Re: [Emu] WGLC completed for for draft-ietf-emu-eap-tls13-05
Jouni Malinen <j@w1.fi> Fri, 12 July 2019 21:08 UTC
Return-Path: <j@w1.fi>
X-Original-To: emu@ietfa.amsl.com
Delivered-To: emu@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 069C512030D for <emu@ietfa.amsl.com>; Fri, 12 Jul 2019 14:08:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KlFG1Jd64sDG for <emu@ietfa.amsl.com>; Fri, 12 Jul 2019 14:08:27 -0700 (PDT)
Received: from li674-96.members.linode.com (mail.w1.fi [212.71.239.96]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB2BB1202E0 for <emu@ietf.org>; Fri, 12 Jul 2019 14:08:26 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by li674-96.members.linode.com (Postfix) with ESMTP id 6702911B4E; Fri, 12 Jul 2019 21:08:23 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at w1.fi
Received: from li674-96.members.linode.com ([127.0.0.1]) by localhost (mail.w1.fi [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H5KecovlH1Rv; Fri, 12 Jul 2019 21:08:21 +0000 (UTC)
Received: by jm (sSMTP sendmail emulation); Sat, 13 Jul 2019 00:08:19 +0300
Date: Sat, 13 Jul 2019 00:08:19 +0300
From: Jouni Malinen <j@w1.fi>
To: Joseph Salowey <joe@salowey.net>
Cc: emu@ietf.org
Message-ID: <20190712210819.GA26853@w1.fi>
References: <CAOgPGoCB7VOzjo+ckDhNiApa6ozCDr3zfj6pMVG3ZRfV4RP6mQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAOgPGoCB7VOzjo+ckDhNiApa6ozCDr3zfj6pMVG3ZRfV4RP6mQ@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/emu/WA8OREhTsF8JEPvaixGoCwmd1qY>
Subject: Re: [Emu] WGLC completed for for draft-ietf-emu-eap-tls13-05
X-BeenThere: emu@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "EAP Methods Update \(EMU\)" <emu.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/emu>, <mailto:emu-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/emu/>
List-Post: <mailto:emu@ietf.org>
List-Help: <mailto:emu-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/emu>, <mailto:emu-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Jul 2019 21:08:31 -0000
On Wed, Jun 26, 2019 at 09:16:19PM -0700, Joseph Salowey wrote: > The Working Group last call has completed with no comments for > draft-ietf-emu-eap-tls13-05. I would like to confirm that some working > group members have reviewed the draft. If you have reviewed the draft > please respond to this thread. While the current design may work in theory, the use of an "empty TLS record" looks problematic from implementation and deployment view point. That terms itself is quite a bit confusing term since this is not really talking about an empty TLS record in the EAP-TLS message, but about a zero length TLSPlaintext structure that gets encrypted into a _non_-zero length TLSCiphertext structure that gets encoded in the TLS record that goes over EAP-TLS (and that is not empty since all ciphers add something to the payload length in practice). The main problem here is that at least OpenSSL is not willing to send such an empty TLSPlaintext structure. SSL_write() has following to say about this: https://www.openssl.org/docs/man1.1.1/man3/SSL_write.html "You should not call SSL_write() with num=0, it will return an error. SSL_write_ex() can be called with num=0, but will not send application data to the peer." In other words, there does not seem to be any convenient way of implementing this with the current version of one of the most commonly used TLS libraries. I can make this work by sending out a one-octet (0x00) TLSPlaintext as a workaround, but it does not look like I could make the implementation comply with the draft without changing the TLS library which is close to a complete showstopper for quick deployment. It would seem to make sense to me to allow the EAP-TLS 1.3 server to send out either an empty plaintext or a one octet plaintext to avoid this issue in a straightforward manner. This is referring to the following areas in the draft (-05): 2.1.1. In the case where EAP-TLS with mutual authentication is successful, the conversation will appear as shown in Figure 1. The EAP server commits to not send any more handshake messages by sending an empty TLS record, see Section 2.5. (that confusing use of "empty TLS record" and "TLS empty record" in the message exchange figures) 2.5. When an EAP server has sent its last handshake message (Finished or a Post-Handshake), it commits to not sending any more handshake messages by appending an empty application data record (i.e. a TLS record with TLSPlaintext.type = application_data and TLSPlaintext.length = 0) to the last handshake record. After sending an empty application data record, the EAP server may only send an EAP-Success, an EAP-Failure, or an EAP-Request with a TLS Alert Message. (this is where that TLSPlaintext.length = 0 should also allow 1 to make this easier to implement and deploy) -- Jouni Malinen PGP id EFC895FA
- [Emu] WGLC completed for for draft-ietf-emu-eap-t… Joseph Salowey
- Re: [Emu] WGLC completed for for draft-ietf-emu-e… Mohit Sethi M
- Re: [Emu] WGLC completed for for draft-ietf-emu-e… Jouni Malinen
- Re: [Emu] WGLC completed for for draft-ietf-emu-e… Alan DeKok
- Re: [Emu] WGLC completed for for draft-ietf-emu-e… Jouni Malinen
- Re: [Emu] WGLC completed for for draft-ietf-emu-e… Alan DeKok
- Re: [Emu] WGLC completed for for draft-ietf-emu-e… John Mattsson
- Re: [Emu] WGLC completed for for draft-ietf-emu-e… John Mattsson
- Re: [Emu] WGLC completed for for draft-ietf-emu-e… Jouni Malinen
- Re: [Emu] WGLC completed for for draft-ietf-emu-e… Jim Schaad
- Re: [Emu] WGLC completed for for draft-ietf-emu-e… Alan DeKok
- Re: [Emu] WGLC completed for for draft-ietf-emu-e… John Mattsson