Re: [keyassure] Bare keys again
Paul Wouters <paul@xelerance.com> Mon, 21 March 2011 20:37 UTC
Return-Path: <paul@xelerance.com>
X-Original-To: keyassure@core3.amsl.com
Delivered-To: keyassure@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 57FFC28C175 for <keyassure@core3.amsl.com>; Mon, 21 Mar 2011 13:37:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.591
X-Spam-Level:
X-Spam-Status: No, score=-2.591 tagged_above=-999 required=5 tests=[AWL=0.008, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mSKE+-eWzZW7 for <keyassure@core3.amsl.com>; Mon, 21 Mar 2011 13:37:30 -0700 (PDT)
Received: from newtla.xelerance.com (newtla.xelerance.com [193.110.157.143]) by core3.amsl.com (Postfix) with ESMTP id 1E9443A6886 for <keyassure@ietf.org>; Mon, 21 Mar 2011 13:37:30 -0700 (PDT)
Received: from tla.xelerance.com (tla.xelerance.com [193.110.157.130]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by newtla.xelerance.com (Postfix) with ESMTP id 2D284C5CA; Mon, 21 Mar 2011 16:39:02 -0400 (EDT)
Date: Mon, 21 Mar 2011 16:39:01 -0400
From: Paul Wouters <paul@xelerance.com>
To: Matt McCutchen <matt@mattmccutchen.net>
In-Reply-To: <1300739370.2117.40.camel@localhost>
Message-ID: <alpine.LFD.1.10.1103211631260.20162@newtla.xelerance.com>
References: <92D68A5E-5CB7-4C80-8D7B-0B8D55D93608@kumari.net> <alpine.LFD.1.10.1103201932370.20162@newtla.xelerance.com> <9D285351-8D73-4C15-BE2C-5DF731C08DCE@vpnc.org> <alpine.LFD.1.10.1103202028110.20162@newtla.xelerance.com> <1300669586.2117.12.camel@localhost> <alpine.LFD.1.10.1103202211390.20162@newtla.xelerance.com> <1300739370.2117.40.camel@localhost>
User-Agent: Alpine 1.10 (LFD 962 2008-03-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Cc: keyassure@ietf.org
Subject: Re: [keyassure] Bare keys again
X-BeenThere: keyassure@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Key Assurance With DNSSEC <keyassure.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/keyassure>
List-Post: <mailto:keyassure@ietf.org>
List-Help: <mailto:keyassure-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/keyassure>, <mailto:keyassure-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Mar 2011 20:37:31 -0000
On Mon, 21 Mar 2011, Matt McCutchen wrote: >> - "pre_agreed": no CA root key identity supplied. > > "pre_agreed" stands for a set of one or more trust anchors that is > already known to the other side in the context of a particular > deployment. Hence, bandwidth is saved by not sending identifiers for > the trust anchors. which is the case of the TLS client has gotten the public key from DNS using DANE. But it does not matter how the client obtained the trust. The client is telling the server it has all the required trust anchors, and that the server can ommit sending them over. That is exactly what the option is meant to do. I can see how we would want the TLS client behaviour to be written down in a standards document, and I am more then happy to do so. But adding a new TLS client/server extension is silly. it would have the exact same semantics as "pre_agreed", as I don't think we would want to state that the "new pre-agreed" can only be used if the client has used DANE to validate the key. This is like writing separate laws for email spam and fax spam.... > Using "pre_agreed" to tell the server it can skip > sending a certificate chain is not envisioned by RFC 6066. On the contrary, that is *exactly* what the goal of 6066 is. It specifies as reason "memory starved clients" and "reducing bandwidth", but why is that list treated as an exclusive list? >> The only thing that is different here is that I am using a client contraint >> that is different from the examples listed at the start of section 6. > > What is different is that the server does not send a certificate chain. Which is exactly what happens on a TLS client preloaded with the root CA of the server, in a low memory or low bandwidth situation sending the "pre_agreed" option. Just because for bare public keys the client has a different format (or method) of getting that information should be irrelevant to 6066. Paul
- Re: [keyassure] Issues that no longer issues? Ondřej Surý
- [keyassure] Issues that no longer issues? Warren Kumari
- Re: [keyassure] Issues that no longer issues? Paul Wouters
- [keyassure] Bare keys again Paul Hoffman
- Re: [keyassure] Bare keys again Paul Wouters
- Re: [keyassure] Bare keys again Matt McCutchen
- Re: [keyassure] Bare keys again Paul Hoffman
- Re: [keyassure] Bare keys again Paul Wouters
- Re: [keyassure] Bare keys again Eric Rescorla
- Re: [keyassure] Bare keys again Martin Rex
- Re: [keyassure] Bare keys again Stephen Kent
- Re: [keyassure] Bare keys again Paul Wouters
- Re: [keyassure] Bare keys again Paul Wouters
- Re: [keyassure] Bare keys again Eric Rescorla
- Re: [keyassure] Bare keys again Matt McCutchen
- Re: [keyassure] Bare keys again Matt McCutchen
- Re: [keyassure] Bare keys again Paul Wouters
- Re: [keyassure] Bare keys again Eric Rescorla
- Re: [keyassure] Bare keys again Phillip Hallam-Baker
- Re: [keyassure] Bare keys again Paul Wouters
- Re: [keyassure] Bare keys again Paul Wouters
- Re: [keyassure] Bare keys again Martin Rex
- Re: [keyassure] Bare keys again Matt McCutchen
- Re: [keyassure] Bare keys again Matt McCutchen
- Re: [keyassure] Bare keys again Martin Rex
- Re: [keyassure] Bare keys again Paul Wouters
- Re: [keyassure] Bare keys again Jeff Schmidt
- Re: [keyassure] Bare keys again Paul Hoffman
- Re: [keyassure] Bare keys again Matt McCutchen
- Re: [keyassure] Bare keys again Douglas Otis
- Re: [keyassure] Bare keys again Douglas Otis
- Re: [keyassure] Bare keys again Henry Story
- Re: [keyassure] Bare keys again Paul Wouters
- Re: [keyassure] Bare keys again Ben Laurie
- Re: [keyassure] Bare keys again Paul Hoffman
- Re: [keyassure] Bare keys again Matt McCutchen
- Re: [keyassure] Bare keys again Paul Wouters
- Re: [keyassure] Bare keys again Matt McCutchen