IETF
websec@jabber.ietf.org
Wednesday, 16 November 2011< ^ >
stpeter has set the subject to: WebSec WG | http://tools.ietf.org/wg/websec/
Room Configuration

GMT+0
[00:23:01] hillbrad leaves the room
[00:24:06] hillbrad joins the room
[01:05:14] hillbrad leaves the room
[04:34:13] abarth joins the room
[04:41:21] Tobia Castaldi joins the room
[04:43:54] Tobia Castaldi leaves the room
[04:44:00] Tobia Castaldi joins the room
[04:44:07] Tobia Castaldi leaves the room
[04:44:23] Tobia Castaldi joins the room
[04:46:25] Tobia Castaldi leaves the room
[04:47:14] Tobia Castaldi joins the room
[04:47:32] Tony Hansen joins the room
[04:50:34] MeetechoAudioWebSec joins the room
[04:50:56] Adam Barth joins the room
[04:53:15] yoav.nir joins the room
[04:55:41] MeetechoAudioWebSec leaves the room
[04:56:11] Audio2 joins the room
[04:56:46] yone joins the room
[04:58:01] Lorenzo Miniero joins the room
[04:59:57] <Tobia Castaldi> Presentation stopped
[05:01:32] josephyee joins the room
[05:02:10] m&m joins the room
[05:03:37] Barry Leiba joins the room
[05:05:41] Frank joins the room
[05:06:16] <Tobia Castaldi> for people who may be interested in an integrated view of the jabber room with the slides being presented, this meeting session also has remote support via Meetecho
[05:06:17] PHB joins the room
[05:06:38] <Tobia Castaldi> http://www.meetecho.com/ietf82/websec
[05:06:40] <Tobia Castaldi> just make sure you use a different nicmkane if you're already in with your jabber client as well
[05:06:46] bkihara.l joins the room
[05:06:56] kazubu joins the room
[05:07:09] Joseph Yee joins the room
[05:07:14] PHB2 joins the room
[05:07:17] lef_jp joins the room
[05:07:29] <PHB> Sound seems suspiciously quiet
[05:07:35] <Barry Leiba> Running late.
[05:07:38] <yoav.nir> The meeting begins
[05:07:39] <Barry Leiba> How about now?
[05:07:46] <Lorenzo Miniero> audio's fine :)
[05:07:52] richard.barnes joins the room
[05:08:00] <Barry Leiba> Hao.
[05:08:01] <PHB> gaaaagh!
[05:08:01] stpeter joins the room
[05:08:06] <Tobia Castaldi> Slide 1: Websec WG IETF 82
[05:08:06] <yoav.nir> Agenda presentation: page 4
[05:08:07] <Tobia Castaldi> Slide 2: Note Well
[05:08:07] <PHB> That was loud
[05:08:14] <Tobia Castaldi> Slide 3: AGENDA
[05:08:15] sftcd joins the room
[05:08:23] Paul Hoffman joins the room
[05:08:23] josephyee leaves the room
[05:08:26] <Barry Leiba> T's first burst blew our ears out in here too.
[05:08:45] <yoav.nir> I will channel messages from the jabber room. Please prefix with "mic:"
[05:09:12] <Frank> audio started (mp3 826)
[05:09:14] Klaas Wierenga joins the room
[05:09:41] Kepeng joins the room
[05:09:44] <Tobia Castaldi> Slide 4: 2. Status of WG - Drafts
[05:09:45] <Paul Hoffman> PHB and Adam: offlist, please tell me why each of you are in the Jabber room twice.
[05:09:51] Atarashi Yoshifumi joins the room
[05:10:39] <yoav.nir> Paul: high availability :-)
[05:10:54] <Tobia Castaldi> Slide 5: 7. Admin - Possible future things on the
[05:10:57] <Lorenzo Miniero> rtsp://taipei1.conf.meetecho.com/3330015.sdp
[05:11:05] <Tobia Castaldi> Presentation stopped
[05:11:18] <Tobia Castaldi> Slide 1: draft-ietf-websec-strict-transport-sec
[05:11:21] <abarth> i'm here (adam)
[05:11:24] <Lorenzo Miniero> lower quality, lower delay audio strea,
[05:11:29] Hadriel Kaplan joins the room
[05:11:30] <yoav.nir> Jeff Hodges will present on HSTS
[05:11:37] <Tobia Castaldi> Slide 2: Recent Progress
[05:11:39] <yoav.nir> slide 2
[05:11:50] Jacky Yao11 (Health Yao) joins the room
[05:12:08] coopdanger joins the room
[05:12:17] sm joins the room
[05:12:36] Satoru Kanno joins the room
[05:13:40] <yoav.nir> Repeating because some more people joined: I will channel messages from the jabber room. Please prefix with "mic:"
[05:13:45] <Tobia Castaldi> Slide 3: Detailed Status
[05:14:27] <Tobia Castaldi> Slide 4: Overall Status
[05:14:49] sali joins the room
[05:15:18] <Tobia Castaldi> Slide 5: To Do
[05:16:45] <PHB> I am really glad Jeff is doing this and not me
[05:20:28] <abarth> i have
[05:20:32] <abarth> but i don't count :)
[05:20:44] <sm> You do count :-)
[05:20:47] hillbrad joins the room
[05:21:51] <Tobia Castaldi> Presentation stopped
[05:22:03] <yoav.nir> Now Ian will present the pinning draft on behalf of Chris & Chris
[05:22:05] <Tobia Castaldi> Slide 1: Dynamic Public Key Pinning
[05:22:14] <Tobia Castaldi> Slide 2: Overview
[05:22:25] <sftcd> what's the draft name for this again?
[05:22:28] <stpeter> Ian Fette presenting
[05:22:30] <richard.barnes> this is basically TOFU, right?
[05:22:38] <abarth> yes
[05:22:47] <stpeter> https://datatracker.ietf.org/doc/draft-evans-palmer-key-pinning/
[05:22:54] resnick joins the room
[05:23:02] <abarth> the certs still need to validate, but thereafter they get pinned
[05:23:04] <sftcd> thanks
[05:23:47] <yoav.nir> At least in Chrome, certificates that didn't validate (user clicked "proceed anyway") don't get pinned
[05:24:00] <Tobia Castaldi> Slide 3: Scaling Up
[05:24:13] <richard.barnes> n00b question: why do we need protocol for TOFU?
[05:24:30] <abarth> to signal that the site doesn't plan to change its cert
[05:24:41] <stpeter> hey n00b, take it to the mic
[05:24:42] <yoav.nir> I can ask that at the mike, you know
[05:24:51] <yoav.nir> Should I?
[05:25:25] <yoav.nir> Oh, you're here. never mind
[05:26:09] <stpeter> yoav.nir: :)
[05:26:15] <PHB> MIC: DANE should not be allowed to monopolize this particular issue. DNS with DNSSEC is one tool that could be used but is only one amongst several
[05:26:19] <yoav.nir> I'd say that DANE gets rid of the TOFU
[05:26:24] <Tobia Castaldi> Slide 4: Server Deployment
[05:26:44] <richard.barnes> PHB: yeah, but UAs should only have to implement some modest number of things
[05:26:47] <PHB> yoav, and requires DNSSEC to work which makes it useless
[05:27:02] <PHB> Well maybe DANE is not one of them
[05:27:09] <resnick> Go ahead and mic it, but let's not rat hole on it.
[05:27:21] <resnick> It's a conversation for a different forum.
[05:27:59] <Tobia Castaldi> Slide 5: Client Behavior
[05:28:11] <richard.barnes> resnick: actually, this wg might be the right forum for this discussion, for this application domain
[05:28:15] <richard.barnes> maybe not this preso
[05:28:22] semery joins the room
[05:28:24] <resnick> ack
[05:28:50] <sftcd> wrt DANE, we do need to figure out what overlap there is and how to handle that but here or there is fine
[05:29:03] <Tobia Castaldi> Slide 6: Limitations
[05:30:23] <Tobia Castaldi> Slide 7: More Information
[05:31:20] ray_atarashi joins the room
[05:32:43] <PHB> MIC: The highest value from policy may not be from enforcement, reporting to the community that there is a violation has great value in itself. Thus the limitations of this approach are less critical than they might appear. Thus the approach I take in my proposal which is multi-modal and makes the expression of policy independent of the mode of communication and the required action.
[05:33:18] <PHB> So this is the right forum to talk about why DANE is the right approach, but not why it may be the wrong one?
[05:37:48] <PHB> MIC: I do not need a large number of instrumented browsers
[05:37:57] <PHB> MIC I just need the policy to be expresed
[05:37:59] yoiwa joins the room
[05:38:39] <Tobia Castaldi> Slide 4: Server Deployment
[05:40:59] <hillbrad> Scotch&s0da
[05:42:31] kazubu leaves the room
[05:43:00] <Tony Hansen> please repeat the question -- it couldn't be heard
[05:43:15] hillbrad leaves the room
[05:43:51] <sftcd> its not really valuable to be arguing as to which of this or dane is better, they differ
[05:43:55] hillbrad joins the room
[05:45:06] EKRm joins the room
[05:45:08] =JeffH joins the room
[05:45:08] <PHB> MIC: The big problem with DANE is that at present it cannot be used unless the domain wants to completely usurp PKIX and use DANE semantics for publishing the keys. Validation rules for intermediate CAs are changed.
[05:45:24] <EKRm> test.
[05:45:33] <PHB> I see you EKR
[05:45:53] <EKRm> MIC: When you say "we believe", define who believes?
[05:48:38] <resnick> ekr: believe what?
[05:48:54] <EKRm> Sorry, I was talking about Hoffman's claim about the IANA root.
[05:49:16] <EKRm> It's not at all obvious that any significant number of domains are going to be transitively signed by the IANA root.
[05:49:35] <Paul Hoffman> Who else do you think they will be signed by?
[05:49:36] <resnick> Richard has a strange family name. Quite the company man to change it to BBN. ;-)
[05:49:48] <EKRm> paul: noone, which is the state now.
[05:49:57] <PHB> @Paul, The Russian Federation has said they intend to sign using GOST
[05:50:13] <PHB> I presume that means for .com as well as .ru
[05:50:27] <PHB> They have a treaty with China that commits them to do so
[05:50:34] <Paul Hoffman> The state now will be different in the future. If no one signs their zones, then we can just go home.
[05:50:55] <EKRm> If by "we can just go home" you mean DANE, then yes.
[05:51:06] <EKRm> If by "we can just go home" you mean HSTS with pinning, then no.
[05:51:09] <Paul Hoffman> PHB: that's fine, no one will authenticate them.
[05:51:30] <Paul Hoffman> Right: no DNSSEC means no DANE, currently.
[05:51:59] <EKRm> right, so any comparison of DANE to this mechanism which ignroes that, is pretty misleading.
[05:52:10] <PHB> @Paul, Russian law already mandates GOST, so Microsoft can decide not to sell in Russia or do it their way.
[05:52:23] <PHB> that is why they are doing GOST
[05:52:55] kazubu joins the room
[05:53:28] <abarth> its probably going to be the same UI for "delete all site data"
[05:53:54] <yoav.nir> Doesn't matter what we say in the spec. The browser vendors will not let you get irreperably bricked. There will always be a "reset pinning" button.
[05:55:17] <abarth> its in the cookie spec
[05:55:29] <abarth> the user agent SHOULD let the user clear cookies
[05:55:56] <sftcd> just to note that the draft here is not the one that's linked from the agenda (hence my question about hsts)
[05:56:40] <sm> http://tools.ietf.org/html/draft-evans-palmer-key-pinning-00
[05:57:13] <EKRm> MIC: how does this make the situation any worse?
[05:58:10] <EKRm> MIC: I think it's most useful to think of this as not perfect security but rather as an early warning system. As long as any significant fraction of potential victims get imprinted correctly initially, you get to learn about attacks.
[05:58:19] <yoav.nir> there's a line at the mike. can you expand "this"
[05:58:19] coopdanger leaves the room
[05:59:28] coopdanger joins the room
[06:00:26] <PHB> MIC: The big problem with any security policy proposal is that it is powerful, quite likely more powerful than the administrators trying to configure. The number of attacks is vanishingly small and should be even smaller if browsers all implement policy. Thus violations are likely to be false positives. Hence the reason that using policy to detect violations may well need to be separate from policy enforcement and quite likely require a human decision maker in that loop. That is really not a problem for the rate at which CA breaches occur
[06:00:33] <EKRm> who is talking?
[06:00:37] <Barry Leiba> Leif
[06:00:37] <resnick> Leif
[06:04:00] richard.barnes leaves the room
[06:04:00] <PHB> There are two questions, (1) should IETF do this and (2) should Websec do this.
[06:04:18] <PHB> I think the answer to the first is clearly yes
[06:04:36] <yoav.nir> Phil: who else?
[06:04:51] <EKRm> hand up.
[06:05:07] <PHB> Me!
[06:05:16] <PHB> In favor, will write text
[06:05:44] <EKRm> For the record: I approve of starting this kind of work and will be willing to chip in, as long as we rearrange all the bytes in the header.
[06:06:06] <resnick> We held up extra hands for you.
[06:06:08] richard.barnes joins the room
[06:06:14] <PHB> Hand up
[06:07:25] <resnick> (Given the RTT, you should mention which thing you are in favor of.)
[06:07:37] <PHB> No Derek, DANE does not solve it
[06:07:40] <resnick> But we have assumed you are in favor of bringing it in.
[06:07:53] <richard.barnes> PHB: why not?
[06:08:34] <PHB> Richard, because you have insisted on writing the spec in a way that usurps PKIX chain validation completely. That is not going to happen
[06:08:34] <Tobia Castaldi> Presentation stopped
[06:08:52] <yoav.nir> Stephen will not present "ni" names
[06:08:53] <PHB> Richard: And because you have alienated all the possible deployers so the spec is moot.
[06:08:59] <yoav.nir> s/not/now/
[06:08:59] <Tobia Castaldi> Presentation stopped
[06:09:25] <richard.barnes> "ni" as in "the knights who say..."?
[06:09:27] <Tobia Castaldi> Slide 3: Basic Idea/Scheme
[06:09:53] <yoav.nir> Richard: they don't say that any more
[06:10:12] <Tobia Castaldi> Slide 4: Parameters Draft
[06:11:23] <richard.barnes> new URI scheme: "ekky-ekky-ekky-ekky-zbang-zoom-boing-znourrrwringmm://"
[06:11:39] <Tobia Castaldi> Slide 5: That's it!
[06:11:49] sftcd leaves the room
[06:12:35] <PHB> MIC: The relvance to WebSEC is that this provides a means of fixing the problems that will occur in the pinning draft
[06:13:22] <PHB> MIC: In particular baaad things happen when trying to pass headers through proxies and they mash stuff up so that the digest alg will get separated from the value
[06:14:04] sftcd joins the room
[06:14:07] <Tobia Castaldi> Presentation stopped
[06:14:49] coopdanger leaves the room
[06:15:19] <Tobia Castaldi> Slide 1: Websec WG IETF 82
[06:15:22] <Tobia Castaldi> Slide 3: AGENDA
[06:17:33] <abarth> i have
[06:17:42] <hillbrad> I have
[06:17:54] Joseph Yee leaves the room
[06:18:54] stpeter leaves the room: Disconnected: Replaced by new connection
[06:18:54] stpeter joins the room
[06:18:59] <Tobia Castaldi> Presentation stopped
[06:19:06] <yoav.nir> Larry Manister presents on mime sniffing
[06:19:06] <Tobia Castaldi> Slide 1: MIME SNIFFING ISSUES
[06:19:59] semery leaves the room
[06:20:10] semery joins the room
[06:20:32] <Tobia Castaldi> Slide 2: Using Tracker for issues
[06:21:12] <Tobia Castaldi> Slide 3: Need test suite
[06:21:17] <Tobia Castaldi> Slide 4: #15: Scope of document
[06:25:16] <Tobia Castaldi> Slide 5: #16: Lack of explanatory text/justificat
[06:25:18] <Tobia Castaldi> Slide 6: #17 MIME magic numbers registry
[06:26:37] sali leaves the room
[06:27:34] <Tobia Castaldi> Slide 7: #18 using file extensions
[06:30:19] <abarth> MIC: Larry, how do you feel about a new registry for sniffing?
[06:31:23] <abarth> MIC: As in not re-using the MIME registry
[06:31:45] <abarth> MIC: Can we remove the magic numbers from the MIME registry?
[06:32:24] <Tobia Castaldi> issue #19 Do not sniff PDF (slide not available in the slide deck uploaded by the chairs... sorry)
[06:33:31] <Tobia Castaldi> Slide 8: #20 Opt-in on case-by-case basis
[06:37:46] <Tobia Castaldi> Slide 9: #21 “Polyglot” use cases
[06:39:27] <Tobia Castaldi> Slide 10: #22 Charset sniffing
[06:39:31] <Tobia Castaldi> Slide 5: #16: Lack of explanatory text/justificat
[06:41:37] TACHIBANA toshio joins the room
[06:41:55] <Tobia Castaldi> Slide 10: #22 Charset sniffing
[06:43:45] richard.barnes leaves the room
[06:44:02] <Tobia Castaldi> Slide 11: More issues
[06:46:00] richard.barnes joins the room
[06:46:49] TACHIBANA toshio leaves the room
[06:51:09] <PHB> MIC: +1 Pete, Too many protocols require knowledge of 'folklore' to implement interoperably. Even worse is folklore that is not written down.
[06:51:42] <=JeffH> agree
[06:52:13] TACHIBANA toshio joins the room
[06:52:39] <abarth> Content-Disposition, I think
[06:52:45] <=JeffH> yes
[06:53:03] <Tobia Castaldi> Slide 4: #15: Scope of document
[06:53:09] <Paul Hoffman> Odd question for those remote: are you watching the video? If so, send me mail. Thx.
[06:53:57] <abarth> MIC: There's some commonalities, but details are different
[06:54:32] sm leaves the room
[06:54:47] TACHIBANA toshio leaves the room
[06:55:12] <Tobia Castaldi> Presentation stopped
[06:55:33] <Tobia Castaldi> Slide 5: 7. Admin - Possible future things on the
[06:55:43] <yoiwa> Small comment to slide #11: "E.g." in the slide is bad: if buggy interpreter is the problem, it is a bug and should be fixed out of this draft's scope; however, general idea on this clause is true; if something is labelled as application/octet-stream, sniffing it even as text/plain IS a (some kind of) priviledge promotion.
[06:55:55] =JeffH leaves the room: Logged out
[06:56:45] <Tobia Castaldi> Slide 6: 8. Other topics / open mike
[06:57:32] sftcd leaves the room
[06:57:40] yone leaves the room
[06:57:41] yoav.nir leaves the room
[06:57:48] semery leaves the room
[06:57:49] abarth leaves the room
[06:57:49] richard.barnes leaves the room
[06:57:52] Kepeng leaves the room
[06:57:53] resnick leaves the room
[06:57:53] <Tobia Castaldi> bye
[06:57:54] PHB leaves the room
[06:57:56] hillbrad leaves the room
[06:57:56] Paul Hoffman leaves the room
[06:58:26] Frank leaves the room
[06:58:30] Barry Leiba leaves the room
[06:58:48] Lorenzo Miniero leaves the room
[06:59:04] Atarashi Yoshifumi leaves the room
[06:59:05] <Tobia Castaldi> Presentation stopped
[06:59:10] m&m leaves the room
[06:59:22] yoiwa leaves the room
[06:59:25] Adam Barth leaves the room
[06:59:30] <Tobia Castaldi> the recordings of this session will be availabel at www.ietf.org/meeting/82/remote-participation.html#Meetecho
[06:59:33] Tobia Castaldi leaves the room
[06:59:45] kazubu leaves the room
[07:00:02] Hadriel Kaplan leaves the room
[07:01:03] lef_jp leaves the room
[07:01:05] PHB2 leaves the room
[07:01:32] EKRm leaves the room
[07:01:41] Tony Hansen leaves the room
[07:01:50] Audio2 leaves the room
[07:01:57] stpeter leaves the room
[07:02:02] Satoru Kanno leaves the room
[07:03:58] Klaas Wierenga leaves the room
[07:08:03] Jacky Yao11 (Health Yao) leaves the room
[07:08:03] ray_atarashi leaves the room
[07:08:04] ray_atarashi joins the room
[07:08:38] m&m joins the room
[07:08:55] ray_atarashi leaves the room
[07:09:47] Jacky Yao11 (Health Yao) joins the room
[07:10:04] lef_jp joins the room
[07:10:51] Jacky Yao11 (Health Yao) leaves the room
[07:10:58] sftcd joins the room
[07:11:22] sftcd leaves the room
[07:12:54] Satoru Kanno joins the room
[07:13:30] Satoru Kanno leaves the room
[07:14:31] m&m leaves the room
[07:21:42] richard.barnes joins the room
[07:22:41] Paul Hoffman joins the room
[07:22:59] richard.barnes leaves the room
[07:23:21] Hadriel Kaplan joins the room
[07:23:42] Paul Hoffman leaves the room
[07:24:34] richard.barnes joins the room
[08:06:46] Klaas Wierenga joins the room
[08:10:33] lef_jp leaves the room
[08:11:43] richard.barnes leaves the room
[08:16:57] Klaas Wierenga leaves the room
[08:17:33] Hadriel Kaplan leaves the room
[08:43:55] lef_jp joins the room
[08:49:59] bkihara.l leaves the room
[09:38:13] Hadriel Kaplan joins the room
[10:25:59] Hadriel Kaplan leaves the room
[10:26:59] lef_jp leaves the room
[13:44:52] lef_jp joins the room
[23:47:57] Klaas Wierenga joins the room
Powered by ejabberd Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!