Contact to more information: James Todd.
Below is the email conversation around this problem.
From: James Todd [email protected]
Sent: Wednesday, August 7, 2019 11:02 AM
To: Aswath Mohan [email protected]; Rama Durairajan [email protected]; Kari Richardson [email protected]; LeRoy Tuttle [email protected]; Andrea Chin (FX) [email protected]; Euan Grant [email protected]; Xianfang Wang [email protected]; M. Vivekananthan [email protected]; Ashish Poddar [email protected]; Jennifer Rowe [email protected]
Cc: Felanice Yancy [email protected]
Subject: RE: Design for new data flow path - SAN personalization
Catching up on this thread from being out the last few days. @Aswath, you are correct that the transport itself is over https to the Collector. That’s true for all connections to the Collector from any OS. However, the point being made here is that there is an additional level of defense in depth that can be used on the Windows OS, which is that the client code can check to see if the SSL cert being provided by the Collector is chained to the Microsoft CA root, proving that the Collector being uploaded to is really own by Microsoft and not some man-in-the-middle attacker. The Windows UTC’s code here does this extra check as an added layer of security.
By default Windows machines trust the Microsoft cert authority, but other OSes do not. As a result non-Windows OSes do not usually upload to the endpoints that provide a Microsoft-specific SSL cert, and that is why there are different endpoints for Windows and non-Windows OSes.
It is up the client team to decide if they want to leverage this same kind of logic on the client side to double-check that the Collector’s SSL cert is signed by the Microsoft CA.
James
From: Aswath Mohan [email protected]
Sent: Monday, August 5, 2019 4:56 PM
To: Rama Durairajan [email protected]; Kari Richardson [email protected]; LeRoy Tuttle [email protected]; Andrea Chin (FX) [email protected]; James Todd [email protected]; Euan Grant [email protected]; Xianfang Wang [email protected]; M. Vivekananthan [email protected]; Ashish Poddar [email protected]; Jennifer Rowe [email protected]
Cc: Felanice Yancy [email protected]
Subject: RE: Design for new data flow path - SAN personalization
Hi Rama,
I don’t understand the specifics of the concern. In all OS implementations the data leaving the client will be encrypted as it will be sent over https. I’m guessing all major OS in the market handle security of https certs in a secure way.
Regards,
Aswath
From: Rama Durairajan [email protected]
Sent: Friday, August 2, 2019 9:27 AM
To: Aswath Mohan [email protected]; Kari Richardson [email protected]; LeRoy Tuttle [email protected]; Andrea Chin (FX) [email protected]; James Todd [email protected]; Euan Grant [email protected]; Xianfang Wang [email protected]; M. Vivekananthan [email protected]; Ashish Poddar [email protected]; Jennifer Rowe [email protected]
Cc: Felanice Yancy [email protected]
Subject: RE: Design for new data flow path - SAN personalization
Sorry for the late reply, as Kari mentioned, there is still a security issue on non-windows. Are we okay with that?
From: Aswath Mohan [email protected]
Sent: Friday, August 2, 2019 8:58 AM
To: Kari Richardson [email protected]; LeRoy Tuttle [email protected]; Andrea Chin (FX) [email protected]; James Todd [email protected]; Rama Durairajan [email protected]; Euan Grant [email protected]; Xianfang Wang [email protected]; M. Vivekananthan [email protected]; Ashish Poddar [email protected]; Jennifer Rowe [email protected]
Cc: Felanice Yancy [email protected]
Subject: Re: Design for new data flow path - SAN personalization
@Andrea Chin (FX) and @rama Durairajan
Can you work on an ETA for the client code to send data to collector ++?
I will start a weekly sync with client/collector/pdos/amc from next week to track this.
Aswath
Get Outlook for iOS
From: Aswath Mohan [email protected]
Sent: Wednesday, July 31, 2019 1:59 PM
To: Kari Richardson; LeRoy Tuttle; Andrea Chin (FX); James Todd; Rama Durairajan; Euan Grant; Xianfang Wang; M. Vivekananthan; Ashish Poddar; Jennifer Rowe
Cc: Felanice Yancy
Subject: RE: Design for new data flow path - SAN personalization
Hi All,
Here is a summary of the items discussed in this thread. Please highlight any other open items on the data flow path.
-
We plan to send 2 browse history events, one for SAN and another for HJ/CUV
-
SAN events annotated with dedicated tenant ID70109aa3567b40e3bb8ac9e67a07b58a
-
1DS client Collector++ PDOS and Bing G
a. Windows end point to send tov20.events.data.microsoft.com with Microsoft rooted SSL certs
b. Non Windows end point – functional.events.data.microsoft.com. @james Todd and@Rama Durairajan are these the right end point for this?
-
SAN events routed to Bing G –PR complete
a. Any action needed to prevent SAN events from landing in cosmos 15 or other locations?
Regards,
Aswath
From: Kari Richardson [email protected]
Sent: Wednesday, July 31, 2019 12:05 PM
To: LeRoy Tuttle [email protected]; Andrea Chin (FX) [email protected]; James Todd [email protected]; Rama Durairajan [email protected]; Euan Grant [email protected]; Aswath Mohan [email protected]; Xianfang Wang [email protected]; M. Vivekananthan [email protected]; Ashish Poddar [email protected]; Jennifer Rowe [email protected]
Cc: Felanice Yancy [email protected]
Subject: RE: Design for new data flow path - SAN personalization
Adding @jennifer Rowe
From: LeRoy Tuttle [email protected]
Sent: Tuesday, July 30, 2019 12:18 PM
To: Andrea Chin (FX) [email protected]; James Todd [email protected]; Rama Durairajan [email protected]; Kari Richardson [email protected]; Euan Grant [email protected]; Aswath Mohan [email protected]; Xianfang Wang [email protected]; M. Vivekananthan [email protected]; Ashish Poddar [email protected]
Cc: Felanice Yancy [email protected]
Subject: RE: Design for new data flow path - SAN personalization
FYI –
A dedicated tenant ID (70109aa3567b40e3bb8ac9e67a07b58a) has been created for SAN-related traffic.
From: Andrea Chin (FX) [email protected]
Sent: Tuesday, July 30, 2019 11:55 AM
To: James Todd [email protected]; Rama Durairajan [email protected]; Kari Richardson [email protected]; Euan Grant [email protected]; Aswath Mohan [email protected]; Xianfang Wang [email protected]; M. Vivekananthan [email protected]; Ashish Poddar [email protected]; LeRoy Tuttle [email protected]
Cc: Felanice Yancy [email protected]
Subject: RE: Design for new data flow path - SAN personalization
+@leroy Tuttle
From: James Todd [email protected]
Sent: Monday, July 29, 2019 6:09 PM
To: Rama Durairajan [email protected]; Kari Richardson [email protected]; Euan Grant [email protected]; Aswath Mohan [email protected]; Xianfang Wang [email protected]; Andrea Chin (FX) [email protected]; M. Vivekananthan [email protected]; Ashish Poddar [email protected]
Cc: Felanice Yancy [email protected]
Subject: RE: Design for new data flow path - SAN personalization
I believe it goes all the way down to Windows 7 since UTC runs on Windows 7.
James
From: Rama Durairajan [email protected]
Sent: Monday, July 29, 2019 5:03 PM
To: James Todd [email protected]; Kari Richardson [email protected]; Euan Grant [email protected]; Aswath Mohan [email protected]; Xianfang Wang [email protected]; Andrea Chin (FX) [email protected]; M. Vivekananthan [email protected]; Ashish Poddar [email protected]
Cc: Felanice Yancy [email protected]
Subject: Re: Design for new data flow path - SAN personalization
Security is a concern across all platforms & we need to address it ubiquitously - any thoughts on how we can make this work across all OSes?
Also, when we say Windows OS, are we talking about a specific version or does this include all down-level versions as well?
Sent from Outlook
From: James Todd [email protected]
Sent: Monday, July 29, 2019 11:27
To: Kari Richardson [email protected]; Euan Grant [email protected]; Aswath Mohan [email protected]; Rama Durairajan [email protected]; Xianfang Wang [email protected]; Andrea Chin (FX) [email protected]; M. Vivekananthan [email protected]; Ashish Poddar [email protected]
Cc: Felanice Yancy [email protected]
Subject: RE: Design for new data flow path - SAN personalization
Agreed on the security concern since Windows OSes should use the endpoints that provide the Microsoft-rooted SSL cert for extra security, and should confirm that the SSL cert’s root is the Microsoft CA. This is what UTC does in the Windows OS. To reiterate what I said several emails below, the endpoint for functional data on Windows is “v20.events.data.microsoft.com”. So@Rama, while it complicates the client story I prefer that you do use different functional endpoints on Windows and non-Windows, and add the check for the Microsoft-rooted SSL cert on Windows.
James