IETF Logo Mail Archive

Re: Call for Adoption: Secondary Certificate Authentication in HTTP/2

Nick Sullivan <nick@cloudflare.com> Fri, 26 August 2016 22:40 UTC

Return-Path: <ietf-http-wg-request+bounce-httpbisa-archive-bis2juki=lists.ie@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A29C012D847 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 26 Aug 2016 15:40:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.568
X-Spam-Level:
X-Spam-Status: No, score=-7.568 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.548, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cloudflare.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lr17bdCcyE3M for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Fri, 26 Aug 2016 15:40:26 -0700 (PDT)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D6A2012D84A for <httpbisa-archive-bis2Juki@lists.ietf.org>; Fri, 26 Aug 2016 15:40:23 -0700 (PDT)
Received: from lists by frink.w3.org with local (Exim 4.80) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1bdPhE-0006W0-MY for ietf-http-wg-dist@listhub.w3.org; Fri, 26 Aug 2016 22:33:56 +0000
Resent-Date: Fri, 26 Aug 2016 22:33:56 +0000
Resent-Message-Id: <E1bdPhE-0006W0-MY@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtps (TLS1.2:DHE_RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <nick@cloudflare.com>) id 1bdPh0-0006V9-HL for ietf-http-wg@listhub.w3.org; Fri, 26 Aug 2016 22:33:42 +0000
Received: from mail-it0-f54.google.com ([209.85.214.54]) by maggie.w3.org with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <nick@cloudflare.com>) id 1bdPgy-0006D4-N5 for ietf-http-wg@w3.org; Fri, 26 Aug 2016 22:33:42 +0000
Received: by mail-it0-f54.google.com with SMTP id e63so15921344ith.1 for <ietf-http-wg@w3.org>; Fri, 26 Aug 2016 15:33:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloudflare.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ya6d1MI1yIlm8B6Hxcxw07N0zWBox3cg8/Cv5Xb/a4E=; b=J4mu30ZsVS+OmIIvI+Q67XrHLj8grz3q4WCghl4t7k+i1xsyYkPMvjbRLoZZ4yBUyO FVdPwOYpnAl/jseFMoIlYWzmdaVs5WwZbuFq+Y1/onfkOvrIY+Qg+uso1JamUM/Y+xNa lHW6xk6arQ0b4Idm0ac3AU6uqEF5xZOy830zc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ya6d1MI1yIlm8B6Hxcxw07N0zWBox3cg8/Cv5Xb/a4E=; b=jSzBsfuhKDwMMuOkwcrlkS/x2afgePCCLf85HrFUUjW8TQ2j+jvkP2N7kZNWEXW5jY /rpRUUhDWf/GBjFbql1Q5xZKL8ABgoCJbJ5Lb5IYWliCXUEZ1ky/OnF20tpJiwAsV3v5 5cRJNXDj9GCXGHFhyxcFXhwYpD15LRdfOG65usct+YqBnE/hVLe4b0cvYzwj1NbZ07Sn Imaspur2Wf+5AMw3l/b/Bv8yoTIAXz9xvbVvo80mvar8ni6VpFscfA0CMtVXZoMScOX9 oI4c0BmO7A22s2K9xsmRdVroN0Ur1X9UH0uFbo1MUkiCt+x7A3E2IQtXaNyv8AgLe1Sv Y+yg==
X-Gm-Message-State: AE9vXwNs4Eba8TFDWP6B+0sLwVN95NWmeKdGGG6GgxWzQJB9/qd5bWsAg1Hh5eouTm8km6+NkyjefS9EyTpj+0Jj
X-Received: by 10.36.60.10 with SMTP id m10mr1407091ita.95.1472250793782; Fri, 26 Aug 2016 15:33:13 -0700 (PDT)
MIME-Version: 1.0
References: <F9D2CFF3-57C2-41BD-ACB1-FA6C991458D7@mnot.net> <CABcZeBPTYgcfecKErhacR=jfXkoRPESgUQ=1pzPEWg092fqZvw@mail.gmail.com> <20160724103435.GA576@LK-Perkele-V2.elisa-laajakaista.fi> <CABkgnnX_0YC5-=EbZfU0XGtXeGvE7GH+5K75PW+FMsRsEOj23Q@mail.gmail.com> <20160724111830.GB576@LK-Perkele-V2.elisa-laajakaista.fi>
In-Reply-To: <20160724111830.GB576@LK-Perkele-V2.elisa-laajakaista.fi>
From: Nick Sullivan <nick@cloudflare.com>
Date: Fri, 26 Aug 2016 22:33:03 +0000
Message-ID: <CAFDDyk_VYjV+dJff4S8mUfTY293nhH7pumcjaHKfe8WNys99WQ@mail.gmail.com>
To: Ilari Liusvaara <ilariliusvaara@welho.com>, Martin Thomson <martin.thomson@gmail.com>
Cc: Eric Rescorla <ekr@rtfm.com>, Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Content-Type: multipart/alternative; boundary="001a114aa5ac958480053b01199e"
Received-SPF: pass client-ip=209.85.214.54; envelope-from=nick@cloudflare.com; helo=mail-it0-f54.google.com
X-W3C-Hub-Spam-Status: No, score=-4.7
X-W3C-Hub-Spam-Report: BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, W3C_AA=-1, W3C_WL=-1
X-W3C-Scan-Sig: maggie.w3.org 1bdPgy-0006D4-N5 7856347fe3df82827ae05d0f0e377875
X-Original-To: ietf-http-wg@w3.org
Subject: Re: Call for Adoption: Secondary Certificate Authentication in HTTP/2
Archived-At: <http://www.w3.org/mid/CAFDDyk_VYjV+dJff4S8mUfTY293nhH7pumcjaHKfe8WNys99WQ@mail.gmail.com>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/32367
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>

The other option is to restructure this document so that the frame 0
communication is handled in the TLS layer using this proposal (or something
like it):
https://tools.ietf.org/html/draft-sullivan-tls-post-handshake-auth-00

Moving the authentication and certificate exchange to a lower layer should
answer many of the questions raised in this thread.

Nick

On Sun, Jul 24, 2016 at 4:23 AM Ilari Liusvaara <ilariliusvaara@welho.com>
wrote:

> On Sun, Jul 24, 2016 at 12:56:31PM +0200, Martin Thomson wrote:
> > On 24 July 2016 at 12:34, Ilari Liusvaara <ilariliusvaara@welho.com>
> wrote:
> > > I think one needs to also sign and MAC over any implicit parameters
> > > that are shared over multiple authentications. E.g. Supported end-
> > > certificate signature algorithms.
> >
> > My understanding of SIGMA is that the MAC needs to cover the identity
> > and other properties, but the signature only has to cover the key
> > shares (or shared key).  Thankfully we don't need to worry about that
> > distinction because of the way that TLS 1.3 and EMS cause everything
> > to depend on everything else: keys depend on identity and negotiation
> > parameters as much as the MAC does.
>
> I thought the easiest way is to multi-tap hashes (in the same style
> TLS 1.3 does), which impiles that the both cover the same things
> (modulo MAC also covering the signature)...
>
> And if MAC needs to cover the "implicit" properties, it means you
> need to be able to include those into computations.
>
> > Either way, I am increasingly of the opinion that we should ask for
> > this facility from the TLS working group.  There are subtleties to
> > this that are easy to get wrong and good analysis is crucial.
>
> I think before that, one should plan the interface to HTTP/2 and
> some rough ideas for what information is passed.
>
> E.g.
> - Are the requests transferred as header blocks or binary blobs
>   (I presume responses are binary blobs)?
> - At least which parameters are present for each request?
> - What of above parameters are shared over multiple requests?
> - How many flights are allowable (I presume 1 request + 1 response,
>   but this should be explicit)?
> - If typed auxillary data (e.g. OCSP staple or SCT staple) can be
>   passed back or not?
>
> This is to know what to request, so one avoids nasty surprises
> of having hard time figuring out how to pluck the result into
> HTTP/2.
>
>
> And I think certificate use control should be separate mechanism,
> operating over proven certificates in client->server direction.
>
>
> -Ilari
>
>

v2.23.0 | Report a Bug | By Email