[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] xxx-draft-spec-for-TLS-normalization.txt

To: or-dev <tor-dev@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-dev] xxx-draft-spec-for-TLS-normalization.txt
From: Chris Palmer <chris@xxxxxxx>
Date: Mon, 21 Feb 2011 14:08:47 -0800
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 21 Feb 2011 17:19:09 -0500
In-reply-to: <AANLkTi=xPxZ0L_zaWn4-5HkR53kqVD0OvBh01tRTxvWJ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for discussion by the developers of Tor." <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <AANLkTi=8=zsx24D-Pojzm7hG+qANBE-cwY1hh2XBA2JS@xxxxxxxxxxxxxx> <E1PrMlo-0001nd-8W@xxxxxxxxxxxxxxxxxxxxxxxxxx> <AANLkTimZ4O6deD1_nbvMOEU7Fc4F_jWMa6a2M2MQjkes@xxxxxxxxxxxxxx> <AANLkTinSr6YAHRj0+RW54KGz6=2u+cJcWJr1d7w6nCCc@xxxxxxxxxxxxxx> <AANLkTinABj_-20Ovu0SzFP6jGi6r3CocOiCmyzDoiijK@xxxxxxxxxxxxxx> <4D62BE47.9070701@xxxxxxxxx> <AANLkTi=xPxZ0L_zaWn4-5HkR53kqVD0OvBh01tRTxvWJ@xxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx

On Feb 21, 2011, at 12:54 PM, Adam Langley wrote:

> I agree that forcing collateral damage is the key here. The current
> code generates `random' certificates, but it's pretty easy to pattern
> match them and there's no collateral damage to doing so.

The thing that seems most correct to me, and most true, and is also likely to look like a lot of self-signed HTTPS hosts, is to just create a cert that looks like what a "good" self-signed cert would look like: a subject name that matches the host's internet-facing identity (IP and/or hostname), with reasonably common cryptographic parameters, and real-ish information in the fields like OU and so on (perhaps automatically culled from hostnames or Tor relay names or something).

As the Observatory shows, self-signed certificates outnumber CA-signed certificates. Fitting in with the self-signed world, of which those CPE things like printers and routers are just a subset, seems reasonable.

I don't know if it's possible to do better than to "just sort of look like a web server with a self-signed cert".

-- 
Chris Palmer
Technology Director, Electronic Frontier Foundation

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- Re: Re: xxx-draft-spec-for-TLS-normalization.txt
  - From: Nick Mathewson
- Re: [tor-dev] xxx-draft-spec-for-TLS-normalization.txt
  - From: Nick Mathewson
- Re: [tor-dev] xxx-draft-spec-for-TLS-normalization.txt
  - From: Adam Langley
- Re: [tor-dev] xxx-draft-spec-for-TLS-normalization.txt
  - From: Tim Wilde
- Re: [tor-dev] xxx-draft-spec-for-TLS-normalization.txt
  - From: Adam Langley

Prev by Author: Re: xxx-draft-spec-for-TLS-normalization.txt
Next by Author: Re: [tor-dev] SSL Observatory Observations
Previous by thread: Re: [tor-dev] xxx-draft-spec-for-TLS-normalization.txt
Next by thread: Re: Publishing sanitized bridge pool assignments
Index(es):
- Author
- Thread