From owner-freebsd-hackers@freebsd.org Mon Oct 23 11:56:35 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A1B2FE49424; Mon, 23 Oct 2017 11:56:35 +0000 (UTC) (envelope-from eric@metricspace.net) Received: from mail.metricspace.net (mail.metricspace.net [IPv6:2001:470:1f11:617::107]) by mx1.freebsd.org (Postfix) with ESMTP id 701E66D98F; Mon, 23 Oct 2017 11:56:35 +0000 (UTC) (envelope-from eric@metricspace.net) Received: from [IPv6:2001:470:1f11:617:3210:b3ff:fe77:ca3f] (unknown [IPv6:2001:470:1f11:617:3210:b3ff:fe77:ca3f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: eric) by mail.metricspace.net (Postfix) with ESMTPSA id A2E352E4F; Mon, 23 Oct 2017 11:56:33 +0000 (UTC) Subject: Re: Trust system write-up To: freebsd-arch@freebsd.org, freebsd-arch@freebsd.org, "freebsd-hackers@freebsd.org" References: <1a9bbbf6-d975-0e77-b199-eb1ec0486c8a@metricspace.net> <20171023071120.GA72383@blogreen.org> From: Eric McCorkle Message-ID: Date: Mon, 23 Oct 2017 07:56:33 -0400 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <20171023071120.GA72383@blogreen.org> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Oct 2017 11:56:35 -0000 On 10/23/2017 03:11, Romain Tartière wrote: > Hello Eric, > > On Sun, Oct 22, 2017 at 06:14:40PM -0400, Eric McCorkle wrote: >> The following is a write-up of my current design for a public-key trust >> system: >> >> https://www.metricspace.net/files/freebsd_trust.pdf > > Two minor things while reading: > 1. p2: from a end-user perspective, `trustctl` expects DER encoded > certificates and CRL; while `certs` and `rootcerts` outputs PEM > encoded certificates… So the formats are not the same, and maybe > consistency would be advisable here; There's a reason for that. The binary DER encoding is very easy to parse, and is far less likely to end up with vulnerabilities. Prior to learning about the discussion surrounding BearSSL, I had been working on a minimal PKI implementation which only parsed binary DER because it confers a number of advantages. Each element has a length, so it's easy to detect malicious or bad data and avoid overruns. Also, you can easily skip over data you don't need (such as the complex distinguished name structures), and since it's a distinguished encoding, you can treat any element as an opaque byte pointer for comparison purposes. All this closes off a number of attack vectors. PEM encoding is what applications use, and it's much easier to generate than to parse. Generating it is straightforward if you have the DER-encoded data lying around, whereas parsing introduces a number of possible errors. > 2. p3: 'the preferred configuration' is said to be the most used one, > but as described it only includes a single crt+key and does not look > suitable for distributing upgrades with freebsd-update(8). > Unless I missed something, I guess it's just the way it is described > that needs disambiguation: The idea is that you'd sign FreeBSD's vendor certificate with the local system key and add this to your intermediate certificates that get loaded at boot time. The installer would probably generate a local keypair, install it as a root trust certificate, then sign the FreeBSD vendor certificate and install it as an intermediate trust certificate. This would be enough to get an initial system up and running. Users that don't want to trust the FreeBSD cert could then do a buildworld and delete the signed FreeBSD cert from the intermediate certificate store. > Hybrid systems can be built by having more than one root node: > - "preferred configuration" have a local key+crt (as an local node) > AND the FreeBSD's project crt. > So these nodes can run FreeBSD's code and their own code. > - "standard FreeBSD images" as described have the FreeBSD's project > crt. When installing, they generates a local key+crt and add them > with the FreeBSD crt to the new system's trust store. So these > images have the "high-security institutions" scheme, and install > systems in the "preferred configuration" scheme. That is also an option; however, I prefer the configuration where only the local system key is a root and everything else is an intermediate, as each root key represents a source of trust that is hard to revoke (you have to power-cycle). It's almost always better to have a single root, and make everything else an intermediate, though I'm not sure enough of that to bake it into the specification.