[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] Please discuss: draft-housley-evidence-extns-00

To: mark@xxxxxxxxxxxxxxxxxxxx (Mark Brown)
Subject: Re: [TLS] Please discuss: draft-housley-evidence-extns-00
From: Martin Rex <martin.rex@xxxxxxx>
Date: Thu, 4 Jan 2007 20:20:57 +0100 (MET)
Cc: tls@xxxxxxxx
In-reply-to: <003c01c7300e$6b675d00$6801a8c0@xxxxxxxxx> from "Mark Brown" at Jan 4, 7 08:41:28 am
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
Reply-to: martin.rex@xxxxxxx

Mark Brown wrote:
> 
> I think you're concerned about the HTTP GET side of my illustration, whereas
> TLS Evidence here would be concerned about the POST.  I'm Ok to assume HTTP
> is the app as you do:
> 
> > Browsers traditionally use up to 4 independent connections to retrieve
> > parts of what composes a Web page as seen by the user, and that results
> > in several parallel independent TLS-protected communcation channels.
> 
> I also agree with you that what is "seen by the user" may be the assembly of
> multi connections' GETs within the browser (etc.).  But TLS Evidence doesn't
> worry about that; what is "seen by the user" is simply out of scope.

OUCH. OUCH. OUCH.

>
> TLS Evidence only creates a factual record of what sent and received
> if and only if both parties digitally sign the same hash values
> (hashes over the sent and received data).
> 
> The POST is the target for TLS Evidence in this illustration.  And instead
> of generating a lot of useless evidence like "user fetched another JPEG"
> (app designer's choice here; I'm just making a suggestion), it would be more
> efficient to only capture TLS Evidence over something like the last step of
> a "checkout" sequence.

This is a totally flawed and insane approach!

But on the other hand, it makes an interesting business model:
As a Vendor, I can create (textual pages) with an order containing
the real price that I want to get signed (1,499,999.-) and I use
gifs to overlay this price in the form displayed to the user with
the background colour, so that the user sees (99,999.-).

Now in your model, the TLS Evidence is produce over the full amount,
while the information that the user saw, and what he intended to sign,
was a MUCH smaller amount.

Unfortunately, even if the user did make a screen-cap -- the screen
cap is unsigned, the gifs overlaying the three leading characters
of the full price are not part of the TLS Evidence, but the full
amount is part of the TLS Evidence.

Now if the TLS Evidence proposal leads to so many seriously flawed
"application solutions" from people discussing with the security geeks
on tls@xxxxxxxx, how much worse will be the outcome of applications
using TLS Evidence designed by the masses of security-unconscious
application writers out there?

-Martin

_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls

Follow-Ups:
- RE: [TLS] Please discuss: draft-housley-evidence-extns-00
  - From: Stefan Santesson

References:
- RE: [TLS] Please discuss: draft-housley-evidence-extns-00
  - From: Mark Brown

Prev by Date: Re: [TLS] Please discuss: draft-housley-evidence-extns-00
Next by Date: RE: [TLS] Please discuss: draft-housley-evidence-extns-00
Previous by thread: RE: [TLS] Please discuss: draft-housley-evidence-extns-00
Next by thread: RE: [TLS] Please discuss: draft-housley-evidence-extns-00
Index(es):
- Date
- Thread