[foaf-protocols] Signing browser certificates with WebId

Reto Bachmann-Gmür me at farewellutopia.com
Fri Sep 10 17:45:49 CEST 2010


On Fri, Sep 10, 2010 at 4:27 PM, Dave Longley <dlongley at digitalbazaar.com>wrote:

>  On 09/10/2010 09:32 AM, Reto Bachmann-Gmür wrote:
>
> On Wed, Sep 8, 2010 at 4:03 PM, Henry Story <henry.story at bblfish.net>wrote:
>
>>
>> On 8 Sep 2010, at 13:12, Reto Bachmann-Gmür wrote:
>>
>> > On Tue, Sep 7, 2010 at 5:45 PM, Henry Story <henry.story at bblfish.net>
>> wrote:
>> >
>> >> On 7 Sep 2010, at 16:08, Reto Bachmann-Gmür wrote:
>> >>
>> >>> If we want to enable Web-of-trust features based on WebId it is import
>> >>> that an identity is associated to a small and relatively stable set of
>> keys.
>> >>
>> >> You need to phrase that differently. As it stands that is wrong, since
>> one
>> >> can build a web of trust with very unstable keys. The web is formed by
>> >> linking the URLs in a linked data pattern using vocabularies such as
>> foaf.
>> >>
>> >> See:
>> >>
>> >>
>> http://esw.w3.org/Foaf%2Bssl/FAQ#How_does_this_improve_over_X.509_or_GPG_Certificates.3F
>> >
>> > This seems to assume 100% trust in the dereferenciation of the WebId
>> > profiles, in reality they might be served over plain http,
>>
>>  If you do that you risk of course a man in the middle attack. Servers
>> which receive
>> such WebID's should take that into consideration.
>>
>> > used with self-signed certificate and TOFU-trust or be based on
>> hierarchical services
>> > (ca signed https) with the known risks.
>>
>>  There are always risks. For example your client could be broken into and
>> your
>> certs stolen. We have massively reduced the risks of password protected
>> web sites
>> though. Just as there is no certainty in life, yet there is knowledge, so
>> there
>> is no such thing as absolute security, only less insecurity.
>>
> We wouldn't be caring about encryption and webid if we thought that as
> there is no absolute security its not worth analyzing security risks and
> improvement possibilities.
>
>  The security of the webid system with short lived keys depends on the
> security of retrieving the webid profile document. There are the following
> variants:
>
>    - HTTP and HTTPS without key validation
>    The security is the same as with email verification over unsecure SMTP
>    connection, an attacker controlling a relevant network component can
>    impersonate you. The security level is same as with a password protected
>    system where at any time you can retrieve your password or a reset link via
>    email.
>
>
> I'd say that the security in this case isn't the same as with email
> verification, rather it's weaker. An attacker doesn't need to control a
> relevant network component. All they need to do is know your WebID URL if
> they want to impersonate your account on a particular web service.
>
> If there is any data that is stored by the service itself or any actions
> that are enabled by authorizing yourself on the service, then the attacker
> would have access to them merely by knowing your WebID URL. All they need to
> do is generate a self-signed certificate using that URL as the SAN and then
> connect to the service. If the service does not validate the key then the
> attacker will have succeeded.
>
I'm talking about the situation where the identifying agent verifies the key
by dereferencing the WebId to a profile over an HTTP or HTTPS connection
without verification of the server certificate of the server serving the
profile. Some network component have to be compromised by the attacker for
the identifying agent to dereference the public key to the representation
created by the attacker assigning the attacker's public key to the WebId.

Cheers,
Reto
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.foaf-project.org/pipermail/foaf-protocols/attachments/20100910/36e5c510/attachment-0008.htm 


More information about the foaf-protocols mailing list