Re: Call for Adoption: Secondary Certificate Authentication in HTTP/2
Martin Thomson <martin.thomson@gmail.com> Sun, 24 July 2016 11:01 UTC
Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8652712D739 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 24 Jul 2016 04:01:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.408
X-Spam-Level:
X-Spam-Status: No, score=-6.408 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.287, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BZobZN5QDR4Q for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Sun, 24 Jul 2016 04:01:15 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AB8FD12B05D for <httpbisa-archive-bis2Juki@lists.ietf.org>; Sun, 24 Jul 2016 04:01:15 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1bRH5k-00022K-U4 for ietf-http-wg-dist@listhub.w3.org; Sun, 24 Jul 2016 10:57:04 +0000
Resent-Date: Sun, 24 Jul 2016 10:57:04 +0000
Resent-Message-Id: <E1bRH5k-00022K-U4@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <martin.thomson@gmail.com>) id 1bRH5g-00021Z-IJ for ietf-http-wg@listhub.w3.org; Sun, 24 Jul 2016 10:57:00 +0000
Received: from mail-qt0-f180.google.com ([209.85.216.180]) by maggie.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <martin.thomson@gmail.com>) id 1bRH5e-0004yw-S4 for ietf-http-wg@w3.org; Sun, 24 Jul 2016 10:57:00 +0000
Received: by mail-qt0-f180.google.com with SMTP id 52so83670187qtq.3 for <ietf-http-wg@w3.org>; Sun, 24 Jul 2016 03:56:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=jFEXcSrK3RSi+60qc6LUS8Q6R6DxaUSzQSqViaENHjY=; b=Q2uz5RYZoPph3PpGN0TfKCM1rh42xkT0U3oob3f6YI8HNFtXnlaznikSAM4wfPhqhN AAiDJZKZSe9Dth9dye1LrGREItDoDCD+FPIMsTaz8IIR8guVGHW1KkmcWpS08fgOx6VD 0ed+qpmWcQlKF8EByOW4pQU4D0WoINMiYCzJRlj/irquku0TFTTWhvKyce0uhsmkspSb ZfFRk/7VJsJQb5jEKnxUdk0nEV0qC7D0VF87a/6K+0Kkhx0T434Uze01en9t2wBqSJIc wknEG1OxxsUM8xrrRrKUaGtOMSInFCfvU66F/rpdnPBobSRBwHqLnF6Y1xt7UtMZDDj4 JGPw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=jFEXcSrK3RSi+60qc6LUS8Q6R6DxaUSzQSqViaENHjY=; b=bqa2NZvzPwiVGU3L8g6o5Me4QFXWlI/mLYX2IHtYwWn8tJgNakCPGmCziKJitLR4H5 LL6HMNDsRgiggAD/jcxUogiFa/7NC1DosAJQk8VbPVwUD13fZKNV6tSfKgoqlL67gI36 +RA0InmXl+ijcpbAXRByX2kOzzpUL0+HuUB2DN7FaaVTNJCurI0XAauCXQtZFhU/cT52 WKxcjr1jQDgGCezvdw92omWfg1IEmTf7F2leyWPchvCwkC41F7BJNB+Yidkk/4R5wxes sKNh6yUialEqTCd6KJEgSi+s8jZwYsOIN6VHYiVjpotP2XdBmb2RRQ6qchUWRcr+fr3z wSJQ==
X-Gm-Message-State: AEkoousf8JiO304W75SS3qezQE0U+UITm/sYAF7xYTD+UJaJfSVCKcQ68FwqeV4pekQ+Au0AulcLT6QcQXF8Hg==
X-Received: by 10.200.43.174 with SMTP id m43mr20834875qtm.74.1469357792668; Sun, 24 Jul 2016 03:56:32 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.22.146 with HTTP; Sun, 24 Jul 2016 03:56:31 -0700 (PDT)
In-Reply-To: <20160724103435.GA576@LK-Perkele-V2.elisa-laajakaista.fi>
References: <F9D2CFF3-57C2-41BD-ACB1-FA6C991458D7@mnot.net> <CABcZeBPTYgcfecKErhacR=jfXkoRPESgUQ=1pzPEWg092fqZvw@mail.gmail.com> <20160724103435.GA576@LK-Perkele-V2.elisa-laajakaista.fi>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Sun, 24 Jul 2016 12:56:31 +0200
Message-ID: <CABkgnnX_0YC5-=EbZfU0XGtXeGvE7GH+5K75PW+FMsRsEOj23Q@mail.gmail.com>
To: Ilari Liusvaara <ilariliusvaara@welho.com>
Cc: Eric Rescorla <ekr@rtfm.com>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=209.85.216.180; envelope-from=martin.thomson@gmail.com; helo=mail-qt0-f180.google.com
X-W3C-Hub-Spam-Status: No, score=-7.9
X-W3C-Hub-Spam-Report: AWL=1.832, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_IRR=-3, W3C_WL=-1
X-W3C-Scan-Sig: maggie.w3.org 1bRH5e-0004yw-S4 7f426784b1c52ef765e319473c11ead1
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Call for Adoption: Secondary Certificate Authentication in HTTP/2
Archived-At: <http://www.w3.org/mid/CABkgnnX_0YC5-=EbZfU0XGtXeGvE7GH+5K75PW+FMsRsEOj23Q@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/32043
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
On 24 July 2016 at 12:34, Ilari Liusvaara <ilariliusvaara@welho.com> wrote: > I think one needs to also sign and MAC over any implicit parameters > that are shared over multiple authentications. E.g. Supported end- > certificate signature algorithms. My understanding of SIGMA is that the MAC needs to cover the identity and other properties, but the signature only has to cover the key shares (or shared key). Thankfully we don't need to worry about that distinction because of the way that TLS 1.3 and EMS cause everything to depend on everything else: keys depend on identity and negotiation parameters as much as the MAC does. Either way, I am increasingly of the opinion that we should ask for this facility from the TLS working group. There are subtleties to this that are easy to get wrong and good analysis is crucial.
- Re: Call for Adoption: Secondary Certificate Auth… Martin Thomson
- Re: Call for Adoption: Secondary Certificate Auth… Eric Rescorla
- RE: Call for Adoption: Secondary Certificate Auth… Mike Bishop
- Re: Call for Adoption: Secondary Certificate Auth… Eric Rescorla
- Re: Call for Adoption: Secondary Certificate Auth… Martin Thomson
- Re: Call for Adoption: Secondary Certificate Auth… Ilari Liusvaara
- Re: Call for Adoption: Secondary Certificate Auth… Martin Thomson
- Re: Call for Adoption: Secondary Certificate Auth… Nick Sullivan
- RE: Call for Adoption: Secondary Certificate Auth… Mike Bishop
- Re: Call for Adoption: Secondary Certificate Auth… Cory Benfield
- Re: Call for Adoption: Secondary Certificate Auth… Ilari Liusvaara
- Call for Adoption: Secondary Certificate Authenti… Mark Nottingham
- Re: Call for Adoption: Secondary Certificate Auth… Ilari Liusvaara
- Re: Call for Adoption: Secondary Certificate Auth… Martin Thomson
- Re: Call for Adoption: Secondary Certificate Auth… Ilari Liusvaara
- Re: Call for Adoption: Secondary Certificate Auth… Amos Jeffries
- RE: Call for Adoption: Secondary Certificate Auth… Mike Bishop
- Re: Call for Adoption: Secondary Certificate Auth… Patrick McManus
- Re: Call for Adoption: Secondary Certificate Auth… Kazuho Oku
- Re: Call for Adoption: Secondary Certificate Auth… Nick Sullivan