On 18/9/2024 11:45 μ.μ., Tobias S. Josefowitz wrote:
Hi Dimitris,
On Wed, 18 Sep 2024, Dimitris Zacharopoulos (HARICA) wrote:
On 18/9/2024 5:40 ?.?., Tobias S. Josefowitz wrote:
That said, as the issue presents to me, it seems to illustrates that
multiple CAs must have been querying WHOIS servers which's
hostnames and
domains simply do not exist anymore, for longer than just a brief
period,
The possibility for this to occur without anyone noticing and
sounding the
alarm to the WebPKI community alone seems to disqualify WHOIS based
Domain
Validation as an acceptable method; this seemingly inherent lack of
monitoring into validations/validation attempts performed via this
method
seems reason enough to retire it. And soon. What else have we
missed, if
we missed this?
Are you claiming that some TLDs or Domain Names are defunct? I'm sure
this is true in many cases. However, the majority of the TLDs work as
expected. If a TLD is defunct (i.e. not accessible), why should the
WebPKI community raise an alarm? Nobody can use that TLD reliably in
the WWW anyway.
I would expect the WebPKI community to raise an alarm if they detect
there is a malicious TLD operator or Registrar that has been
compromised like it happened with .tg
<https://groups.google.com/g/mozilla.dev.security.policy/c/4kj8Jeem0EU/m/GvqsgIzSAAAJ>
(thank you Andrew, that's exactly the case I recalled and couldn't
find references!), because that puts relying parties expected an
encrypted interaction with those Domain Names in jeopardy.
Hi Tobi,
I don't think "defunct" is a useful categorization for answering the
question we have before us, which is how to react to the fact that TLD
operators, IANA's list of CCTLDs and accompanying metadata, and the
implementers of whois clients unknowingly, unintentionally, and with
no practical awareness of the weight we placed on them, have
disappointed our expectations and defied our assumptions.
I didn't mean "defunct" to mean a "malicious" operator. I meant it as an
operator that has inaccessible resources. For example, their DNS server
is down or not operational. I should have made it clearer.
With this clarification, I hope you understand why I said that such an
operator is not creating as much risk as a malicious operator.
Dimitris.
I also must say that I find your point on "Nobody can use that TLD
reliably [...] anyway." to be somewhat circular. As far as my
understanding of the issue and say e.g. ".mobi" goes, ".mobi" works
apparently just fine and is mostly in so far "defunct" as it may have
not been very involved in keeping the IANA list of domains up to date
with regards to the names of their WHOIS servers.
I thought about it for a while, but the only argument for why it could
not be used reliably is that because of this circumstance, attackers
can get fraudulent certificates.
When it comes to e.g. RFCs and so on, the dependencies may be clear;
IANA is (expected) to publish the names of the WHOIS servers, and TLD
operators are supposed to inform IANA of changes; and in the
thoughtful execution of their duty to the public, they even keep
operating the WHOIS servers on the old hostnames for a while, and make
sure the old names cannot be used by an impostor for years to come.
When it comes to WebPKI securing billions of people, the direction
switches somewhat: Users must be able to trust the WebPKI, and we
cannot just point fingers at the IANA list, CCTLD operators, and WHOIS
implementers and call for them to get their act together. It is clear
to me that we must act on the circumstances as they now present, as it
is our responsibility to do so.
I realize that in
https://lists.cabforum.org/pipermail/servercert-wg/2024-September/004874.html
you suggest to consider a list of "untrusted" TLDs, and I take it to
mean you also probably agree that action must be taken, or would be
appropriate to take. I however believe that such a list is not
addressing the problem appropriately; it's rather obviously taking a
reaction to a mere symptom, not addressing the fundamental flaw I see.
PS: While I wrote the above primarily thinking about WHOIS (the
protocol),
I do not think that "scraping WHOIS data from a website" necessarily
sounds super robust either...
Securing the Internet needs to rely on some fundamental properties of
the Internet, and one of those is the the fact that the Internet is
fundamentally insecure and unencrypted. There is no way around that.
In practice, the way around that, while itself ridden with flaws on
many levels, for many applications and transactions, is TLS backed by
WebPKI. Some might consider it to not be a well-informed choice, but
it is a reality in any case. Resilience against these problems is
exactly what we need to collectively provide to our best ability.
IMO, as long as DNS relies on Registrars and Registrars offer
Registrant information with widely-acceptable protocols, they should
be considered a good "starting point" for evaluation in a Domain
Validation method. I would consider scrapping WHOIS information data
from a secure website operated by the Registrar significantly more
reliable than obtaining this information via an unreliable and
unencrypted WHOIS query :)
There are positive properties gained by encryption, but they are
certainly matched (maybe even outmatched?) by negative properties of
scraping websites. It is probably not fundamentally unthinkable that a
CCTLD operator would show advertisements on their WHOIS website -
there may even be some that do it today. Just as one example,
including ads wasn't very secure the last time I looked at how this
works, and offered ad networks and advertisers the opportunity to
execute javascript code in the context of the page in question. Are
WHOIS websites always scrapable with javascript disabled, or could
this be used to get a CA to accept falsified information? I don't
know, but I must assume that at least some CAs could be susceptible to
such an attack.
_______________________________________________
Servercert-wg mailing list
[email protected]
https://lists.cabforum.org/mailman/listinfo/servercert-wg
