[SSL Observatory] Fixing Revocation, security policy

[Phillip Hallam-Baker]

Apols for the catch up, I am coming to this list and trying to do multiple
responses in multiple threads at once.


I see a number of issues raised wrt revocation:

1) Browsers will accept certs in the absence of revocation/status data

2) Technical defects in OCSP: the cert is referenced by the serial number,
not the hash of the cert.

3) The need to split out administrative revocation by the CA from emergency
revocation in the case that an active attack is detected.


The underlying problem though is that we have no security policy. Security
is an optional extra for some Internet sites. The simplest form of attack is
to simply strip out SSL connections completely (as Syria tried a few months
back).


Trying to defend against a nation state rather than a criminal hacker is a
totally different game because the nation state has the ability to mandate
use of particular protocols and infrastructure.

The first issue in particular is a big problem when the threat model
includes a nation state level MITM attack. It is easy to provide a fix that
can defend against an evil WiFi twin: just pull some data from DNSSEC and
you are done. But with the nation state level attack the attacker can and
will pre-empt the intended control. In fact just last week China and Russia
were preparing the ground to do just that:

http://blog.internetgovernance.org/pdf/UN-infosec-code.pdf

The language is a bit unclear unless you know that 'information terrorism'
is Chinese code for 'freedom of speech' and so on. There is an earlier
China-Russia treaty on this topic under the SCO framework that the language
seems to be lifted from. I have a translation if people are interested.

Basically China is proposing an alternative Internet governance body to
ICANN. They have been trying to do this under the ITU for some time and the
US state dept is trying to stop them.

Russia and China already have laws that would allow them to block
distribution of software that attempts to enforce the ICANN DNS root. What
they are doing here is setting up a 'code of conduct' to help dictatorships
maintain their ability to perform such attacks.

There have been some improvements in the DNSSEC protocol that raise the cost
of that attack significantly. NSEC3 in particular prevents zone walking and
thus increases the cost of trying to resign a secured zone.

But still, we can't address this problem by introducing an infrastructure
that has a single point of control because all it then takes is for the
adversary to usurp that single point of control and we have lost everything.

While China and Russia certainly would like the ability to control their
local Internet space, their bottom line in negotiations might well be that
they would settle for parity with the US in terms of control. At the moment
the US has direct control of ICANN as far as they are concerned and that is
unacceptable to them. A technical scheme that prevents either ICANN or the
SCO countries defecting might satisfy them sufficiently to not try to
exercise their secession option. Some of their people are certainly open to
this.


Iran has a more direct way of sabotaging the system: they distribute
versions of all the popular browsers (and Microsoft Office and much more)
that have Trojans and backdoors added.

The big advantage we have vs the Iranian regime is that the regime thinks
that all the protests and demonstrations are purely the result of foreign
agitation and the work of the CIA, MOSSAD and MI6. They are totally
incapable of understanding that the threat to their regime comes from their
own people who correctly regard them as corrupt, dishonest and apostates.


-- 
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eff.org/pipermail/observatory/attachments/20110921/ae396b3d/attachment.html>