IETF Logo Mail Archive

Re: FYI: proposal for client authentication in TLS

Yoav Nir <ynir.ietf@gmail.com> Tue, 11 March 2014 07:53 UTC

Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55D571A024B for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 11 Mar 2014 00:53:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.548
X-Spam-Level:
X-Spam-Status: No, score=-7.548 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.547, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pPG3lnQjlBkU for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Tue, 11 Mar 2014 00:53:30 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id AE4541A0139 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Tue, 11 Mar 2014 00:53:30 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1WNHUO-00013P-Sd for ietf-http-wg-dist@listhub.w3.org; Tue, 11 Mar 2014 07:52:40 +0000
Resent-Date: Tue, 11 Mar 2014 07:52:40 +0000
Resent-Message-Id: <E1WNHUO-00013P-Sd@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <ynir.ietf@gmail.com>) id 1WNHUD-00012R-66 for ietf-http-wg@listhub.w3.org; Tue, 11 Mar 2014 07:52:29 +0000
Received: from mail-wi0-f177.google.com ([209.85.212.177]) by maggie.w3.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.72) (envelope-from <ynir.ietf@gmail.com>) id 1WNHUB-00069i-S5 for ietf-http-wg@w3.org; Tue, 11 Mar 2014 07:52:29 +0000
Received: by mail-wi0-f177.google.com with SMTP id cc10so450998wib.10 for <ietf-http-wg@w3.org>; Tue, 11 Mar 2014 00:52:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=2IsKf6R7A0Pb/gqNasSCHLi+JdTo7PeZ4Kw6gi4/Mwg=; b=FgDHO+tTJn2N06Pn2KT8HzyWs4PNVBHJ0SNSwWcyFmikRmegMV8VmxjP+23j68agum vhWH/vpOUni6ZriQIIVuR43ph+rqcpWspM6HRKdCWEsYmE7aIG0ilTtG/6rlZT3UoglV +20tYLti5WFwOUv8Lu+asW5JklK2buC2OHwW/eD9oCTQEBnTJzj1jD1WITSiNZ0H5r7D VrSbrM9+65+QLEkqjmgF8+JPAHaZqHORep0uUit1bByvBpP9K/HDRwWgCIKO+A1jVDW1 +k5GS2P08KMSg/UDt1yG2ovf2tCU+Ux57+nUpId9+EVswTcSPFL3l0KlF9IZ3mvh7CQx 0NYA==
MIME-Version: 1.0
X-Received: by 10.194.63.103 with SMTP id f7mr12747397wjs.38.1394524321388; Tue, 11 Mar 2014 00:52:01 -0700 (PDT)
Received: by 10.194.89.1 with HTTP; Tue, 11 Mar 2014 00:52:01 -0700 (PDT)
In-Reply-To: <531EB6CA.60007@gmx.de>
References: <CABkgnnU1RMHN8sGsRc_KSw3+EutZnrrb-N=WpzP5wuqQ-ECe7Q@mail.gmail.com> <CABkgnnWDu301rXkX2u-AhptkSEr9AJb3LGJ3wfvVbhD0Oy4H6g@mail.gmail.com> <CAGvU-a57wsvyDf980psq7x5774YeRAM09OZM8_YwAdska=RABg@mail.gmail.com> <531EB6CA.60007@gmx.de>
Date: Tue, 11 Mar 2014 09:52:01 +0200
Message-ID: <CAGvU-a4-Gh7JUs1xKztDJ2-=z5K2Y77aoHLNNRnmnCq1fqxQWA@mail.gmail.com>
From: Yoav Nir <ynir.ietf@gmail.com>
To: Julian Reschke <julian.reschke@gmx.de>
Cc: Martin Thomson <martin.thomson@gmail.com>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="047d7ba97cdece9ebc04f44ffe31"
Received-SPF: pass client-ip=209.85.212.177; envelope-from=ynir.ietf@gmail.com; helo=mail-wi0-f177.google.com
X-W3C-Hub-Spam-Status: No, score=-2.7
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1WNHUB-00069i-S5 8aa28b9b169fca9db3fce6fd50c8178b
X-Original-To: ietf-http-wg@w3.org
Subject: Re: FYI: proposal for client authentication in TLS
Archived-At: <http://www.w3.org/mid/CAGvU-a4-Gh7JUs1xKztDJ2-=z5K2Y77aoHLNNRnmnCq1fqxQWA@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/22617
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

On Tue, Mar 11, 2014 at 9:10 AM, Julian Reschke <julian.reschke@gmx.de>wrote:

> On 2014-03-11 07:16, Yoav Nir wrote:
>
>> Hi, Martin
>>
>> Thanks for writing these drafts. Three comments about this one:
>>
>> 1. I would prefer a special response code that says "go away and don't
>> come back without a certificate" rather than reusing 401, but that's
>> just an aesthetic issue, not substantive.
>>
>
> Why?
>
> It seems to me that 401 is totally applicable here.


Only because it is not followed by the same request with an Authorization
header.

 2. I'm wondering if the message sent to the client can be expanded
> enough so that the browser sometimes does not need to pop up a
> certificate picker. For example, suppose I use a certificate with DN
> "CN=ynir,OU=users" to log in to my SSL-VPN portal. The portal has stored
> this information in my browser via a cookie. If a string representation
> of this DN in sent in the 401 message, the browser can open the new
> connection without bothering the user.
>

<http://tools.ietf.org/html/draft-thomson-httpbis-catch-00#section-2>
> already says:
>
>    A challenge with this auth-scheme does not define the use of any
>    parameters other than "realm".  Other parameters MAY be used to
>    provide a client with information it can use to select an appropriate
>    certificate.  Unknown parameters MUST be ignored.
>
> The question is whether the draft needs to be more specific.


I think if we say that paramteres MAY provide a client with information, we
should say what such parameters could be.


>  3. There is the issue of discovery. With current browsers (and TLS
>> 1.0-1.2) the server initiates a renegotiation. A new browser (with TLS
>> 1.0-1.3) would use this new mechanism. How does the server tell an old
>> browser from a new one?
>>
>
> In HTTP/2, we forbid renegotiation (I believe), that a UA that speaks
> HTTP/2 will know what to do. (But then, how does this work for 2.0<->1.1
> intermediation?)
>

This creates a strange dependency between HTTP versions and TLS versions.

HTTP/2 forbids renegotiation and TLS 1.3 doesn't have it. OK for a new
server, new browser, and new TLS library.

HTTP/1 servers that need client authentication will have to downgrade to
TLS 1.2 so they can get renegotiation.
HTTP servers that support both HTTP versions will need to have convoluted
logic in the TLS stack that says that if the ALPN did not include http2
then the ServerHello has to cap the versions at TLS 1.2.

I'd much rather this new authentication scheme was HTTP version
independent.

Yoav

v2.23.0 | Report a Bug | By Email