these is revocation as cert holders move away from WoSign to a new CA. Do we trust that WoSign will honor requsts for certs to be revoked? Do we trust that revocation will take place in a timely matter? Do we trust that WoSign will not collect information on hits to any OCSP responders they have set up and share that info with...whomever?I'm just having a hard time seeing how there is anything left to trust when it comes to WoSign. Maybe the best outcome would be a finding of irreconcilable differences and for us to go our separate ways? Maybe we just want different things in a global PKI system?From: Peter BowenSent: Wednesday, September 21, 2016 10:04 AMTo: Gervase MarkhamCc: mozilla-dev-security-pol...@lists.mozilla.orgSubject: Re: Sanctions short of distrustOn Wed, Sep 21, 2016 at 2:21 AM, Gervase Markham  wrote:> On 12/09/16 22:46, Ryan Sleevi wrote:>> Consider if we start with the list of certificates issued by StartCom>> and WoSign, assuming the two are the same party (as all reasonable>> evidence suggests). Extract the subjectAltName from every one of>> these certificates, and then compare against the Alexa Top 1M. This>> yields more than 60K certificates, at 1920K in a 'naive' whitelist. However, if you compare based on base domain (as it appears in>> Alexa), you end up with 18,763 unique names, with a much better>> compressibility. For example, when compared with Chrome's Public>> Suffix List DAFSA implementation (as one such compressed data>> structure implementation), this ends up occupying 126K of storage.>> Can you tell us how many unique base domains (PSL+1) there are across> WoSign and StartCom's entire certificate corpus, and what that might> look like as a DAFSA?I'm not sure about a DAFSA, but I wrote a semi-naive implementation ofa compressed trie and got 1592272 bytes.  That is assuming each issuerhas its own trie.  It could be optimized to be smaller if it was justa single trie of eTLD+1 for all issuers.Thanks,Peter___dev-security-policy mailing listdev-security-policy@lists.mozilla.orghttps://lists.mozilla.org/listinfo/dev-security-policy
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy