per-entity - Re: [Per-Entity] deploying TLS on the MDQ server
Subject: Per-Entity Metadata Working Group
List archive
- From: David Walker <>
- To: <>
- Subject: Re: [Per-Entity] deploying TLS on the MDQ server
- Date: Fri, 9 Sep 2016 09:03:07 -0700
- Authentication-results: spf=none (sender IP is ) ;
- Ironport-phdr: 9a23:FNXMqxPfVSbCX2OX3r4l6mtUPXoX/o7sNwtQ0KIMzox0K/X7rarrMEGX3/hxlliBBdydsK0UzbeN+Pm9EUU7or+/81k6OKRWUBEEjchE1ycBO+WiTXPBEfjxciYhF95DXlI2t1uyMExSBdqsLwaK+i76wCAfACr/NBZ4Y6HcUs6X1pzvlrP6x5qGNx1Fnn+wZ69zMASerAPascwTho0kLbw+nEjnuHxNLshf22JkbW2amxXx/I/k8IFq9yddodog8dJNS6P3Y/5+QLBFWmd1e1sp7dHm4EGQBTCE4WERByBPykJF
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
|
I also had that thought. It makes me wonder why we need to do
anything special for ADFS, other than to admonish ADFS users to
make sure their script is verifying signatures. David On 09/09/2016 06:58 AM, Paul Caskey
wrote:
For signature verification, I guess ADFS could need to continue following the script approach to manually verify the signature and import metadata into ADFS (FEMMA, etc). I see Msft still has this article out there: https://technet.microsoft.com/en-us/library/gg317734(v=ws.10).aspx-----Original Message----- From: [] On Behalf Of Tom Scavo Sent: Friday, September 09, 2016 8:53 AM To: Cantor, Scott Cc: Thomas Scavo ; Per-Entity Metadata Working Group Subject: Re: [Per-Entity] deploying TLS on the MDQ server On Fri, Sep 9, 2016 at 9:40 AM, Cantor, Scott wrote:On 9/9/16, 9:31 AM,wrote:Can you be more specific about what you think is "tight enough?"I haven't thought about it, but in giving a little bit of consideration to it, Idon't know if there is anything realistic that would help given the sort of attack I'm thinking of. Certainly hours at most, but really the attack just requires that the window between "it changed" and "it gets requested" is wider than real time. So I suppose I think TLS is basically a requirement in the end.I'm not following you. On the production side, aggregates and entities are identical since they emanate from the same infrastructure. On the client side, request patterns are different, I realize that, but I don't see how that influences validUntil. I think I'mmissing something.The difference is in the knowledge the attacker has of when the requestfor the metadata might be made. Because it's an active attack, knowing when the request will be made is pretty significant in pulling something off that requires actively intercepting and changing/substituting a result. Okay, putting both of those together, I conclude we need TLS on the MDQ server to address your concern (and it has nothing to do with validUntil). But what about the other scenario? What can/should we provide to AD FS (which currently has no security options whatsoever)? Tom |
Attachment:
signature.asc
Description: OpenPGP digital signature
- Re: [Per-Entity] deploying TLS on the MDQ server, (continued)
- Re: [Per-Entity] deploying TLS on the MDQ server, David Walker, 09/08/2016
- Re: [Per-Entity] deploying TLS on the MDQ server, Tom Scavo, 09/08/2016
- RE: [Per-Entity] deploying TLS on the MDQ server, Paul Caskey, 09/08/2016
- Re: [Per-Entity] deploying TLS on the MDQ server, Steve Thorpe, 09/08/2016
- Re: [Per-Entity] deploying TLS on the MDQ server, Tom Scavo, 09/08/2016
- Re: [Per-Entity] deploying TLS on the MDQ server, David Walker, 09/08/2016
- Re: [Per-Entity] deploying TLS on the MDQ server, Tom Scavo, 09/09/2016
- Re: [Per-Entity] deploying TLS on the MDQ server, Cantor, Scott, 09/09/2016
- Re: [Per-Entity] deploying TLS on the MDQ server, Tom Scavo, 09/09/2016
- RE: [Per-Entity] deploying TLS on the MDQ server, Paul Caskey, 09/09/2016
- Re: [Per-Entity] deploying TLS on the MDQ server, David Walker, 09/09/2016
- Re: [Per-Entity] deploying TLS on the MDQ server, Cantor, Scott, 09/09/2016
- RE: [Per-Entity] deploying TLS on the MDQ server, Paul Caskey, 09/09/2016
- Re: [Per-Entity] deploying TLS on the MDQ server, Tom Scavo, 09/09/2016
- Re: [Per-Entity] deploying TLS on the MDQ server, Cantor, Scott, 09/09/2016
Archive powered by MHonArc 2.6.19.