I think maybe the problem might be the following statement:
>Every CA instance has a corresponding CRL and Manifest. The CRL contains
>certificates which are revoked and the Manifest contains just Signed
>Objects.
The manifest contains every signed object (except itself) that the CS
produces. That includes subsidiary certs, CRLS, ROAs and any other signed
object. So the certs a CA issues are also the set of "signed objects" the
manifest lists.
You are probably confused by RFC6486:
fileList:
This field is a sequence of FileAndHash objects. There is one
FileAndHash entry for each currently valid signed object that has
been published by the authority (at this publication point).
And the fact that there's an RFC called "Signed Object Template …" (RFC 6488)
which is currently used to define manifests and ROAs.
In RFC6486, "signed objects" means objects that have signatures related to the
CA and are published by the CA, That includes certs and CRLs.
But in RFC 6488, "signed objects" means a subset of those objects, those that
are not subsidiary CA certificates or CRLs..
--Sandy
________________________________________
From: sidr [sidr-boun...@ietf.org] on behalf of Demian Rosenkranz
[drose...@smail.inf.h-brs.de]
Sent: Monday, March 03, 2014 11:08 AM
To: sidr@ietf.org
Subject: [sidr] Man-in-the-middle attack
Hello,
I have a question regarding the possibility of using mitm attacks to
change repository contents/the validity of signed objects and router
certificates.
Every CA instance has a corresponding CRL and Manifest. The CRL contains
certificates which are revoked and the Manifest contains just Signed
Objects.
Because of the rsync protocol, a mitm attack between RP and repository
is possible. If the attacker withholds ...
... a signed object, the rp software would recognize it by checking the
manifest.
... a EE certificate, the rp software would recognize it, because the
corresponding signed object can't be validated.
... a manifest/crl, the rp sofware would recognize it, because every CA
instance has to have a manifest and a crl.
... a CA certificate and all files underneath that certificate, the rp
software WOULDN'T recognize anything. So the whole structure underneath
that certificate would be invalid.
... a Router certificate, the RP WOULDN'T recognize it, because it isn't
listet in any other file.
Regonize means recognizing the missing file, not necessarily the attack.
It could also be a mistake/bug/etc.
Are the described cases right or did I miss something? Would be great to
get feedback.
Kind regards
Demian Rosenkranz
_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr
_______________________________________________
sidr mailing list
sidr@ietf.org
https://www.ietf.org/mailman/listinfo/sidr
