Re: request for WG to adopt draft-chadwick-webdav-00.txt as a work item

[David Chadwick <d.w.chadwick@xxxxxxxxxx>]

Stefan Santesson wrote:
> David,
>
> Everything in security is a tradeoff, but that is not an excuse to
> introduce new classes of threats that defeats basic security
> principles when there exists valid alternatives that don't. PKI has
> some basic important security principles in that it leverage trust in
> signed objects and not in the information infrastructure.

I think you will find this is not always entirely true. The DNS is 
usually needed as a trusted entity, and if it mal-performs PKIs can 
break disasterously.


 Also, when
> CRLs are used for revocation checking, there is an underlying
> principle that one or more CRL's are available with scopes that cover
> all issued certificate with a current validity period.

I agree that this is one of the key strengths of CRLs.

> With the WebDav proposal you violate both these principles. I don't
> see a strong enough motivation for doing so,

Lets wait and see on this one. WebDav is becoming more ubiquitous all 
the time. SVN and other systems use it as their transport medium. It is 
rumoured that it will take over from FTP soon.

But as I said in my earlier email, my proposal is really three topics in 
one: the REST conceptual model, the protocol(s) that might use the REST 
principles for certificate status (only WebDav proposed so far but 
others could be used as well), and the information model for naming the 
certs and CRL files.

I think fundamentally it is the REST model that you do not like for 
determining the status of a certificate. Am I correct on that?

regards

David


 and I object to putting
> an IETF/PKIX rubberstamp on such solution Therefore I can't support
> this solution to be developed within the PKIX workgroup.
>
>
> Stefan Santesson Senior Program Manager Windows Security, Standards
>
>
> > -----Original Message----- From: owner-ietf-pkix@xxxxxxxxxxxx
> > [mailto:owner-ietf- pkix@xxxxxxxxxxxx] On Behalf Of David Chadwick 
> > Sent: den 11 september 2007 12:02 To: Stephen Kent Cc:
> > ietf-pkix@xxxxxxx Subject: Re: request for WG to adopt
> > draft-chadwick-webdav-00.txt as a work item
> >
> >
> > Hi Steve
> >
> > As you know nearly everything in security is a tradeoff in one way
> > or another. What the webdav scheme gives you is instant revocation
> > status, which CRLs do not give you, but the tradeoff is having to
> > trust the repository. So the schemes are fundamentally different,
> > but I submit that there are many user requirements where the
> > tradeoff of instant revocation is preferable to the more
> > cryptographically protected though stale CRL scheme.
> >
> > regards
> >
> > David
> >
> >
> > Stephen Kent wrote:
> > > David,
> > >
> > > I have to agree with those who have expressed some concerns about
> > >  security aspects of cert revocation status under the WebDAV
> > > model.  I think it is a precept of current PKI models that we
> > > don't rely completely on the integrity of repositories.  That's
> > > why we post
> > signed
> > > CRLs and why the v2 CRL has both this update and next update
> > > fields.
> > We
> > > are always cognizant of the possibility that even with signed
> > > data,
> > the
> > > data might not be fresh, and so we try to minimize the
> > vulnerabilities
> > > associated with our reliance on on repositories.
> > >
> > > Steve
> > --
> >
> > ***************************************************************** 
> > David W. Chadwick, BSc PhD Professor of Information Systems
> > Security The Computing Laboratory, University of Kent, Canterbury,
> > CT2 7NF Skype Name: davidwchadwick Tel: +44 1227 82 3221 Fax +44
> > 1227 762 811 Mobile: +44 77 96 44 7184 Email:
> > D.W.Chadwick@xxxxxxxxxx Home Page:
> > http://www.cs.kent.ac.uk/people/staff/dwc8/index.html Research Web
> > site: http://www.cs.kent.ac.uk/research/groups/iss/index.html 
> > Entrust key validation string: MLJ9-DU5T-HV8J PGP Key ID is
> > 0xBC238DE5
> >
> > *****************************************************************

--

*****************************************************************
David W. Chadwick, BSc PhD
Professor of Information Systems Security
The Computing Laboratory, University of Kent, Canterbury, CT2 7NF
Skype Name: davidwchadwick
Tel: +44 1227 82 3221
Fax +44 1227 762 811
Mobile: +44 77 96 44 7184
Email: D.W.Chadwick@xxxxxxxxxx
Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html
Research Web site: http://www.cs.kent.ac.uk/research/groups/iss/index.html
Entrust key validation string: MLJ9-DU5T-HV8J
PGP Key ID is 0xBC238DE5

*****************************************************************