New issue
Advanced search Search tips

Issue 607023 link

Starred by 1 user
Status: Verified
Owner:
rsleevi@chromium.org
Closed: May 2016
Cc:
eranm@chromium.org
est...@chromium.org
asymmetric@chromium.org
rsleevi@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 1
Type: Bug



Sign in to add a comment

Certificate Transparency code does not ensure quorum is met with diverse SCTs

Project Member Reported by rsleevi@chromium.org, Apr 27 2016 
MultiLogCTVerifier presently enumerates all of the logs when validating SCTs, adding each verified SCT to the CTVerifyResult's set of SCTs.

CTPolicyEnforcer's measure of uniqueness does not count whether or not the logs are diverse, allowing for the case where one could embed 1 SCT from a Google log, and obtain three distinct SCTs from the same log (by repeatedly logging the certificate).

Alternatively, you could meet the count (of 2 SCTs) by providing two different SCTs from the same log via TLS extension.
Project Member

Comment 1 by bugdroid1@chromium.org, May 4 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/a66cf3e7e727b4b613828e71931f8e91be070509

commit a66cf3e7e727b4b613828e71931f8e91be070509
Author: rsleevi <rsleevi@chromium.org>
Date: Wed May 04 22:55:50 2016

Align the CT implementation with the actual policy.

This resolves several bugs that were revealed inherent in the implementation and implements the new policy designed to avoid ambiguities with the old policy.

- Unique SCTs from the same log no longer count towards quorum, as it fails to ensure the ecosystem diversity that is intended by the quorum requirement
- Officially supports "method pooling" when using non-embedded SCTs (so long as at least one valid, qualified non-embedded SCT is present, only require 1 Google + 1 non-Google log, from any source)
- Fixes the bug where method pooling worked for embedded certificates
- Simplifies the implementation to make it easier to ensure that all SCTs delivered via TLS extension/OCSP stapling are qualified at time of check

BUG= 605510 ,  607023 

Review-Url: https://codereview.chromium.org/1941973002
Cr-Commit-Position: refs/heads/master@{#391674}

[modify] https://crrev.com/a66cf3e7e727b4b613828e71931f8e91be070509/net/cert/ct_policy_enforcer.cc
[modify] https://crrev.com/a66cf3e7e727b4b613828e71931f8e91be070509/net/cert/ct_policy_enforcer.h
[modify] https://crrev.com/a66cf3e7e727b4b613828e71931f8e91be070509/net/cert/ct_policy_enforcer_unittest.cc

Comment 2 by rsleevi@chromium.org, May 9 2016

Status: Verified (was: Assigned)

Sign in to add a comment