Re: [keyassure] Binding to full TLS encapsulation or STARTTLS
Phillip Hallam-Baker <hallam@gmail.com> Sun, 13 February 2011 23:53 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: keyassure@core3.amsl.com
Delivered-To: keyassure@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AF0183A6B6F for <keyassure@core3.amsl.com>; Sun, 13 Feb 2011 15:53:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.458
X-Spam-Level:
X-Spam-Status: No, score=-3.458 tagged_above=-999 required=5 tests=[AWL=0.140, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9OD-jTKXmFJG for <keyassure@core3.amsl.com>; Sun, 13 Feb 2011 15:53:28 -0800 (PST)
Received: from mail-yw0-f44.google.com (mail-yw0-f44.google.com [209.85.213.44]) by core3.amsl.com (Postfix) with ESMTP id 8A8093A69A7 for <keyassure@ietf.org>; Sun, 13 Feb 2011 15:53:28 -0800 (PST)
Received: by ywk9 with SMTP id 9so2052368ywk.31 for <keyassure@ietf.org>; Sun, 13 Feb 2011 15:53:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=KbnhOq0oDGWFnEM8jRPcdBJFNKBEvPAsX+uvLogqxKE=; b=mXAfFK2DIhpEMKfduJ5y4Zmsqub2r+VH3Z6k5cFZuCJAOjYV6p4x7/sALTszoy2dYo /5V+UFtfY5O+tfpeFrhA3AIRcixh52sWkcktHEqjzdjO4jEyWLA0sGGeSpgoRUXqZE9d p6r+BwDW1UBwlo54ydqRnZwxee2ZSocnYgwWc=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=JiwcQj0p+2IbosXSi271jezfNE1iXFw91K2Pya+/FZCvNrph+zoB0UQlJM3M4d4gEC FoS4TJ2w5Ak7IumVskbMeEL92uNMJK27oqJLITKqO2GbA9ZupIlIQqU6TO5DOOzNJrMz 6xGSdcDNT1LcpRZyWCfcvyCB18udBBRGBRC8g=
MIME-Version: 1.0
Received: by 10.100.167.18 with SMTP id p18mr1313933ane.6.1297641227794; Sun, 13 Feb 2011 15:53:47 -0800 (PST)
Received: by 10.100.244.38 with HTTP; Sun, 13 Feb 2011 15:53:47 -0800 (PST)
In-Reply-To: <1297620910.1890.28.camel@mattlaptop2.local>
References: <1297620910.1890.28.camel@mattlaptop2.local>
Date: Sun, 13 Feb 2011 18:53:47 -0500
Message-ID: <AANLkTimRbStTs+Z5innxrArXDza3S=iQh9bN-_aK3CEV@mail.gmail.com>
From: Phillip Hallam-Baker <hallam@gmail.com>
To: Matt McCutchen <matt@mattmccutchen.net>
Content-Type: multipart/alternative; boundary="001485f6d1ae6db88c049c32a49e"
Cc: keyassure <keyassure@ietf.org>
Subject: Re: [keyassure] Binding to full TLS encapsulation or STARTTLS
X-BeenThere: keyassure@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Key Assurance With DNSSEC <keyassure.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyassure>
List-Post: <mailto:keyassure@ietf.org>
List-Help: <mailto:keyassure-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Feb 2011 23:53:30 -0000
That openeth a can of worms. While it would be nice to be able to simply open a TLS session rather than start raw and negotiate an upgrade, that is hard to support on the server side unless the server has separate port assignments for raw and TLS service. That works for HTTP, NNTP and a few others. But the IAB and IESG clamped down on dual port assignments and so that scheme only works in some cases. HTTPS is not quite the same thing as HTTP with inband upgrade to SSL. I am not even sure how widely supported the inband upgrade is for HTTP. Not trying to be difficult here, I have really no good scheme for fixing this. On Sun, Feb 13, 2011 at 1:15 PM, Matt McCutchen <matt@mattmccutchen.net>wrote: > I realized that TLSA as we are currently discussing does not bind keys > to the use of full TLS encapsulation or STARTTLS. I'm thinking this is > OK because it would be pretty ridiculous to multiplex different services > based on the use of full encapsulation or STARTTLS, and clients > generally do not ascribe security significance to the use of one or the > other. E.g., if I bind a key to _3141._tcp.example.com for a service > that uses STARTTLS, I can't think of any scenario in which a client > trying to use full encapsulation would be harmed if a MITM allowed it to > succeed by performing the STARTTLS part directly with the server. It > might be nice to prevent web browsers from talking to STARTTLS services, > but that would be far from a complete solution to the problem of > browsers being a loose cannon for arbitrary connections, nor is it our > responsibility to solve that problem here. > > Sanity check? > > -- > Matt > > > _______________________________________________ > keyassure mailing list > keyassure@ietf.org > https://www.ietf.org/mailman/listinfo/keyassure > -- Website: http://hallambaker.com/
- [keyassure] Binding to full TLS encapsulation or … Matt McCutchen
- Re: [keyassure] Binding to full TLS encapsulation… Phillip Hallam-Baker