unofficial mirror of emacs-devel@gnu.org 
 help / color / mirror / code / Atom feed
From: Ted Zlatanov <tzz@lifelogs.com>
To: emacs-devel@gnu.org
Subject: Re: Network security manager
Date: Wed, 19 Nov 2014 06:09:15 -0500	[thread overview]
Message-ID: <87vbmbe9b8.fsf@lifelogs.com> (raw)
In-Reply-To: 8761eb68z8.fsf@alrua-karlstad.karlstad.toke.dk

On Wed, 19 Nov 2014 06:43:39 +0100 Toke Høiland-Jørgensen <toke@toke.dk> wrote: 

TH> Ted Zlatanov <tzz@lifelogs.com> writes:
>> * uses SSH-style gnutls_store_pubkey() and gnutls_verify_stored_pubkey()
>> to DTRT and pins the public key rather than the certificate
>> fingerprint. The pub keys are stored by default in a way that lets the
>> user look them up by hostname, but we can customize that. And it's
>> mostly handled by GnuTLS internals as far as pubkey extraction and
>> verification.

TH> AFAICT this is functionally equivalent to what is currently in NSM;
TH> except it stores the public key rather than the fingerprint. I am not
TH> sure if there area any security implications to storing just the
TH> fingerprint...

See
https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning#What_Should_Be_Pinned.3F

Briefly, they say pinning the public key is better in most cases but is
not subject to expiration like a certificate.

Furthermore, see https://www.imperialviolet.org/2011/05/04/pinning.html
section "Why public key hashes, not certificate hashes?" on Google's
implementation and a stronger opinion.

Excerpt:

"In general, hashing certificates is the obvious solution, but the wrong
one. The problem is that CA certificates are often reissued: there are
multiple certificates with the same public key, subject name etc but
different extensions or expiry dates. Browsers build certificates chains
from a pool of certificates, bottom up, and an alternative version of a
certificate might be substituted for the one that you expect.

...

Conversely, public key hashes must be correct:

Browsers assume that the leaf certificate is fixed: it's always the
starting point of the chain. The leaf certificate contains a signature
which must be a valid signature, from its parent, for that certificate.
That implies that the public key of the parent is fixed by the leaf
certificate. So, inductively, the chain of public keys is fixed, modulo
truncation.

The only sharp edge is that you mustn't pin to a cross-certifying root.
For example, GoDaddy's root is signed by Valicert so that older clients,
which don't recognise GoDaddy as a root, still trust those certificates.
However, you wouldn't want to pin to Valicert because newer clients will
stop their chain at GoDaddy.

Also, we're hashing the SubjectPublicKeyInfo not the public key bit
string. The SPKI includes the type of the public key and some parameters
along with the public key itself. This is important because just hashing
the public key leaves one open to misinterpretation attacks. Consider a
Diffie-Hellman public key: if one only hashes the public key, not the
full SPKI, then an attacker can use the same public key but make the
client interpret it in a different group. Likewise one could force an
RSA key to be interpreted as a DSA key etc."

I am not a cryptographer so I hope some of those step in and suggest
what's best. To me from what I know and based on the cited references,
it seems it could be a choice but pinning the public key is better for
most people. They won't have to accept again every time the certificate
is reissued.

>> * does DANE auth (although I don't know the details on DANE, the
>> client implementation looks reasonable and Toke suggested it)

TH> I think the right thing to do would probably be to check DANE and use
TH> that as an additional input to the NSM dialog. I'd suggest the
TH> following:

TH> - Supply the DANE status as part of the 'certificate information' blurb
TH>   when popping up a prompt. For many (most?) setups this will be
TH>   'unknown' either because no DANE info is published in DNS or DNSSEC
TH>   validation fails (or both).

TH> - If valid DANE info is available *and* this doesn't match the shown
TH>   certificate, treat it as a reason to consider the certificate
TH>   insecure.

TH> I.e. treat a positive DANE verification as information to present to the
TH> user, and a verified failure as a cause for alarm. This corresponds to
TH> the current DANE RFC recommendations AFAICT...

Works for me. If we implement it in ELisp as Lars suggested it might
even be easy. Could you please open the feature request in the bug
tracker with your plan of action so we can keep it in mind?

>> * checks OCSP for revocations using cert_verify_ocsp() in the same
>> cli.c

TH> This would probably be a good idea to implement in any case.

I think Lars agrees, also with the "in ELisp if possible" caveat.  Can
you create a separate feature in the bug tracker?

On Wed, 19 Nov 2014 09:44:49 +0100 Lars Magne Ingebrigtsen <larsi@gnus.org> wrote: 

LMI> DANE and especially revocation checking is kinda slow though?  Which is
LMI> why Chrome doesn't do it.

It's definitely in the high-to-paranoid level, but if the level can be
enabled per site or per subnet, it would be ideal.

On Wed, 19 Nov 2014 09:55:00 +0100 Lars Magne Ingebrigtsen <larsi@gnus.org> wrote: 

LMI> Unfortunately, this seems to have been introduced in a later version of
LMI> the library than what I have on my development machine, so I haven't
LMI> been able to test.

We can make such GnuTLS features optional or explicitly require the
latest if the feature is very appealing.  This one isn't to me :)  I
hate the "random art" and always disable it with SSH.

Ted




  parent reply	other threads:[~2014-11-19 11:09 UTC|newest]

Thread overview: 265+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-11-17 12:46 Network security manager Lars Magne Ingebrigtsen
2014-11-17 13:56 ` Ted Zlatanov
2014-11-17 13:59   ` Andreas Schwab
2014-11-17 14:04     ` Lars Magne Ingebrigtsen
2014-11-17 16:13       ` Eli Zaretskii
2014-11-17 14:17     ` Stefan Monnier
2014-11-17 14:21       ` Lars Magne Ingebrigtsen
2014-11-17 15:00       ` Ted Zlatanov
2014-11-17 15:06         ` Ted Zlatanov
2014-11-17 17:31           ` Stefan Monnier
2014-11-17 18:06             ` Ted Zlatanov
2014-11-17 15:22         ` Lars Magne Ingebrigtsen
2014-11-17 16:04           ` Ted Zlatanov
2014-11-17 18:55             ` Lars Magne Ingebrigtsen
2014-11-17 16:22         ` Eli Zaretskii
2014-11-17 16:15       ` Eli Zaretskii
2014-11-17 16:11     ` Eli Zaretskii
2014-11-17 14:00   ` Lars Magne Ingebrigtsen
2014-11-17 16:13     ` Eli Zaretskii
2014-11-17 13:59 ` Stefan Monnier
2014-11-17 15:19   ` Stephen Leake
2014-11-17 15:24     ` Lars Magne Ingebrigtsen
2014-11-17 15:29       ` Kelvin White
2014-11-17 15:38         ` Kelvin White
2014-11-17 18:49         ` Lars Magne Ingebrigtsen
2014-11-17 18:58         ` Rob Browning
2014-11-17 19:07           ` Óscar Fuentes
2014-11-18  8:52             ` Sebastien Vauban
2014-11-18 14:54               ` Óscar Fuentes
2014-11-17 22:53         ` Lars Magne Ingebrigtsen
2014-11-17 23:16           ` Lars Magne Ingebrigtsen
2014-11-17 23:26             ` Lars Magne Ingebrigtsen
2014-11-18 15:19               ` Ted Zlatanov
2014-11-17 23:51           ` Lars Magne Ingebrigtsen
2014-11-18 14:41             ` Lars Magne Ingebrigtsen
2014-11-18 14:57               ` Rasmus
2014-11-18 15:01                 ` Lars Magne Ingebrigtsen
2014-11-18 19:44                   ` Achim Gratz
2014-11-18 19:48                     ` Lars Magne Ingebrigtsen
2014-11-18 15:03               ` Tassilo Horn
2014-11-18 15:10                 ` Lars Magne Ingebrigtsen
2014-11-18 15:23                   ` Tassilo Horn
2014-11-18 15:17               ` Ted Zlatanov
2014-11-18 15:30                 ` Lars Magne Ingebrigtsen
2014-11-18 15:40                   ` Lars Magne Ingebrigtsen
2014-11-18 15:45                     ` Lars Magne Ingebrigtsen
2014-11-18 16:04                       ` Ted Zlatanov
2014-11-18 19:49                     ` Achim Gratz
2014-11-18 19:53                       ` Lars Magne Ingebrigtsen
2014-11-18 19:55                         ` Lars Magne Ingebrigtsen
2014-11-18 21:17                         ` David Engster
2014-11-18 21:28                           ` David Engster
2014-11-18 21:54                             ` Lars Magne Ingebrigtsen
2014-11-18 20:47                     ` N. Jackson
2014-11-18 21:07                       ` Lars Magne Ingebrigtsen
2014-11-18 21:29                         ` N. Jackson
2014-11-18 21:36                           ` David Engster
2014-11-18 21:55                             ` Lars Magne Ingebrigtsen
2014-11-18 22:02                               ` David Engster
2014-11-19  0:05                               ` Stephen J. Turnbull
2014-11-18 10:12           ` Toke Høiland-Jørgensen
2014-11-18 15:10             ` Ted Zlatanov
2014-11-18 15:29               ` Lars Magne Ingebrigtsen
2014-11-18 15:58                 ` Ted Zlatanov
2014-11-18 16:15                   ` Lars Magne Ingebrigtsen
2014-11-18 16:35                     ` Lars Magne Ingebrigtsen
2014-11-18 16:41                       ` Lars Magne Ingebrigtsen
2014-11-18 17:00                         ` Lars Magne Ingebrigtsen
2014-11-18 17:23                           ` Ted Zlatanov
2014-11-18 17:28                             ` Lars Magne Ingebrigtsen
2014-11-18 17:40                               ` Ted Zlatanov
2014-11-18 17:47                                 ` Eli Zaretskii
2014-11-18 17:57                                 ` Lars Magne Ingebrigtsen
2014-11-18 17:43                               ` Eli Zaretskii
2014-11-18 17:54                                 ` Lars Magne Ingebrigtsen
2014-11-18 18:08                                   ` Eli Zaretskii
2014-11-18 18:13                                     ` Lars Magne Ingebrigtsen
2014-11-18 18:18                                       ` Lars Magne Ingebrigtsen
2014-11-18 18:29                                         ` Lars Magne Ingebrigtsen
2014-11-18 18:40                                           ` Eli Zaretskii
2014-11-18 19:19                                             ` Lars Magne Ingebrigtsen
2014-11-18 19:22                                               ` Eli Zaretskii
2014-11-18 19:26                                                 ` Lars Magne Ingebrigtsen
2014-11-18 19:55                                                   ` Eli Zaretskii
2014-11-18 19:24                                               ` Daniel Colascione
2014-11-18 20:40                                           ` Stefan Monnier
2014-11-18 20:49                                             ` Eli Zaretskii
2014-11-18 23:02                                               ` Lars Magne Ingebrigtsen
2014-11-18 23:31                                                 ` Ted Zlatanov
2014-11-19  8:37                                                   ` Lars Magne Ingebrigtsen
2014-11-19 11:17                                                     ` Ted Zlatanov
2014-11-19 11:23                                                       ` Lars Magne Ingebrigtsen
2014-11-19 11:46                                                         ` Ted Zlatanov
2014-11-19 21:11                                                       ` Toke Høiland-Jørgensen
2014-11-19  7:39                                                 ` Lars Magne Ingebrigtsen
2014-11-18 20:51                                             ` Lars Magne Ingebrigtsen
2014-11-19  2:09                                               ` Stefan Monnier
2014-11-19  3:55                                                 ` Eli Zaretskii
2014-11-19 13:40                                                   ` Stefan Monnier
2014-11-19 13:51                                                     ` Ted Zlatanov
2014-11-19 14:45                                                       ` Lars Magne Ingebrigtsen
2014-11-19 15:30                                                         ` Lars Magne Ingebrigtsen
2014-11-19 15:36                                                         ` Ted Zlatanov
2014-11-19 15:47                                                           ` Lars Magne Ingebrigtsen
2014-11-19 15:53                                                             ` Ted Zlatanov
2014-11-19 16:12                                                               ` Lars Magne Ingebrigtsen
2014-11-19 16:12                                                             ` EWW buffers Ivan Shmakov
2014-11-19 16:17                                                               ` Lars Magne Ingebrigtsen
2014-11-19 17:10                                                                 ` bug#19109: eww-setup-buffer: use set-buffer instead of switch-to-buffer Ivan Shmakov
     [not found]                                                                   ` <m3r3wznli0.fsf@stories.gnus.org>
     [not found]                                                                     ` <87sih9u4pa.fsf_-_@violet.siamics.net>
     [not found]                                                                       ` <v2tx1p4syz.fsf@fencepost.gnu.org>
2014-11-23 19:35                                                                         ` mailing control@, but requesting that no replies be sent there Ivan Shmakov
2014-11-24  0:22                                                                           ` bug#19109: " Glenn Morris
2014-11-24  6:50                                                                             ` Ivan Shmakov
2014-11-24  7:13                                                                               ` Stephen J. Turnbull
2014-11-24  5:00                                                                           ` bug#19109: " Stephen J. Turnbull
2014-11-19 22:27                                                               ` EWW buffers Stefan Monnier
2014-11-20  6:47                                                                 ` Ivan Shmakov
2014-11-21 12:16                                                                 ` Lars Magne Ingebrigtsen
2014-11-19 15:56                                                     ` Network security manager Eli Zaretskii
2014-11-19 22:23                                                       ` Stefan Monnier
2014-11-20 16:22                                                         ` Eli Zaretskii
2014-11-20 23:34                                                           ` Stefan Monnier
2014-11-21  8:10                                                             ` Eli Zaretskii
2014-11-21  9:24                                                               ` Lars Magne Ingebrigtsen
2014-11-21  9:40                                                                 ` Eli Zaretskii
2014-11-21 11:12                                                                   ` Lars Magne Ingebrigtsen
2014-11-21 10:36                                                                 ` Andreas Schwab
2014-11-21 13:30                                                                   ` Daniel Colascione
2014-11-21 15:05                                                                 ` Stefan Monnier
2014-11-21 15:02                                                               ` Stefan Monnier
2014-11-18 18:30                                         ` Eli Zaretskii
2014-11-18 18:41                                           ` Lars Magne Ingebrigtsen
2014-11-18 18:42                                             ` Eli Zaretskii
2014-11-18 18:24                                       ` Eli Zaretskii
2014-11-18 18:22                                 ` Ted Zlatanov
2014-11-18 17:28                     ` Ted Zlatanov
2014-11-18 17:36                       ` Lars Magne Ingebrigtsen
2014-11-18 17:44                         ` Ted Zlatanov
2014-11-18 18:10                           ` Lars Magne Ingebrigtsen
2014-11-18 22:09                         ` Toke Høiland-Jørgensen
     [not found]                     ` <87egt0792y.fsf@echidna.jochen.org>
2014-11-18 17:28                       ` Lars Magne Ingebrigtsen
2014-11-19  4:31                 ` Ted Zlatanov
2014-11-19  5:43                   ` Toke Høiland-Jørgensen
2014-11-19  8:44                     ` Lars Magne Ingebrigtsen
2014-11-19 11:09                     ` Ted Zlatanov [this message]
2014-11-19 11:19                       ` Lars Magne Ingebrigtsen
2014-11-19 11:41                         ` Ted Zlatanov
2014-11-19 11:50                           ` Lars Magne Ingebrigtsen
2014-11-19 12:11                             ` Ted Zlatanov
2014-11-19 14:16                               ` Lars Magne Ingebrigtsen
2014-11-19  8:46                   ` Lars Magne Ingebrigtsen
2014-11-18 20:50               ` Toke Høiland-Jørgensen
2014-11-18 21:06                 ` Lars Magne Ingebrigtsen
2014-11-18 21:10                   ` Toke Høiland-Jørgensen
2014-11-18 21:54                     ` Lars Magne Ingebrigtsen
2014-11-18 21:57                       ` Toke Høiland-Jørgensen
2014-11-18 22:13                         ` Lars Magne Ingebrigtsen
2014-11-18 22:18                           ` Toke Høiland-Jørgensen
2014-11-18 22:54                             ` Lars Magne Ingebrigtsen
2014-11-19  6:03                               ` Toke Høiland-Jørgensen
2014-11-19  8:55                                 ` Lars Magne Ingebrigtsen
2014-11-19 12:05                                   ` Garreau, Alexandre
2014-11-19 12:17                                     ` Lars Magne Ingebrigtsen
2014-11-19 12:26                                       ` Garreau, Alexandre
2014-11-19 12:29                                         ` Lars Magne Ingebrigtsen
2014-11-23 19:53                                         ` Lars Magne Ingebrigtsen
2014-11-23 19:59                                           ` Lars Magne Ingebrigtsen
2014-11-23 20:23                                             ` Garreau, Alexandre
2014-11-23 20:36                                               ` Lars Magne Ingebrigtsen
2014-11-23 20:41                                                 ` Lars Magne Ingebrigtsen
2014-11-23 22:24                                                   ` Lars Magne Ingebrigtsen
2014-11-23 22:30                                                     ` joakim
2014-11-30 13:38                                                     ` Stefan Monnier
2014-11-30 22:29                                                       ` Lars Magne Ingebrigtsen
2014-12-01  3:10                                                         ` Stefan Monnier
2014-11-19 14:35                                 ` Lars Magne Ingebrigtsen
2014-11-19 16:33                                   ` Toke Høiland-Jørgensen
2014-11-19 16:38                                     ` Lars Magne Ingebrigtsen
2014-11-19 21:00                                       ` Toke Høiland-Jørgensen
2014-11-18 21:23                 ` Ted Zlatanov
2014-11-18 19:45             ` Lars Magne Ingebrigtsen
2014-11-18 20:33               ` Toke Høiland-Jørgensen
2014-11-18 22:37                 ` Lars Magne Ingebrigtsen
2014-11-18 21:37               ` Toke Høiland-Jørgensen
2014-11-18 21:57                 ` Lars Magne Ingebrigtsen
2014-11-18 22:03                   ` Toke Høiland-Jørgensen
2014-11-18 22:13                     ` Lars Magne Ingebrigtsen
2014-11-18 15:22           ` Ted Zlatanov
2014-11-18 15:33             ` Lars Magne Ingebrigtsen
2014-11-18 17:03           ` Glenn Morris
2014-11-18 17:17             ` Daniel Colascione
2014-11-18 17:41               ` Eli Zaretskii
2014-11-22 10:27           ` Steinar Bang
2014-11-17 16:57   ` Romain Francoise
2014-11-17 18:30     ` Stefan Monnier
2014-11-18  8:29       ` Stephen Leake
2014-11-18 15:49         ` Stefan Monnier
2014-11-18 16:01           ` Ted Zlatanov
2014-11-18 16:24             ` Lars Magne Ingebrigtsen
2014-11-18 21:21               ` Toke Høiland-Jørgensen
2014-11-18 22:25                 ` Lars Magne Ingebrigtsen
2014-11-18 22:28                   ` Toke Høiland-Jørgensen
2014-11-22  5:24             ` emacs-dynamic-module in Emacs Git? Stephen Leake
2014-11-22 15:49               ` Stefan Monnier
2014-11-22 17:12                 ` Óscar Fuentes
2014-11-22 23:28                 ` Ted Zlatanov
2014-11-23 10:38                   ` Aurélien Aptel
2014-11-24  1:19                     ` Aurélien Aptel
2014-11-25 10:05                       ` Ted Zlatanov
2014-11-26 17:05                         ` Aurélien Aptel
2014-11-27  2:10                           ` Ted Zlatanov
2014-11-27 15:38                             ` Aurélien Aptel
2014-11-27 15:45                               ` Ted Zlatanov
2014-11-29 17:05                             ` Eli Zaretskii
2014-11-29 17:45                               ` Eli Zaretskii
2014-11-30 14:08                               ` Stefan Monnier
2014-11-30 15:42                                 ` Eli Zaretskii
2014-11-30 18:09                                   ` Stefan Monnier
2014-12-01  0:44                                     ` Ted Zlatanov
2014-12-01  3:41                                       ` Stefan Monnier
2014-12-01 10:31                                         ` Ted Zlatanov
2014-12-01 13:45                                           ` Stefan Monnier
2014-12-01 14:10                                             ` Aurélien Aptel
2014-12-01 14:47                                             ` Ted Zlatanov
2014-12-01 15:04                                               ` Stefan Monnier
2014-12-01 15:36                                                 ` Ted Zlatanov
2014-12-01 16:28                                                   ` Aurélien Aptel
2014-12-01 17:05                                                     ` Ted Zlatanov
2014-12-01 22:46                                                       ` Stephen Leake
2014-12-01 17:44                                                     ` Eli Zaretskii
2014-12-01 19:40                                                       ` Stefan Monnier
2014-12-01 20:19                                                       ` Ted Zlatanov
2014-12-02 21:22                                                         ` Ted Zlatanov
2014-12-04 20:40                                                           ` Aurélien Aptel
2014-12-05  1:02                                                             ` Ted Zlatanov
2014-12-05  2:43                                                               ` Ivan Andrus
2014-12-10  0:53                                                               ` Ted Zlatanov
2014-12-11 15:49                                                                 ` Aurélien Aptel
2014-12-11 14:35                                                               ` Ted Zlatanov
2014-12-01 19:12                                                   ` Stefan Monnier
2014-12-01 22:42                                                   ` Stephen Leake
2014-12-02  1:16                                                     ` Ted Zlatanov
2014-12-02  3:29                                                       ` Stefan Monnier
2014-12-01 16:21                                           ` Eli Zaretskii
2014-12-01 13:59                               ` Aurélien Aptel
2014-12-01 16:51                                 ` Eli Zaretskii
2014-12-01 22:58                                   ` Stephen Leake
2014-12-02  3:33                                     ` Stefan Monnier
2014-12-03  9:27                                       ` Stephen Leake
2014-12-03 13:57                                         ` Stefan Monnier
2014-12-03 17:41                                         ` Eli Zaretskii
2014-12-02  3:40                                     ` Eli Zaretskii
2014-12-02 17:58                                       ` Steinar Bang
2014-12-02 18:09                                         ` Eli Zaretskii
2014-12-03 10:04                                       ` Stephen Leake
2014-12-03 10:55                                         ` David Kastrup
2014-12-03 21:11                                           ` Stephen Leake
2014-12-03 17:56                                         ` Eli Zaretskii
2014-12-03 19:05                                           ` Stefan Monnier
2014-11-17 16:07 ` Network security manager Eli Zaretskii
2014-11-17 18:58   ` Lars Magne Ingebrigtsen
2014-11-17 19:05     ` Eli Zaretskii
2014-11-17 19:37       ` Lars Magne Ingebrigtsen
2014-11-17 19:49         ` Óscar Fuentes
2014-11-17 20:00           ` Lars Magne Ingebrigtsen
2014-11-17 20:31             ` Óscar Fuentes

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://www.gnu.org/software/emacs/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87vbmbe9b8.fsf@lifelogs.com \
    --to=tzz@lifelogs.com \
    --cc=emacs-devel@gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/emacs.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).