[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] Security today

To: Michael Howard <Michael.Howard@xxxxxxxxxxxxx>
Subject: Re: [TLS] Security today
From: Benjamin Black <nostromo@xxxxxxxxx>
Date: Fri, 28 Mar 2008 18:59:20 -0700
Cc: "tls@xxxxxxxx" <tls@xxxxxxxx>
Delivered-to: tls@xxxxxxxxxxxxxx
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:cc:message-id:from:to:in-reply-to:content-type:content-transfer-encoding:mime-version:subject:date:references:x-mailer; bh=e4d1y5ych63q01DRafuHjUhGYQkvC6KNaxAacT0/0ko=; b=Lvo+RGzbEz6itoB7yzRS6DJwQVA+ezoyL56/9FYK7uukoYPb3SgWWbPHcyI5DgndA5vrEcnX6zAbz3GsEDemFHJpRr318e1RIMLxKZuDJFuYwigtoEeomzCvgMCSJLfTocXEIgUM1KP2xn78oPVsc5DSF4K3+z+iS20Xsj4ewDA=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=cc:message-id:from:to:in-reply-to:content-type:content-transfer-encoding:mime-version:subject:date:references:x-mailer; b=U34h6qp6CBCYXv2PTE+EE5H29zJFGYL3kVhnbi7DH6boD2JcJ+AKgv/49ZSG+d96Xj2Ksu81DkJ5styu0TcXkK5DObC5lrW/y85Mgnx0s1OsA/ctfDh9VFKZB9NVTVZ+3YcO0nXHGGvcqo+I0qBHJ3CWOnQkpPsa3I+U92uJCBY=
In-reply-to: <0685A6ED2CB5D245B49DD0B07C3636CC2A8D607F1D@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <47EC2A75.2050303@xxxxxxxxx> <0685A6ED2CB5D245B49DD0B07C3636CC2A8D543BC7@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <47EC57A2.4030109@xxxxxxxxx> <0685A6ED2CB5D245B49DD0B07C3636CC2A8D543C89@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <451F669C-B207-4F53-BF3C-8A22C7645823@xxxxxxxxx> <0685A6ED2CB5D245B49DD0B07C3636CC2A8D607F1D@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: tls-bounces@xxxxxxxx

Exactly.  Meanwhile, Mike's point is about the certificates people  
purchase from the CAs and the configurations on "secure" web servers.   
IE "defaulting" to strong crypto mechanisms helps not at all when the  
servers offer up certificates with short keys and weak algorithms.   
Think outside the box ;)

On Mar 28, 2008, at 6:51 PM, Michael Howard wrote:
>>> That might be the case for box products.
>
> That's exactly what our group does - "box" products
>
> -----Original Message-----
> From: Benjamin Black [mailto:nostromo@xxxxxxxxx]
> Sent: Friday, March 28, 2008 8:43 PM
> To: Michael Howard
> Cc: Mike; tls@xxxxxxxx
> Subject: Re: [TLS] Security today
>
> That might be the case for box products.
>
> $ openssl s_client -connect www.microsoft.com:443 -tls1
> CONNECTED(00000003)
> depth=2 /CN=Microsoft Internet Authority
> verify error:num=20:unable to get local issuer certificate
> verify return:0
> ---
> Certificate chain
>  0
> s:/C=US/ST=washington/L=Redmond/O=Microsoft/OU=mscom/CN=www.microsoft.com
>    i:/DC=com/DC=microsoft/DC=corp/DC=redmond/CN=Microsoft Secure
> Server Authority
>  1 s:/DC=com/DC=microsoft/DC=corp/DC=redmond/CN=Microsoft Secure
> Server Authority
>    i:/CN=Microsoft Internet Authority
>  2 s:/CN=Microsoft Internet Authority
>    i:/C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE
> CyberTrust Global Root
> ---
> Server certificate
> -----BEGIN CERTIFICATE-----
> MIIGJjCCBQ6gAwIBAgIKPuTDHAAEAACvkDANBgkqhkiG9w0BAQUFADCBizETMBEG
> CgmSJomT8ixkARkWA2NvbTEZMBcGCgmSJomT8ixkARkWCW1pY3Jvc29mdDEUMBIG
> CgmSJomT8ixkARkWBGNvcnAxFzAVBgoJkiaJk/IsZAEZFgdyZWRtb25kMSowKAYD
> VQQDEyFNaWNyb3NvZnQgU2VjdXJlIFNlcnZlciBBdXRob3JpdHkwHhcNMDgwMjEy
> MTgyNTE4WhcNMDkwMjExMTgyNTE4WjB0MQswCQYDVQQGEwJVUzETMBEGA1UECBMK
> d2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDESMBAGA1UEChMJTWljcm9zb2Z0
> MQ4wDAYDVQQLEwVtc2NvbTEaMBgGA1UEAxMRd3d3Lm1pY3Jvc29mdC5jb20wgZ8w
> DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALbG21smSr8rN+qJ5al2ml5BaPlBnyuK
> gN6KOS8TGTde496kil72zBF70sgRhQCERNNAiH0XaNWbDSqXcoxySOQhhW4PJ9P3
> OfSNQMBbG+8tVFsyk12cZZSQGK7iE6Wy1mAvsbZ0K1iCvg5DceSDRgc7sggKcVi5
> ZyS4wRwIlgI1AgMBAAGjggMkMIIDIDALBgNVHQ8EBAMCBaAwHQYDVR0lBBYwFAYI
> KwYBBQUHAwIGCCsGAQUFBwMBMHgGCSqGSIb3DQEJDwRrMGkwDgYIKoZIhvcNAwIC
> AgCAMA4GCCqGSIb3DQMEAgIAgDALBglghkgBZQMEASowCwYJYIZIAWUDBAEtMAsG
> CWCGSAFlAwQBAjALBglghkgBZQMEAQUwBwYFKw4DAgcwCgYIKoZIhvcNAwcwHQYD
> VR0OBBYEFIfqPJz0gndqvXIFZOP8H0+b2XKBMB8GA1UdIwQYMBaAFJmPpfcegW/6
> ecLwFj+yVLEIaEdVMIIBCgYDVR0fBIIBATCB/jCB+6CB+KCB9YZYaHR0cDovL21z
> Y3JsLm1pY3Jvc29mdC5jb20vcGtpL21zY29ycC9jcmwvTWljcm9zb2Z0JTIwU2Vj
> dXJlJTIwU2VydmVyJTIwQXV0aG9yaXR5KDQpLmNybIZWaHR0cDovL2NybC5taWNy
> b3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL01pY3Jvc29mdCUyMFNlY3VyZSUyMFNl
> cnZlciUyMEF1dGhvcml0eSg0KS5jcmyGQWh0dHA6Ly9jb3JwcGtpL2NybC9NaWNy
> b3NvZnQlMjBTZWN1cmUlMjBTZXJ2ZXIlMjBBdXRob3JpdHkoNCkuY3JsMIG/Bggr
> BgEFBQcBAQSBsjCBrzBeBggrBgEFBQcwAoZSaHR0cDovL3d3dy5taWNyb3NvZnQu
> Y29tL3BraS9tc2NvcnAvTWljcm9zb2Z0JTIwU2VjdXJlJTIwU2VydmVyJTIwQXV0
> aG9yaXR5KDQpLmNydDBNBggrBgEFBQcwAoZBaHR0cDovL2NvcnBwa2kvYWlhL01p
> Y3Jvc29mdCUyMFNlY3VyZSUyMFNlcnZlciUyMEF1dGhvcml0eSg0KS5jcnQwPwYJ
> KwYBBAGCNxUHBDIwMAYoKwYBBAGCNxUIg8+JTa3yAoWhnwyC+sp9geH7dIFPg8Lt
> hQiOqdKFYwIBZAIBBTAnBgkrBgEEAYI3FQoEGjAYMAoGCCsGAQUFBwMCMAoGCCsG
> AQUFBwMBMA0GCSqGSIb3DQEBBQUAA4IBAQAztULGfaAxeoGZbbViAVMtaPkMHaoN
> wGzhw4ePcWqSvDKnl9yLpbAsl7T+w4bbeJotXCl89Ri+G4Mbfo3wzcDfStM66qcR
> zGnEpiESh7cUZhUrxo+Iu+Ptn3pR/ub3uv8/WwF+KK6UUP+uhVMyxPT2LaGWgBSd
> 9/8qtngpMAbQVKnm4D8uQrcOa4Yqnjk6F2nNFCqd1Fl6yk5vxcfHD0YEcUNnC9SL
> yBRmzNKsCh0d6rFaeLDBvkVjPZ7HQkWoJ/JdBBCLRvpE+1CGKVEmj69wK+n5uZ/Z
> O46yGLxJwx62Vxdqno2D57R52VRx2c3ec5t5M2HUy6+K5W73BO0+hGKh
> -----END CERTIFICATE-----
> subject=/C=US/ST=washington/L=Redmond/O=Microsoft/OU=mscom/ 
> CN=www.microsoft.
> com
> issuer=/DC=com/DC=microsoft/DC=corp/DC=redmond/CN=Microsoft Secure
> Server Authority
> ---
> No client certificate CA names sent
> ---
> SSL handshake has read 4078 bytes and written 284 bytes
> ---
> New, TLSv1/SSLv3, Cipher is AES128-SHA
> Server public key is 1024 bit
> SSL-Session:
>     Protocol  : TLSv1
>     Cipher    : AES128-SHA
>     Session-ID:
> 531400000548600BCAE3CC4838956A1C3050A9CF2F0B201FD2CBEA4E9F473AB0
>     Session-ID-ctx:
>     Master-Key:
> 2700AA7DF91BEA3B007FE14D3B2289ED0F5041E99044410A6A4B8A657E916D21451B738AEFA6
> 8992EB24E8B19A0A9E30
>     Key-Arg   : None
>     Start Time: 1206754788
>     Timeout   : 7200 (sec)
>     Verify return code: 20 (unable to get local issuer certificate)
> ---
> DONE
> $
>
>
> On Mar 27, 2008, at 8:31 PM, Michael Howard wrote:
>> Fwiw, at Microsoft we mandate the use of "strong crypto" and that
>> includes ciphersuites and bit lengths. In the case of RSA, 2048
>> minimum, and the only time 1024 is allowed is for backward compat,
>> and that has to be signed off by the crypto board (Ferguson,
>> LaMacchia, Benoloh et al)
>>
>> Cheers, Michael
>> Writing Secure Code for Windows Vista:
> http://www.microsoft.com/MSPress/books/10723.aspx
>> SDL Book: http://www.microsoft.com/MSPress/books/8753.asp
>> Blog: http://blogs.msdn.com/michael_howard/
>>
>>
>> -----Original Message-----
>> From: tls-bounces@xxxxxxxx [mailto:tls-bounces@xxxxxxxx] On Behalf
>> Of Mike
>> Sent: Thursday, March 27, 2008 9:28 PM
>> To: tls@xxxxxxxx
>> Subject: Re: [TLS] Security today
>>
>> Michael Howard wrote:
>>> I think there is a deeper issue than this - people email
>>> sensitive data all the time with no encryption...
>>
>> Yes, email security is problematic, but users have to do
>> a lot of manual configuration even to get set up for it.
>> And then, they need to convince their correspondents to
>> set up their system too.
>>
>> With HTTPS, the infrastructure is already there, and it's
>> being used.  The problem is with server configuration:
>> key size, cipher suite selection.  If servers were simply
>> better configured, security would automatically improve.
>> Users wouldn't have to do anything differently; those
>> who we rely on for security are failing us!
>>
>> Mike
>>
>> P.S. and there's nothing you or I can do about it as a
>> user -- we can't influence the key sizes or cipher suites
>> offered by a server -- it's either take it or leave it.
>> _______________________________________________
>> TLS mailing list
>> TLS@xxxxxxxx
>> https://www.ietf.org/mailman/listinfo/tls
>> _______________________________________________
>> TLS mailing list
>> TLS@xxxxxxxx
>> https://www.ietf.org/mailman/listinfo/tls
>

_______________________________________________
TLS mailing list
TLS@xxxxxxxx
https://www.ietf.org/mailman/listinfo/tls

References:
- [TLS] Security today
  - From: Mike
- Re: [TLS] Security today
  - From: Michael Howard
- Re: [TLS] Security today
  - From: Mike
- Re: [TLS] Security today
  - From: Michael Howard
- Re: [TLS] Security today
  - From: Benjamin Black
- Re: [TLS] Security today
  - From: Michael Howard

Prev by Date: Re: [TLS] Security today
Next by Date: Re: [TLS] Security today
Previous by thread: Re: [TLS] Security today
Next by thread: Re: [TLS] Security today
Index(es):
- Date
- Thread