Hi Dimitris,
On Wed, 18 Sep 2024, Dimitris Zacharopoulos (HARICA) wrote:
On 18/9/2024 5:40 ?.?., Tobias S. Josefowitz wrote:
That said, as the issue presents to me, it seems to illustrates that
multiple CAs must have been querying WHOIS servers which's hostnames and
domains simply do not exist anymore, for longer than just a brief period,
The possibility for this to occur without anyone noticing and sounding the
alarm to the WebPKI community alone seems to disqualify WHOIS based Domain
Validation as an acceptable method; this seemingly inherent lack of
monitoring into validations/validation attempts performed via this method
seems reason enough to retire it. And soon. What else have we missed, if
we missed this?
Are you claiming that some TLDs or Domain Names are defunct? I'm sure
this is true in many cases. However, the majority of the TLDs work as
expected. If a TLD is defunct (i.e. not accessible), why should the
WebPKI community raise an alarm? Nobody can use that TLD reliably in the
WWW anyway.
I would expect the WebPKI community to raise an alarm if they detect there is
a malicious TLD operator or Registrar that has been compromised like it
happened with .tg
<https://groups.google.com/g/mozilla.dev.security.policy/c/4kj8Jeem0EU/m/GvqsgIzSAAAJ>
(thank you Andrew, that's exactly the case I recalled and couldn't find
references!), because that puts relying parties expected an encrypted
interaction with those Domain Names in jeopardy.
I don't think "defunct" is a useful categorization for answering the
question we have before us, which is how to react to the fact that TLD
operators, IANA's list of CCTLDs and accompanying metadata, and the
implementers of whois clients unknowingly, unintentionally, and with no
practical awareness of the weight we placed on them, have disappointed our
expectations and defied our assumptions.
I also must say that I find your point on "Nobody can use that TLD
reliably [...] anyway." to be somewhat circular. As far as my
understanding of the issue and say e.g. ".mobi" goes, ".mobi" works
apparently just fine and is mostly in so far "defunct" as it may have not
been very involved in keeping the IANA list of domains up to date with
regards to the names of their WHOIS servers.
I thought about it for a while, but the only argument for why it could not
be used reliably is that because of this circumstance, attackers can get
fraudulent certificates.
When it comes to e.g. RFCs and so on, the dependencies may be clear; IANA
is (expected) to publish the names of the WHOIS servers, and TLD operators
are supposed to inform IANA of changes; and in the thoughtful execution of
their duty to the public, they even keep operating the WHOIS servers on
the old hostnames for a while, and make sure the old names cannot be used
by an impostor for years to come.
When it comes to WebPKI securing billions of people, the direction
switches somewhat: Users must be able to trust the WebPKI, and we cannot
just point fingers at the IANA list, CCTLD operators, and WHOIS
implementers and call for them to get their act together. It is clear to
me that we must act on the circumstances as they now present, as it is our
responsibility to do so.
I realize that in
https://lists.cabforum.org/pipermail/servercert-wg/2024-September/004874.html
you suggest to consider a list of "untrusted" TLDs, and I take it to mean
you also probably agree that action must be taken, or would be appropriate
to take. I however believe that such a list is not addressing the problem
appropriately; it's rather obviously taking a reaction to a mere symptom,
not addressing the fundamental flaw I see.
PS: While I wrote the above primarily thinking about WHOIS (the protocol),
I do not think that "scraping WHOIS data from a website" necessarily
sounds super robust either...
Securing the Internet needs to rely on some fundamental properties of the
Internet, and one of those is the the fact that the Internet is fundamentally
insecure and unencrypted. There is no way around that.
In practice, the way around that, while itself ridden with flaws on many
levels, for many applications and transactions, is TLS backed by WebPKI.
Some might consider it to not be a well-informed choice, but it is a
reality in any case. Resilience against these problems is exactly what we
need to collectively provide to our best ability.
IMO, as long as DNS relies on Registrars and Registrars offer Registrant
information with widely-acceptable protocols, they should be considered a
good "starting point" for evaluation in a Domain Validation method. I would
consider scrapping WHOIS information data from a secure website operated by
the Registrar significantly more reliable than obtaining this information via
an unreliable and unencrypted WHOIS query :)
There are positive properties gained by encryption, but they are certainly
matched (maybe even outmatched?) by negative properties of scraping
websites. It is probably not fundamentally unthinkable that a CCTLD
operator would show advertisements on their WHOIS website - there may even
be some that do it today. Just as one example, including ads wasn't very
secure the last time I looked at how this works, and offered ad networks
and advertisers the opportunity to execute javascript code in the context
of the page in question. Are WHOIS websites always scrapable with
javascript disabled, or could this be used to get a CA to accept falsified
information? I don't know, but I must assume that at least some CAs could
be susceptible to such an attack.
_______________________________________________
Servercert-wg mailing list
[email protected]
https://lists.cabforum.org/mailman/listinfo/servercert-wg
