Re: [Dance] CRLs/OCSP and DANE at RIPE84
Michael Richardson <mcr+ietf@sandelman.ca> Fri, 27 May 2022 13:53 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: dance@ietfa.amsl.com
Delivered-To: dance@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 386F3C237D0A for <dance@ietfa.amsl.com>; Fri, 27 May 2022 06:53:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.697
X-Spam-Level:
X-Spam-Status: No, score=-1.697 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (public key: not available)" header.d=sandelman.ca
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KzqbTN0t2cKX for <dance@ietfa.amsl.com>; Fri, 27 May 2022 06:53:38 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D658C237D03 for <dance@ietf.org>; Fri, 27 May 2022 06:53:32 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id 7C2AE38D29 for <dance@ietf.org>; Fri, 27 May 2022 10:08:05 -0400 (EDT)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id kHINkUE0gw0t for <dance@ietf.org>; Fri, 27 May 2022 10:08:00 -0400 (EDT)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id 8AEB438D25 for <dance@ietf.org>; Fri, 27 May 2022 10:08:00 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sandelman.ca; s=mail; t=1653660480; bh=ttHc/hSdVdun6Dk14lqmCQB6mOCXtEQ6Xd72A3ZzV/Q=; h=From:To:Subject:In-Reply-To:References:Date:From; b=asM06Qa8kzPjehzhXYEY2WYgMmgWp1AV3dVgGCTV4PZamgnAIVHcLdt+B6Kd6Ho+t TT1DO1FV1qWR9FHOD0CRBIinvgZPrHYzlKLVkeB00aGriDmWMDYnY+QFR35TYEo+MZ rG0yb4e01pjCpn//YW7qJTM8BHzBiBI4cAwExGnq+ghPLqtMcSnj6je6h7aOrSlMKu a3QAsTub3uMY6qORiXh43mSR6VvnBq1PfmbwbA7BlPNrkQjmQc7YftNh6YUGxayAO+ 3Pw3cnl5w05gNRZi6hWAOG8/kwdt7Yxo916g2SCU53E67BSiQfRz0W7hlATHZfxMXZ Rh4ldCATV+Q/g==
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 666F9471 for <dance@ietf.org>; Fri, 27 May 2022 09:53:26 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: dance <dance@ietf.org>
In-Reply-To: <50DACAF0-23FF-4BE0-97D1-0CB2B536D56B@gmail.com>
References: <887547.1653131902@dooku> <CAHPuVdXED50HMmBzkPCRa6pTqUnD8FA_upyWSMZy9OBt=q1GfA@mail.gmail.com> <19724.1653397933@localhost> <CAHPuVdWNe-SFZmRDB5nORs+3fFWgGLVyZKxFSOGx95j4wBpjUA@mail.gmail.com> <924BEB7A-1155-4C79-9F62-BA84BB09BEB6@bluepopcorn.net> <23517.1653511237@localhost> <ybl4k1dwbll.fsf@wd.hardakers.net> <9085A96C-3DCE-4FEF-9A54-02B16A42C769@bluepopcorn.net> <50DACAF0-23FF-4BE0-97D1-0CB2B536D56B@gmail.com>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 27.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Fri, 27 May 2022 09:53:26 -0400
Message-ID: <23632.1653659606@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/dance/6V2cfb-jO5nRRfZ9YBLKTBkQJSo>
Subject: Re: [Dance] CRLs/OCSP and DANE at RIPE84
X-BeenThere: dance@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: DANE Authentication for Network Clients Everywhere <dance.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dance>, <mailto:dance-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dance/>
List-Post: <mailto:dance@ietf.org>
List-Help: <mailto:dance-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dance>, <mailto:dance-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 May 2022 13:53:42 -0000
Geoff Huston <gih902@gmail.com> wrote: > With no ability for revocation to take effect immediately (as there is > no revocation per se) then surely it is in the client’s interest to > have the server credentials to be checked frequently to ensure that > compromised credentials are quickly timed out. That would suggest to me > there is a tradeoff between cache lifetimes and the potential > cache-bound afterlife of compromised credentials that have been erased > from the server. I would claim that there is no *security* benefit to setting the TTL bigger or smaller on the EE TLSA records. The interesting TTLs and timeouts are on the DNSSIG, NS, DS DNSKEY records that lead to the end record. I think that an interesting aspect of this is that we can vary the TTLs up and down over the lifespan of a zone. For a typical MP2P (device to cloud) IoT deployment, the question of how often the A/AAAA record of the service is updated is the upper limit. If you change IP addresses (for load balancing, make-then-break upgrades, ...) of the server then devices have to re-connect, and the server can easily make a new determination about the client certificates. It can even have a deny-list (essentially, a CRL...) Also, servers tend not to receive connections from clients who have no Internet. (As huge swaths of Ottawa have been since a record setting storm last Saturday afternoon) For the deployments of P2P IoT, which this works aims to support, we want TTLs to be as high as possible so that a local cache will have the records we want. Ideally, the local cache survives the storm on batteries :-) DNS servers do not, (AFAIK) go out to refresh records before they expire. It's always demand driven: not just the TLSA lookup, but all the NS and DNSSEC tracking that goes to validate the record. Of course, that's local behaviour, which could be changed. A recursive server could be taught to go seek fresh DNSSIG RRs at the half-way point before they expire. Are there operational reasons why a DNSSIG record might have a TTL that was bigger than the duration of validity? I would think typically it would be less, often much less. Like 1 day TTLs vs 30 day signatures. Of course, TTLs are relative and DNS signatures are absolute times. I have often thought of DNS updates as rippling through the Internet according to some "lightcone" diagram where c is determined by TTL. Then TLS or IKEv2 connections look like wormholes that pierce space and connect two histories together. This is what I was thinking about when RFC4025 and RFC4322 were being written, and the great Type Code Rollover was occuring. But, I recall my explanation was poorly communicated by me at the time. -- Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
- [Dance] CRLs/OCSP and DANE at RIPE84 Michael Richardson
- Re: [Dance] CRLs/OCSP and DANE at RIPE84 Shumon Huque
- Re: [Dance] CRLs/OCSP and DANE at RIPE84 Michael Richardson
- Re: [Dance] CRLs/OCSP and DANE at RIPE84 Geoff Huston
- Re: [Dance] CRLs/OCSP and DANE at RIPE84 Geoff Huston
- Re: [Dance] CRLs/OCSP and DANE at RIPE84 Shumon Huque
- Re: [Dance] CRLs/OCSP and DANE at RIPE84 Jim Fenton
- Re: [Dance] CRLs/OCSP and DANE at RIPE84 Shumon Huque
- Re: [Dance] CRLs/OCSP and DANE at RIPE84 Michael Richardson
- Re: [Dance] CRLs/OCSP and DANE at RIPE84 Wes Hardaker
- Re: [Dance] CRLs/OCSP and DANE at RIPE84 Jim Fenton
- Re: [Dance] CRLs/OCSP and DANE at RIPE84 Geoff Huston
- Re: [Dance] CRLs/OCSP and DANE at RIPE84 Olle E. Johansson
- Re: [Dance] CRLs/OCSP and DANE at RIPE84 Michael Richardson
- Re: [Dance] CRLs/OCSP and DANE at RIPE84 Michael Richardson