Re: [TLS] AIA cert fetching seen as harmful

To: Eric Rescorla <ekr at networkresonance.com>
Subject: Re: [TLS] AIA cert fetching seen as harmful
From: Nelson B Bolyard <nelson at bolyard.com>
Date: Fri, 11 Apr 2008 11:38:22 -0700
Cc: tls at ietf.org
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
In-reply-to: <20080411021537.7C6B55085A at romeo.rtfm.com>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Organization: Network Security Services
References: <200804101549.m3AFnH5T008818 at fs4113.wdf.sap.corp> <47FE39E7.2020209 at pobox.com> <47FEB492.6020209 at bolyard.com> <20080411010825.8E41750854 at romeo.rtfm.com> <47FEBED6.7040105 at bolyard.com> <20080411021537.7C6B55085A at romeo.rtfm.com>
Sender: tls-bounces at ietf.org
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; rv:1.9pre) Gecko/2008041001 NOT Firefox/2.0 SeaMonkey/2.0a1pre

Eric Rescorla wrote, On 2008-04-10 19:15:
> At Thu, 10 Apr 2008 18:28:54 -0700,
> Nelson B Bolyard wrote:
>> Eric Rescorla wrote, On 2008-04-10 18:08:
>>> At Thu, 10 Apr 2008 17:45:06 -0700,
>>> Nelson B Bolyard wrote:
>>>> Mike wrote, On 2008-04-10 09:01:
>>>>
>>>>> This could be made safe with some help from PKIX (if X.509 doesn't
>>>>> already support it -- I haven't read RFC 3280 or -bis in a while).
>>>>> If root certificates listed constraints on what constitutes a valid
>>>>> URL for retrieving issued certificates, then a server could scan
>>>>> the combined list from each trusted root to determine if it is safe
>>>>> to fetch a client certificate.
>>>> Are you all aware of this paper, now making a stir?
>>>>
>>>>     https://www.cynops.de/techzone/http_over_x509.html
>>> Yes, Martin cited this paper a few weeks ago.
>>>
>>>> It claims that fetching CA certs from URLs found in AIA extensions in certs
>>>> that have not yet been validated is a vulnerability.  At least one browser
>>>> organization known to me agrees.
>>> How does that organization feel about inline images in HTML pages?
>> The problem isn't so much when browsers initiate fetches for certs from
>> servers.  The major concerns are:
>> a) servers fetching URLs from unvetted client auth certs, and
>> b) mail clients fetching certs to verify signatures in emails from strangers.
>>
>> Some email clients, in particular, are good at not fetching remote content
>> from html emails, which confirms email addresses to spammers.  AIA cert
>> fetching weakens their ability to defend against such attempts to validate
>> email addresses.
>>
>> Servers see them selves as similarly weakened.
>>
>> I'm receiving inquiries about white listing CA URLs for AIA fetching. :(
> 
> I assume these people are up in arms about DKIM, then?

No, they're just not doing DKIM.  Otherwise they might be. :)
With respect to email, their concern is presently limited to S/MIME v3.
Their concern is: take an existing S/MIME v3 MUA and upgrade the cert
verification library to one that can do AIA cert fetching: vulnerable.
But of course, this email concern is a bit off topic for this list. :)
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

References:
- Re: [TLS] Implementation survey: Client Certificate URL extension
  - From: Martin Rex
- Re: [TLS] Implementation survey: Client Certificate URL extension
  - From: Mike
- [TLS] AIA cert fetching seen as harmful
  - From: Nelson B Bolyard
- Re: [TLS] AIA cert fetching seen as harmful
  - From: Eric Rescorla
- Re: [TLS] AIA cert fetching seen as harmful
  - From: Nelson B Bolyard
- Re: [TLS] AIA cert fetching seen as harmful
  - From: Eric Rescorla

Prev by Date: Re: [TLS] Implementation survey: Client Certificate URL extension
Next by Date: Re: [TLS] AIA cert fetching seen as harmful
Previous by thread: Re: [TLS] AIA cert fetching seen as harmful
Next by thread: Re: [TLS] AIA cert fetching seen as harmful
Index(es):
- Date
- Thread

Re: [TLS] AIA cert fetching seen as harmful

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.