[Servercert-wg] Voting Period Begins - Ballot SC-067 V3: "Require domain validation and CAA checks to be performed from multiple Network Perspectives"

Ryan Dickson ryandickson at google.com
Fri Jul 19 12:27:16 UTC 2024 

Google Votes Yes on Ballot SC-067 V3.

On Thu, Jul 18, 2024 at 8:11 PM Wayne Thayer via Servercert-wg <
servercert-wg at cabforum.org> wrote:

> Fastly Votes Yes to ballot SC-067 V3.
>
> - Wayne
>
> On Mon, Jul 15, 2024 at 8:29 AM Chris Clements via Servercert-wg <
>> servercert-wg at cabforum.org> wrote:
>>
>>> Purpose of Ballot SC-067 V3:
>>>
>>> This Ballot proposes updates to the Baseline Requirements for the
>>> Issuance and Management of Publicly-Trusted TLS Server Certificates
>>> (i.e., TLS BRs) related to “Multi-Perspective Issuance Corroboration”
>>> (“MPIC”).
>>>
>>>
>>> Background:
>>>
>>>
>>> - MPIC refers to performing domain validation and CAA checks from
>>> multiple Network Perspectives before certificate issuance, as described
>>> within the Ballot for the applicable validation methods in TLS BR Sections
>>> 3.2.2.4 and 3.2.2.5.
>>>
>>> - Not all methods described in TLS BR Sections 3.2.2.4 and 3.2.2.5 will
>>> require using MPIC.
>>>
>>> - This work was most recently motivated by research presented at
>>> Face-to-Face 58 [1] by Princeton University, but has been discussed for
>>> years prior as well.
>>>
>>> - The goal of this proposal is to make it more difficult for adversaries
>>> to successfully launch equally-specific prefix attacks against the domain
>>> validation processes described in the TLS BRs.
>>>
>>> - Additional background information can be found in an update shared at
>>> Face-to-Face 60 [2].
>>>
>>>
>>> Benefits of Adoption:
>>>
>>>
>>> - Recent publicly-documented attacks have used BGP hijacks to fool
>>> domain control validation and obtain malicious certificates, which led to
>>> the impersonation of HTTPS websites [3][4].
>>>
>>> - Routing security defenses (e.g., RPKI) can mitigate the risk of global
>>> BGP attacks, but localized, equally-specific BGP attacks still pose a
>>> significant threat to the Web PKI [5][6].
>>>
>>> - Corroborating domain control validation checks from multiple network
>>> perspectives (i.e., MPIC) spread across the Internet substantially reduces
>>> the threat posed by equally-specific BGP attacks, ensuring the integrity of
>>> domain validation and issuance decisions [5][7][8].
>>>
>>> - Existing deployments of MPIC at the scale of millions of certificates
>>> a day demonstrate the feasibility of this technique at Internet scale
>>> [7][9].
>>>
>>>
>>> Intellectual Property (IP) Disclosure:
>>>
>>>
>>> - While not a Server Certificate Working Group Member, researchers from
>>> Princeton University presented at Face-to-Face 58, provided academic
>>> expertise, and highlighted publicly-available peer-reviewed research to
>>> support Members in drafting this ballot.
>>>
>>> - The Princeton University researchers indicate that they have not filed
>>> for any patents relating to their MPIC work and do not plan to do so in the
>>> future.
>>>
>>> - Princeton University has indicated that it is unable to agree to the
>>> CA/Browser Forum IPR agreement because it could encumber inventions
>>> invented by researchers not involved in the development of MPIC or with the
>>> CA/B Forum.
>>>
>>> - Princeton University has instead provided the attached IPR statement.
>>> Pursuant to the IPR statement, Princeton University has granted a worldwide
>>> royalty free license to the intellectual property in MPIC developed by the
>>> researchers and has made representations regarding its lack of knowledge of
>>> any other Princeton intellectual property needed to implement MPIC.
>>>
>>> - The attached IPR statement has not changed since disclosed in
>>> Discussion Round 1.
>>>
>>> - For clarity, Princeton University’s IPR statement is NOT intended to
>>> replace the Forum’s IPR agreement or allow Princeton to participate in the
>>> Forum in any capacity.
>>>
>>> - Members seeking legal advice regarding this ballot should consult
>>> their own counsel.
>>>
>>>
>>> Proposal Revision History:
>>>
>>>
>>> - Pre-Ballot Release #1 (work team artifacts and broader Validation
>>> Subcommittee collaboration) [10]
>>>
>>> - Pre-Ballot Release #2 [11]
>>>
>>>
>>> Previous versions of this Ballot:
>>>
>>>
>>> - Ballot Release #1 [12] (comparing Version 2 to Version 1) [13]. Note,
>>> some of the changes represented in the comparison are updates made by other
>>> ballots that have since passed (e.g., SC-069).
>>>
>>> - Ballot Release #2 [14] (comparing Version 3 to Version 2) [15]. Note,
>>> some of the changes represented in the comparison are updates made by other
>>> ballots that have since passed (e.g., SC-072).
>>>
>>>
>>> References:
>>>
>>> [1]
>>> https://cabforum.org/wp-content/uploads/13-CAB-Forum-face-to-face-multiple-vantage-points.pdf
>>>
>>> [2]
>>> https://drive.google.com/file/d/1LTwtAwHXcSaPVSsqKQztNJrV2ozHJ7ZL/view?usp=drive_link
>>>
>>>
>>> [3]
>>> https://medium.com/s2wblog/post-mortem-of-klayswap-incident-through-bgp-hijacking-en-3ed7e33de600
>>>
>>>
>>> [4] https://www.coinbase.com/blog/celer-bridge-incident-analysis
>>>
>>> [5]
>>> https://www.usenix.org/conference/usenixsecurity23/presentation/cimaszewski
>>>
>>>
>>> [6]
>>> https://www.blackhat.com/docs/us-15/materials/us-15-Gavrichenkov-Breaking-HTTPS-With-BGP-Hijacking-wp.pdf
>>>
>>>
>>> [7]
>>> https://www.usenix.org/conference/usenixsecurity21/presentation/birge-lee
>>>
>>>
>>> [8]
>>> https://www.usenix.org/conference/usenixsecurity18/presentation/birge-lee
>>>
>>>
>>> [9]
>>> https://security.googleblog.com/2023/05/google-trust-services-acme-api_0503894189.html
>>>
>>>
>>> [10] https://github.com/ryancdickson/staging/pull/6
>>>
>>> [11] https://github.com/ryancdickson/staging/pull/8
>>>
>>> [12] https://github.com/cabforum/servercert/pull/487
>>>
>>> [13]
>>> https://github.com/cabforum/servercert/compare/6d10abda8980c6eb941987d3fc26e753e62858c0..5224983ef0a6f94c18808ea3469e7a5ae35746e5
>>>
>>> [14] https://github.com/cabforum/servercert/pull/507
>>>
>>> [15]
>>> https://github.com/cabforum/servercert/compare/5224983ef0a6f94c18808ea3469e7a5ae35746e5..2dcf1a8fe5fc7b6a864b5767ab1db718bc447463
>>>
>>>
>>> The following motion has been proposed by Chris Clements and Ryan
>>> Dickson of Google (Chrome Root Program) and endorsed by Aaron Gable (ISRG /
>>> Let’s Encrypt) and Wayne Thayer (Fastly).
>>>
>>>
>>> — Motion Begins —
>>>
>>>
>>> This ballot modifies the “Baseline Requirements for the Issuance and
>>> Management of Publicly-Trusted TLS Server Certificates” (“Baseline
>>> Requirements”), based on Version 2.0.4.
>>>
>>>
>>> MODIFY the Baseline Requirements as specified in the following Redline:
>>>
>>>
>>> https://github.com/cabforum/servercert/compare/c4a34fe2292022e0a04ba66b5a85df75907ac2a2..2dcf1a8fe5fc7b6a864b5767ab1db718bc447463
>>>
>>>
>>>
>>>
>>> — Motion Ends —
>>>
>>>
>>> This ballot proposes a Final Maintenance Guideline. The procedure for
>>> approval of this ballot is as follows:
>>>
>>>
>>> Discussion (57 days)
>>>
>>> - Start: 2024-05-20 14:30:00 UTC
>>>
>>> - End: 2024-07-15 15:29:59 UTC
>>>
>>>
>>> Vote for approval (7 days)
>>>
>>> - Start: 2024-07-15 15:30:00 UTC
>>>
>>> - End: 2024-07-22 15:30:00 UTC
>>>
>>> _______________________________________________
>>> Servercert-wg mailing list
>>> Servercert-wg at cabforum.org
>>> https://lists.cabforum.org/mailman/listinfo/servercert-wg
>>>
>> _______________________________________________
> Servercert-wg mailing list
> Servercert-wg at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/servercert-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/servercert-wg/attachments/20240719/49f40373/attachment-0001.html>

More information about the Servercert-wg mailing list