PKI Labs Conference Call, August 12, 2002

*PKI Labs Conference Call*
August 12, 2002

*Attendees*

Neal McBurnett (convener) - Internet2

Eric Norman - Wisconsin

Bob Morgan - Washington
Peter Honeyman - Michigan
Olga Kornievskaia - Michigan
Carl Ellison - Intel
Steve Olshansky - Internet2

Jeanette Fielden - Internet2

*Discussion*

There have been a number of articles around a security hole in the Internet Explorer (IE) browser. The browser should verify that the Common Name (CN) field of the leaf certificate matches the domain it just connected to, that it's signed by the intermediate Certificate Authority (CA), and that the intermediate CA is signed by a known CA certificate. The browser should also verify that all intermediate certificates have valid CA basic constraints. IE does not check basic constraints. A valid cert for any domain can be used to sign a cert for a second site. IE fails to check whether the second cert is valid for the second site. As a result anyone with a cert can create a cert for any domain.

This does not appear to be a problem in other browsers. Netscape provides the security information, the certificate, subject issuer, but does not trace it back to root issuer. Netscape does not display the full information easily, with recent versions somewhat better in the detail of information provided if you know where to locate it.

Wisconsin Lab Report: Eric is still working with the SYMPA mailing list software that has encryption and S/MIME capabilities. S/MIME can be messy to work with since it is very strict in how things like tabs vs. spaces, line feeds etc. are handled.

Informational Items:
1) VeriSign CZAG: Privacy Leak in X.509 Certificates by Scott G. Renfro, Yahoo! , Inc. The paper looks at a number of issues and possible consequences surrounding embedding sensitive information (date of birth, gender etc.) in X.509 certificates: VeriSign's CZAG extension. It also looks at how these issues apply in the general case of certificates. The paper is available at: www.usenix.org/publications/library/proceedings/sec02/renfro.html
2) A General and Flexible Access-Control System for the Web by Lujo Bauer, Michael A. Schneider, and Edward W. Felten, Department of Computer Science, Princeton University. This paper discusses the design, implementation, and performance of a system for access control on the web called proof-carrying authorization (PCA). PCA provides a mechanism that allows pieces of the security policy to be hidden from unauthorized clients. The access-control system makes it possible to locate and use pieces of the security policy that have been distributed across arbitrary hosts. The link for the paper is: www.usenix.org/publications/library/proceedings/sec02/bauer.html.

The NSF Middleware Initiative (NMI) and Digital Rights Management (DRM) Workshop will be held September 9, 2002, at Georgetown University Conference Center in Washington, D.C. See www.ait.utk.edu/drmworkshop/.

The First Annual PKI Research Workshop materials are available at www.cs.dartmouth.edu/~pki02/. There are eight volunteers for the second one. More will be needed. There are some scheduling conflicts with selecting the date for the second PKI workshop that need to be resolved. There was preference expressed for a date towards the end of May to allow for more papers to be submitted. There will be an email discussion between volunteers to talk about dates and a call for papers.

Liberty Alliance comments: It seems to be an identity management system. When you form a federated identity it appears you have to go through the user and get their permission. It does not appear to solve the policy issue of whom (from a site perspective) you're supposed to trust. It could work in a bilateral situation where you have two sites that want to share authentication information that already trust each other. Once beyond that situation you're back to the problem of which sites should be trusted. Liberty Alliance seems to assume it has been solved.

Next call will be September 16, 2002.