Re: [IAB] Mandatory encryption as part of HTTP2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 






On Sun, Nov 17, 2013 at 7:49 PM, Theodore Ts'o <tytso@xxxxxxx> wrote:
On Sun, Nov 17, 2013 at 07:05:04PM -0500, Phillip Hallam-Baker wrote:
> > That being said, the problem for PKI is that, assuming active
> > MITM attacks both on ISP chains and CA chains, it offer no
> > better security than DH,
> >
> > As DH involves end systems only, there is no point of deploying
> > PKI with no additional benefits.
>
> If we assume that the attack model is flying horses armed with lasers there
> is no additional benefit.
>
> The point is not what the consequences of the assumptions are, the question
> is how likely the assumptions are. If you leave that out of the equation
> then the result is nonsense.

Actually, the attack was called "FLYING PIG" --- that was the GHCQ
code name, per the Snowden leaks[1].  Some have speculated that
Diginotar was so badly penetrated that it wasn't just the Iranians
which penetrated it, but the NSA/GHCQ as well.

I think there are enough proven horrors in Snowdonia without speculating additional ones. 

 
One of the reasons why the bogus Diginotar certificates were detected
was because Google Chrome had a feature called "certificate pinning"
--- which is not a feature normally associated with PKI's.  It's
unfortunately not all that scalable, since it involved hard-coding
certificates, or their hashes, in the browser binary.  The challenge
is coming up with a solution that *is* more scalable, and less
dependent on trusting that CA's are competently run.

Which is exactly what Ben Laurie and myself proposed some time ago in the original CAA scheme which included cert pinning and a notification scheme.

Unfortunately that approach was deemed to conflict with DANE and so we were forced to remove the feature. Which is a pity as the CAA pining scheme did not depend on DNSSEC as a precondition.


Diginotar would have noticed the issue if they had been checking their OCSP logs as well.  

--
Website: http://hallambaker.com/

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]