Re: [TLS] AIA cert fetching seen as harmful

To: tls at ietf.org
Subject: Re: [TLS] AIA cert fetching seen as harmful
From: Mike <mike-list at pobox.com>
Date: Thu, 10 Apr 2008 20:20:52 -0700
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
In-reply-to: <47FEB492.6020209 at bolyard.com>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <200804101549.m3AFnH5T008818 at fs4113.wdf.sap.corp> <47FE39E7.2020209 at pobox.com> <47FEB492.6020209 at bolyard.com>
Sender: tls-bounces at ietf.org
User-agent: Thunderbird 2.0.0.12 (Windows/20080213)

>> This could be made safe with some help from PKIX (if X.509 doesn't
>> already support it -- I haven't read RFC 3280 or -bis in a while).
>> If root certificates listed constraints on what constitutes a valid
>> URL for retrieving issued certificates, then a server could scan
>> the combined list from each trusted root to determine if it is safe
>> to fetch a client certificate.
> 
> Are you all aware of this paper, now making a stir?
> 
>     https://www.cynops.de/techzone/http_over_x509.html
> 
> It claims that fetching CA certs from URLs found in AIA extensions in certs
> that have not yet been validated is a vulnerability.  At least one browser
> organization known to me agrees.

What I suggested is that the information about which URL's are safe
for the client certificate URL extension could be embedded in the
-root- certificate, which you trust.  When a client sends you a URL
in place of a certificate, you would compare it to the information
in each of your root certificates.  If the URL matches one of them,
you know it's safe to retrieve it; otherwise you best not.  Also,
theoretically it would be wasted effort since you would not be able
to build a complete certificate chain.  So this could also improve
performance in cases where client authentication will fail.

Mike
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] AIA cert fetching seen as harmful
  - From: Nelson B Bolyard

References:
- Re: [TLS] Implementation survey: Client Certificate URL extension
  - From: Martin Rex
- Re: [TLS] Implementation survey: Client Certificate URL extension
  - From: Mike
- [TLS] AIA cert fetching seen as harmful
  - From: Nelson B Bolyard

Prev by Date: Re: [TLS] AIA cert fetching seen as harmful
Next by Date: Re: [TLS] Implementation survey: Client Certificate URL extension
Previous by thread: Re: [TLS] AIA cert fetching seen as harmful
Next by thread: Re: [TLS] AIA cert fetching seen as harmful
Index(es):
- Date
- Thread

Re: [TLS] AIA cert fetching seen as harmful

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.