Re: [dane] DANE-SRV, SNI functional equivalent and XMPP
Peter Saint-Andre - &yet <peter@andyet.net> Tue, 19 May 2015 15:08 UTC
Return-Path: <peter@andyet.net>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D9CC61A8AF3 for <dane@ietfa.amsl.com>; Tue, 19 May 2015 08:08:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wC2esrCFxiCD for <dane@ietfa.amsl.com>; Tue, 19 May 2015 08:08:11 -0700 (PDT)
Received: from mail-pd0-f170.google.com (mail-pd0-f170.google.com [209.85.192.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 317141A9085 for <dane@ietf.org>; Tue, 19 May 2015 08:07:27 -0700 (PDT)
Received: by pdea3 with SMTP id a3so29097625pde.2 for <dane@ietf.org>; Tue, 19 May 2015 08:07:27 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type :content-transfer-encoding; bh=uOpMNAdkPvv6Ek3XbDr4A9QRQVW3QpJhwh3dU3GNLTA=; b=lH/tLeIwFuOxVTrPuiWwRGRcUaUXb/SZ9nGks6MjxzjaqnBteT5qb77GK/ZHJqNr2g eoYjOajUojfzWDjsuVAzomTTdqDs44ECXencyL5Jx0e/VQT92P3xwSxpcURw1dvby+8R TxRNypzq1uDjbhdP6rIcwrpU5BJWXWNux8pwN9PMg3zNBnnkZazDDp1w7U0ECQzm24l/ AswCaZbE2FTAA9iJcvChKwYsAkpozbO7Me+RAyoCRr34aPLKPTAYHSwx4jUBG/7Q4B0S 3NTi56GA8D44M1h/nR0ABTP9YKGzfNIXDCThivXVpuM/4WY0QRDZOLbTDasr2Y7n8USi dmPw==
X-Gm-Message-State: ALoCoQmwY1Qn/YMA/55kr5b5uCfgRAngS3Yuuf/1X31aIoaZmPwVX66Q2ZfYKqQGfZcPGURXs+vT
X-Received: by 10.70.53.99 with SMTP id a3mr54987125pdp.169.1432048047329; Tue, 19 May 2015 08:07:27 -0700 (PDT)
Received: from aither.local ([12.249.93.110]) by mx.google.com with ESMTPSA id ux4sm13361998pbc.61.2015.05.19.08.07.25 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 19 May 2015 08:07:25 -0700 (PDT)
Message-ID: <555B51AB.9070303@andyet.net>
Date: Tue, 19 May 2015 08:07:23 -0700
From: Peter Saint-Andre - &yet <peter@andyet.net>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: Kim Alvefur <zash@zash.se>, dane@ietf.org
References: <5558C801.7030304@zash.se> <555A61CA.2020108@andyet.net> <555B224D.20709@zash.se> <555B4CB3.3020203@andyet.net>
In-Reply-To: <555B4CB3.3020203@andyet.net>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/dane/aqNJ0-CL4OYfqgBsI-ec4dbwfXI>
Cc: georg@op-co.de
Subject: Re: [dane] DANE-SRV, SNI functional equivalent and XMPP
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 19 May 2015 15:08:16 -0000
On 5/19/15 7:46 AM, Peter Saint-Andre - &yet wrote: > On 5/19/15 4:45 AM, Kim Alvefur wrote: >> On 2015-05-19 00:03, Peter Saint-Andre - &yet wrote: >>> On 5/17/15 9:55 AM, Kim Alvefur wrote: >>>> Hello list! >>> >>> Hi Zash! >>> >>>> Georg Lukas noted that section 4.1 says, in the context of XMPP, to use >>>> to='xmpp23.hosting.example.net' in the stream header, as that is the >>>> "functional equivalent" of SNI in XMPP. However, that conflicts with >>>> the current semantics of 'to' being the service domain name to the >>>> server host name. That will break many, if not all, deployed servers. >>>> The server should know what certificate to use for the indicated domain >>>> name. >>>> >>>> http://tools.ietf.org/html/draft-ietf-dane-srv-14#section-4.1 >>> >>> Hmm. >>> >>> First, all draft-ietf-dane-srv says is that you don't need to use SNI in >>> XMPP because we already have a way for the TLS client to specify which >>> domain name it expects of the TLS server, i.e., the 'to' address of the >>> initial stream header. >> >> What I tried to say was that this sentence in the draft is confusing >> and/or wrong in the context of XMPP: >> >> SRV is secure: [...] The target server host name is the preferred name >> for TLS SNI or its equivalent. > > Ah, I see. > > I think this might be a more generic issue. For context from §4.1, > here's the complete text: > > SRV is insecure: The reference identifiers SHALL include the service > domain and MUST NOT include the SRV target server host name (e.g., > include "im.example.com" but not "xmpp23.hosting.example.net"). > The service domain is the preferred name for TLS SNI or its > equivalent. > > SRV is secure: The reference identifiers SHALL include both the > service domain and the SRV target server host name (e.g., include > both "im.example.com" and "xmpp23.hosting.example.net"). The > target server host name is the preferred name for TLS SNI or its > equivalent. > > I think we can all agree that when SRV is insecure, the client doesn't > have a strong binding or "association" (using language from > draft-ietf-xmpp-dna) of the service domain to the target server host > name, so it needs to use the service domain as the reference identifier. > > When SRV is secure, the client does have that kind of strong binding or > association, so it is OK for the client to seek a match against both the > target server host name and the service domain when checking the > identifiers in the certificate. > > Currently, this document states that when SRV is secure, it is preferred > for the client to indicate to the server that its reference identifier > is the target server host name. (We're assuming that the purpose of the > SNI or equivalent is to indicate the client's preferred reference > identifier.) If that's wrong for XMPP (and I'm not yet convinced that it > is), is it potentially wrong for other application protocols, or even > for all application protocols in general? > > Given that the client can indicate only one reference identifier via SNI > or equivalent, yet we're saying that the client actually has two > reference identifiers in this case, I wonder whether the best general > advice is for to *indicate* the service domain but *accept* both the > service domain and the target server host name. > > I'll check with my co-author on that to see what he thinks, but feedback > from others on the list would be appreciated. OK, Matt Miller and I chatted about this over a secure IM protocol. We're both thinking that it's best to always *indicate* the service domain in the SNI or equivalent but *accept* both the service domain and the target server host name during identity checking. Always indicating the service domain minimizes code complexity and reduces the possibility of something going horribly wrong if the client (or underlying DNS library) thinks that SRV is secure when it really isn't. I suggest the following text change: OLD SRV is secure: The reference identifiers SHALL include both the service domain and the SRV target server host name (e.g., include both "im.example.com" and "xmpp23.hosting.example.net"). The target server host name is the preferred name for TLS SNI or its equivalent. NEW SRV is secure: The reference identifiers SHALL include both the service domain and the SRV target server host name (e.g., include both "im.example.com" and "xmpp23.hosting.example.net"). The service domain is still the preferred name for TLS SNI or its equivalent (this reduces code complexity and the possibility of interoperability problems). Given that this document has already been approved for publication, we will need to check this change with Stephen Farrell, the responsible Area Director. Peter -- Peter Saint-Andre https://andyet.com/
- [dane] DANE-SRV, SNI functional equivalent and XM… Kim Alvefur
- Re: [dane] DANE-SRV, SNI functional equivalent an… Peter Saint-Andre - &yet
- Re: [dane] DANE-SRV, SNI functional equivalent an… Kim Alvefur
- Re: [dane] DANE-SRV, SNI functional equivalent an… Peter Saint-Andre - &yet
- Re: [dane] DANE-SRV, SNI functional equivalent an… Peter Saint-Andre - &yet
- Re: [dane] DANE-SRV, SNI functional equivalent an… Viktor Dukhovni
- Re: [dane] DANE-SRV, SNI functional equivalent an… Peter Saint-Andre - &yet
- Re: [dane] DANE-SRV, SNI functional equivalent an… Viktor Dukhovni
- Re: [dane] DANE-SRV, SNI functional equivalent an… Peter Saint-Andre - &yet
- Re: [dane] DANE-SRV, SNI functional equivalent an… Viktor Dukhovni