IETF Logo Mail Archive

[Emu] Commitment Message handling in EAP-TLS 1.3

Mohit Sethi M <mohit.m.sethi@ericsson.com> Fri, 31 July 2020 14:08 UTC

Return-Path: <mohit.m.sethi@ericsson.com>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CDEDA3A0DEF for <emu@ietfa.amsl.com>; Fri, 31 Jul 2020 07:08:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AtmW2f_MZfes for <emu@ietfa.amsl.com>; Fri, 31 Jul 2020 07:08:51 -0700 (PDT)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2075.outbound.protection.outlook.com [40.107.22.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B6DEF3A0DD7 for <emu@ietf.org>; Fri, 31 Jul 2020 07:08:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fQEBtGging640KD1pDZb8fZg0LbOKSnpGTPSKxXsY8QoD2wvxOVMAhkDIgkbDVH14r4diskZJOEfCULuEbrSJoO9BWSpuQGsKL6etjqmc9EdxQXEvwWBiICxh388L20NkwQuCRMQT/SeZ3hzhLhJJEpEoYxakUW9AtoXwvKOZ36zhDAJzF9y3u88AUNEXHivtb8va6nGLA9inWUucDtTqADf5eLybKSLX/eUPs7kDg9IhhEIfnvwVxZc/oiRlHw957tUIBvOToReIJNEQ66Zftu18OZB9uIhbTaklHnkR+cvGaBRYvl2dxBCqeQf4jIVHdvUPp3FPP08TLVlj2U33w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FeKhi0hYTysILv0pIRpCSEU1Vq37DfQXbuFs2bVNHR0=; b=VItWlh6wZezVrQUVDr6EoIBO4ofaz4boFn+b9ZoShDOx06EhmHR1XXVwr/ZwuU+l+kh9h8mlNIqqjLYRCt/0t0m9RxUR8kH7vgWEEbcAG70OErykg6oz6IhusxyUhowJ1tTrp68/RGaPHtlntyF+Z5tow9VF3uu/q8PQVQx1Lp/X5S5Bf0UXnMm/m/uyY3SSCYoPgRH22jEDiZspPRG3Y5XEQpGHso0H/WoAL5ogxY3/zslM+8og6igNXY/Sq4HBMLdc91w52RmaDBfELDh8z/QhMg84ToTngxbZReXxThH/OZ6Em+CyYmZuuaeM+0dwLwMGzK5+GkdWfhhXgyBYNw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=FeKhi0hYTysILv0pIRpCSEU1Vq37DfQXbuFs2bVNHR0=; b=sc23NYLZt5D9vuSld6g1rQCLlRt/lhKclLn7vV3WbH3vxWCvWH8K+F7wUmR/qNICvHFYDMd7H/XW6O6i4IoZFAcWc5jpruFPKyOmPQFg+uHuM8JT3m4i/M+ayqnrAO9Ala9s9BNA+rPkd0eK8nrJCMmC2TbEb1Dr0g6EyTOjQ+E=
Received: from HE1PR07MB3386.eurprd07.prod.outlook.com (2603:10a6:7:2d::25) by HE1PR07MB3388.eurprd07.prod.outlook.com (2603:10a6:7:30::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3239.11; Fri, 31 Jul 2020 14:08:44 +0000
Received: from HE1PR07MB3386.eurprd07.prod.outlook.com ([fe80::e01c:9809:43db:67d3]) by HE1PR07MB3386.eurprd07.prod.outlook.com ([fe80::e01c:9809:43db:67d3%6]) with mapi id 15.20.3239.020; Fri, 31 Jul 2020 14:08:44 +0000
From: Mohit Sethi M <mohit.m.sethi@ericsson.com>
To: "emu@ietf.org" <emu@ietf.org>
CC: Benjamin Kaduk <kaduk@mit.edu>, Jim Schaad <ietf@augustcellars.com>, Eric Rescorla <ekr@rtfm.com>
Thread-Topic: Commitment Message handling in EAP-TLS 1.3
Thread-Index: AQHWZ0QZLBwuPJQ+v0OkdIGZnEzxbg==
Date: Fri, 31 Jul 2020 14:08:44 +0000
Message-ID: <b6cc83b9-2319-d9bb-2002-a00bdd31dfb4@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=ericsson.com;
x-originating-ip: [2001:14bb:150:b8c:83de:5051:e943:c8b1]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: d0a25646-e257-4bc8-525d-08d8355b3c93
x-ms-traffictypediagnostic: HE1PR07MB3388:
x-microsoft-antispam-prvs: <HE1PR07MB3388E8B74DD6E79E0D455A97D04E0@HE1PR07MB3388.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: BUZBftupU86igHWAsA0daI6CiUav5W8kVYIagCgf0ZXRO4TD9S5XO4iEGw/MWTCTnMx/bU6D5k+icAeKnjhb6iWAmXhYC2yRXZf8bKTHNq9ebu0xVi1SznBBt4ToWlpfTgy003cCYRpolHRNdm43EQVroyVu69JBee8VkR+2mPgyVCJr3f+hgJVt04dhM/ZErkKWkOAEX46Urxcy4XiJvWzKqKzoi84oUOXqU10fZU8YYgpYG56B2YWnAFdW9+VVrH9VcBO44XSINLlcSfBQrGR/e1naxY0b5Z9YzyvYEKEEz/AOEzPI0IX9yQgzxbNjm2oP4U+iqWdl8lcNVyYKdaXLWev7hxZzan/mjxoe14c9hkAjumfC0UZupe8BieD3FFaEMR6vUVfwLchuCQz5y+hc2WJVirj7HD0Hfp5a6r0V1z/rb7+oIUPgDXBPhrcxHzp17448NmkcKtoMY6NwiQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR07MB3386.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(346002)(376002)(39860400002)(396003)(136003)(366004)(36756003)(71200400001)(478600001)(2906002)(6512007)(15650500001)(54906003)(83380400001)(316002)(8936002)(166002)(8676002)(186003)(86362001)(2616005)(6916009)(31686004)(5660300002)(6506007)(31696002)(66946007)(4326008)(66446008)(64756008)(66556008)(66476007)(6486002)(76116006)(43740500002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: ghjbsa3BSoHyO8Up+/kA1o1mwIS4PRXucMsCXSkSJTfBztaVrLIwBSOzY5ZrtmUWPFrvMQoqDPPCRBzk+M0kmD7/nUGspj6IE3WKGzn/ElVBapWNqUJkEpQoRb2h2byxT+YdfTnNz5CuMcTwwbxoBnzNFjOQsw2dBbvAK3Ws5OnCQpDpEIYbdnoEpYg3eXUlWrQlSK0+BvxqUPIdQgCNk6h1S9Ignz3Xkt93Q+3WQ9SMGrGAIr9Npl1gWM+q8NjQ27RwkElLsQQyvhfhP/mmrDf+TWy/9BtJHNh0bxABFT2cIlDTD7N8xqmdmHPMoPirB9a4lq9iCM8rsMG//bGsAmV/zGJ0hF6HYJ+vvNHVH8PdQCy+9PWVEkBfPHG8BNDr0wrGc6J14Y/rwlxKC7BJ3A+igQDDKpTQ8KHmUfCeUBs0vjj0e/muPgcGwbFwCDcBRTMzGb1T4B9xGnDbEolToEi7EK/Q0q0wSrGVjc/7iMGy4iSksjt8cL+VrO0FXpkBeHeoWPh7bNMwEOJ8MJUo6JQyhytPrww66UIu+uxvz4yqMafXKJlPBJfrmq3UZaH4EPfreJAKS77wGvhj+57j/gXX7r2pD01tG0UyMINTGrNaIfzTjraHYxd7s3sOrIq2rlLs1293AlF2c7rjl4ubwtOz7f5XlCi/aSu57zwi3Je5Vh8k0Wd9/97VjNyNA4VsA0uAGLI9QtgsWk05PWbh5w==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_b6cc83b92319d9bb2002a00bdd31dfb4ericssoncom_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR07MB3386.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d0a25646-e257-4bc8-525d-08d8355b3c93
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Jul 2020 14:08:44.6589 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: PZW1Tz2tR5KWlGUQiQP4tboWky9U62HUZ/UHdl2FpXUCacL9kiPCuPO8Gi3Wo7vimcOxNTcdgzkvgJAdgtcNVQ0ClVY7QCYUV3E97Ut6ezE=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB3388
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/KuGS8sMGmtwUq5JLiM4OvPRPTCo>
Subject: [Emu] Commitment Message handling in EAP-TLS 1.3
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Jul 2020 14:08:53 -0000

Dear all,

Thanks all for the discussion on the commitment message.

draft-ietf-emu-eap-tls13-10 (https://tools.ietf.org/html/draft-ietf-emu-eap-tls13-10) in figure 2 shows the ticket establishment and commitment message:

    EAP Peer                                              EAP Server

                                                         EAP-Request/
                                 <--------                  Identity
    EAP-Response/
    Identity (Privacy-Friendly)  -------->
                                                         EAP-Request/
                                                    EAP-Type=EAP-TLS
                                 <--------                (TLS Start)
    EAP-Response/
    EAP-Type=EAP-TLS
   (TLS ClientHello)             -------->
                                                         EAP-Request/
                                                    EAP-Type=EAP-TLS
                                                    (TLS ServerHello,
                                             TLS EncryptedExtensions,
                                              TLS CertificateRequest,
                                                     TLS Certificate,
                                               TLS CertificateVerify,
                                 <--------              TLS Finished)
    EAP-Response/
    EAP-Type=EAP-TLS
   (TLS Certificate,
    TLS CertificateVerify,
    TLS Finished)                -------->
                                                         EAP-Request/
                                                    EAP-Type=EAP-TLS
                                               (TLS NewSessionTicket,
                                 <--------        Commitment Message)
    EAP-Response/
    EAP-Type=EAP-TLS             -------->
                                 <--------               EAP-Success


and the relevant text on commitment message:

When an EAP server has sent its last handshake message (Finished or a
   Post-Handshake), it commits to not sending any more handshake
   messages by sending a Commitment Message.  The Commitment Message is
   a TLS record with application data 0x00 (i.e. a TLS record with
   TLSPlaintext.type = application_data, TLSPlaintext.length = 1, and
   TLSPlaintext.fragment = 0x00).  Note that the length of the plaintext
   is greater than the corresponding TLSPlaintext.length due to the
   inclusion of TLSInnerPlaintext.type and any padding supplied by the
   sender.  EAP server implementations MUST set TLSPlaintext.fragment to
   0x00, but EAP peer implementations MUST accept any application data
   as a Commitment Message from the EAP server to not send any more
   handshake messages.  The Commitment Message may be sent in the same
   EAP-Request as the last handshake record or in a separate EAP-
   Request.  Sending the Commitment Message in a separate EAP-Request
   adds an additional round-trip, but may be necessary in TLS
   implementations that only implement a subset of TLS 1.3.

I couldn't parse the comments about the "KeyUpdate" message. Perhaps having the discussion over email will help me understand the issue.

--Mohit

v2.23.0 | Report a Bug | By Email