[cabfpub] Must Staple OID

Yngve N. Pettersen (Developer Opera Software ASA) yngve at opera.com
Tue Oct 2 22:59:54 UTC 2012


I'd like to point out that

   6.2 The TLS protocol arguably provides a sufficient degree of protection
    against a version number downgrade attack and thus it could be argued
    that this particular attribute is unnecessary.

while technically correct, it is currently not correct in practice.

The reason for this is that ~1.5% of TLS servers are version and/or  
extension intolerant, forcing clients to "voluntarily" downgrade the TLS  
version and/or disable other functionality to be able to access the  
server. As Adam Langley from Google have documented, in some cases the  
server is not directly responsible for these problems, but devices in the  
network of the site.

In relation to this problem I have posted a suggestion for a heuristic  
approach to handling the problem, using the TLS Renego Indication  
extension as a proxy indication for version tolerance.

http://datatracker.ietf.org/doc/draft-pettersen-tls-version-rollback-removal/

The proposed certificate policy might assist in getting a handle on the  
issue by using a different method, but I do wonder if server  
administrators that have not upgraded their server to fix a security  
vulnerability (and 57% of the unpatched servers are vulnerable to the full  
attack) would take action to add such an extension to their certificate.

On Wed, 03 Oct 2012 00:33:19 +0200, Phillip <philliph at comodo.com> wrote:

> I just submitted the draft that I wrote with Rob's input back in May.
>
> We started off with just doing 'must staple'. Then when we looked at the  
> problem in a little more detail we started to see a potential version  
> downgrade attack on top. So this led to a slightly more general approach  
> (but not very).
>
> http://tools.ietf.org/html/draft-hallambaker-tlssecuritypolicy-01
>
>
> On Sep 28, 2012, at 12:12 AM, Jeremy Rowley wrote:
>
>> Hi everyone,
>>
>> One of the items discussed during today’s revocation meeting was the  
>> use of a “must staple” OID.  Does anyone object to using  
>> 2.23.140.16.1?  2.23.140 is the ca-browser-forum, 16 is ocsp, and 1  
>> will become “must-staple”.
>>
>> Jeremy Rowley
>>
>> _______________________________________________
>> Public mailing list
>> Public at cabforum.org
>> https://cabforum.org/mailman/listinfo/public
>


-- 
Sincerely,
Yngve N. Pettersen
********************************************************************
Senior Developer		     Email: yngve at opera.com
Opera Software ASA                   http://www.opera.com/
Phone:  +47 96 90 41 51              Fax:    +47 23 69 24 01
********************************************************************



More information about the Public mailing list