Re: [Acme] tls-alpn-01 spec: TLS-SNI history
Ilari Liusvaara <ilariliusvaara@welho.com> Wed, 20 June 2018 09:35 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7C6A5131065 for <acme@ietfa.amsl.com>; Wed, 20 Jun 2018 02:35:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CGJ-xdie7yBg for <acme@ietfa.amsl.com>; Wed, 20 Jun 2018 02:35:05 -0700 (PDT)
Received: from welho-filter4.welho.com (welho-filter4.welho.com [83.102.41.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 35054124BE5 for <acme@ietf.org>; Wed, 20 Jun 2018 02:35:04 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by welho-filter4.welho.com (Postfix) with ESMTP id 474B445C7F; Wed, 20 Jun 2018 12:35:02 +0300 (EEST)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp3.welho.com ([IPv6:::ffff:83.102.41.86]) by localhost (welho-filter4.welho.com [::ffff:83.102.41.26]) (amavisd-new, port 10024) with ESMTP id HfB1zQrJVBBo; Wed, 20 Jun 2018 12:35:01 +0300 (EEST)
Received: from LK-Perkele-VII (87-92-19-27.bb.dnainternet.fi [87.92.19.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by welho-smtp3.welho.com (Postfix) with ESMTPSA id A0BB32308; Wed, 20 Jun 2018 12:34:59 +0300 (EEST)
Date: Wed, 20 Jun 2018 12:34:45 +0300
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: Felipe Gasper <felipe@felipegasper.com>
Cc: ACME WG <acme@ietf.org>
Message-ID: <20180620093445.GA23561@LK-Perkele-VII>
References: <4A77AEB5-0982-47C2-86AC-BD99D8D9E6F3@felipegasper.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <4A77AEB5-0982-47C2-86AC-BD99D8D9E6F3@felipegasper.com>
User-Agent: Mutt/1.10.0 (2018-05-17)
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/p9QllHZ_IMdGJKgR2Hlb8aBXdi8>
Subject: Re: [Acme] tls-alpn-01 spec: TLS-SNI history
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Jun 2018 09:35:08 -0000
On Tue, Jun 19, 2018 at 08:30:32PM -0400, Felipe Gasper wrote: > Having read over the history of TLS-SNI as reported in the draft > spec, I feel like it might be prudent to mention that a > significant part of the failure of TLS-SNI was Apache httpd and > its (nonsensical, IMO) behavior of sending certificates for domains > that don’t match the SNI request. > > The write-up mentions “service providers”; for what it’s worth, I > feel like a more complete and accurate picture would also indicate > that “popular server software” (e.g., Apache … maybe others?) will > happily serve up a certificate that has no connection with the SNI > request, and that this is also a significant part of why TLS-SNI did > not work. My understanding was that catastrophic problem was not the default- vhost behavior of Apache or Nginx, altough that could casue security issues. But instead, the problem was that many hosting provoders let one claim arbitrary hostnames on FCFS basis. This let attacker upload arbitrary validation certificates to be served, and due to how TLS-SNI worked, this lead to misvalidation. TLS-ALPN addresses the latter problem by requiring the server_name to match the validation target (which is AFACIT also required by the Baseline Requirements). This stops claiming arbitary names from allowing misvalidations. The TLS-SNI-01 included was default-vhost countermeasures, but those were dropped from TLS-SNI-02, and from what I can tell, were not actually used. -Ilari
- Re: [Acme] tls-alpn-01 spec: TLS-SNI history Ryan Sleevi
- Re: [Acme] tls-alpn-01 spec: TLS-SNI history Tim Hollebeek
- Re: [Acme] tls-alpn-01 spec: TLS-SNI history Felipe Gasper
- Re: [Acme] tls-alpn-01 spec: TLS-SNI history Ryan Sleevi
- Re: [Acme] tls-alpn-01 spec: TLS-SNI history Tim Hollebeek
- Re: [Acme] tls-alpn-01 spec: TLS-SNI history Ryan Sleevi
- Re: [Acme] tls-alpn-01 spec: TLS-SNI history Ilari Liusvaara
- [Acme] tls-alpn-01 spec: TLS-SNI history Felipe Gasper