On Thu, 9 Jun 2016 11:29:26 -0400
Stephen Kent <[email protected]> wrote:
> Dmitry,
>
> I've been waiting for Rob Stradling to comment on the attack
> described by Andrew.
> I consider Rob to be the definitive expert on redacted certs (since
> he invented
> the concept) and I want to make sure that Ron concurs with the attack
> description
> and the impact characterization before adding it to the threat
> document.
>
> If Rob concurs, then I'll draft text to describe the attack and
> submit it to the
> WG list for review, rather than re-issuing the whole doc with this
> added material
> for review.
I would much rather the attack be fixed (I described one possible fix)
than merely describing it in the threat document. Is this not an
option?
> Andrew's message noted a potential problem for Monitors dealing with
> redacted certs.
> The Monitor spec that I co-authored
> (draft-kent-trans-monitor-auditor-01.txt) already
> describes a model in which Monitors are expected to have access to
> the cert data
> associated with the Subjects they serve. So, in the case of redacted
> certs, I think a
> Monitor serving the Subject(s) of such certs will be able to function
> as expected.
No, even if a monitor has access to full cert data, they aren't
maximally useful when redaction is used (I consider this unexpected).
If a monitor is configured with:
www1.example.com should have key A
www2.example.com should have key B
and it sees a pre-cert for ?.example.com using key A, it can't
say for certainty whether this is OK, because the pre-cert might be for
www1.example.com, or it might be for www2.example.com.
draft-kent-trans-monitor-auditor-01.txt says to accept the pre-cert in
this case, which makes it possible to launch the attack I described.
> Eran suggested that a Monitor need not have such info and might be on
> the lookout for suspect certs in general,
Name redaction does pose a challenge to monitors without access to cert
data, but this is a separate issue, and I don't think it can ever be
resolved. However, we can and should make it possible for monitors
with access to cert data to function usefully when name redaction is
used.
Regards,
Andrew
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
