Hammurabi

Larisch, James; Aqeel, Waqar; Lum, Michael; Goldschlag, Yaelle; Kannan, Leah; Torshizi, Kasra; Wang, Yujie; Chung, Tae-Sun; Levin, Dave; Maggs, Bruce M.; Mislove, Alan; Parno, Bryan; Wilson, Christo

doi:10.1145/3548606.3560594

Cited by 4 publications

(1 citation statement)

References 77 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…GCCs may be easier to deploy given a radical redesign of certificate chain validation. For instance, in Hammurabi [38], the entire TLS certificate validation algorithm is expressed as a Prolog program. A Hammurabi-enabled platform could perform the complete chain validation procedure-user-agents would simply pass certificate and the chosen Hammurabi policy (e.g., authored by Mozilla or Google) to the platform's trust daemon, which would perform chain construction and return true or false.…”

Section: Complete Validation Redesignmentioning

confidence: 99%

No Root Store Left Behind

Larisch,

Aqeel,

Chung

et al. 2023

Proceedings of the 22nd ACM Workshop on Hot Topics in Networks

Self Cite

View full text Add to dashboard Cite

When a root certificate authority (CA) in the Web PKI misbehaves, primary root-store operators such as Mozilla and Google respond by distrusting that CA. However, full distrust is often too broad, so root stores often implement partial distrust of roots, such as only accepting a root for a subset of domains. Unfortunately, derivative root stores (e.g., Debian and Android) that mirror decisions made by primary root stores are often out-of-date and cannot implement partial distrust, leaving TLS applications vulnerable.We propose augmenting root stores with per-certificate programs called General Certificate Constraints (GCCs) that precisely control the trust of root certificates. We propose that primary root-store operators write GCCs and distribute them, along with routine root certificate additions and removals, to all root stores in the Web PKI. To justify our arguments, we review specific instances of CA certificate mis-issuance over the last decade that resulted in partial distrust of roots that derivative root stores were unable to precisely mirror. We also review prior work that illustrates the alarming lag between primary and derivative root stores. We discuss preliminary designs for GCC deployment and how GCCs could enable pre-emptive restrictions on CA power. CCS Concepts• Security and privacy → Web protocol security; Logic and verification; • Networks → Transport protocols.

show abstract

Section: Complete Validation Redesignmentioning

confidence: 99%