Re: [TLS] AIA cert fetching seen as harmful

To: Eric Rescorla <ekr at networkresonance.com>
Subject: Re: [TLS] AIA cert fetching seen as harmful
From: Nelson B Bolyard <nelson at bolyard.com>
Date: Thu, 10 Apr 2008 18:28:54 -0700
Cc: tls at ietf.org
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
In-reply-to: <20080411010825.8E41750854 at romeo.rtfm.com>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Organization: Network Security Services
References: <200804101549.m3AFnH5T008818 at fs4113.wdf.sap.corp> <47FE39E7.2020209 at pobox.com> <47FEB492.6020209 at bolyard.com> <20080411010825.8E41750854 at romeo.rtfm.com>
Sender: tls-bounces at ietf.org
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; rv:1.9pre) Gecko/2008040302 NOT Firefox/2.0 SeaMonkey/2.0a1pre

Eric Rescorla wrote, On 2008-04-10 18:08:
> At Thu, 10 Apr 2008 17:45:06 -0700,
> Nelson B Bolyard wrote:
>> Mike wrote, On 2008-04-10 09:01:
>>
>>> This could be made safe with some help from PKIX (if X.509 doesn't
>>> already support it -- I haven't read RFC 3280 or -bis in a while).
>>> If root certificates listed constraints on what constitutes a valid
>>> URL for retrieving issued certificates, then a server could scan
>>> the combined list from each trusted root to determine if it is safe
>>> to fetch a client certificate.
>> Are you all aware of this paper, now making a stir?
>>
>>     https://www.cynops.de/techzone/http_over_x509.html
> 
> Yes, Martin cited this paper a few weeks ago.
> 
>  
>> It claims that fetching CA certs from URLs found in AIA extensions in certs
>> that have not yet been validated is a vulnerability.  At least one browser
>> organization known to me agrees.
> 
> How does that organization feel about inline images in HTML pages?

The problem isn't so much when browsers initiate fetches for certs from
servers.  The major concerns are:
a) servers fetching URLs from unvetted client auth certs, and
b) mail clients fetching certs to verify signatures in emails from strangers.

Some email clients, in particular, are good at not fetching remote content
from html emails, which confirms email addresses to spammers.  AIA cert
fetching weakens their ability to defend against such attempts to validate
email addresses.

Servers see them selves as similarly weakened.

I'm receiving inquiries about white listing CA URLs for AIA fetching. :(
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] AIA cert fetching seen as harmful
  - From: Eric Rescorla

References:
- Re: [TLS] Implementation survey: Client Certificate URL extension
  - From: Martin Rex
- Re: [TLS] Implementation survey: Client Certificate URL extension
  - From: Mike
- [TLS] AIA cert fetching seen as harmful
  - From: Nelson B Bolyard
- Re: [TLS] AIA cert fetching seen as harmful
  - From: Eric Rescorla

Prev by Date: Re: [TLS] AIA cert fetching seen as harmful
Next by Date: Re: [TLS] AIA cert fetching seen as harmful
Previous by thread: Re: [TLS] AIA cert fetching seen as harmful
Next by thread: Re: [TLS] AIA cert fetching seen as harmful
Index(es):
- Date
- Thread

Re: [TLS] AIA cert fetching seen as harmful

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.