Re: [kitten] Comments on draft-tls-channel-bindings-for-tls13
Sam Whited <sam@samwhited.com> Thu, 26 November 2020 13:44 UTC
Return-Path: <sam@samwhited.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E36E3A10F6 for <kitten@ietfa.amsl.com>; Thu, 26 Nov 2020 05:44:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.12
X-Spam-Level:
X-Spam-Status: No, score=-2.12 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=samwhited.com header.b=YBtZxHhM; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=f3sLKkdy
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o1rT_9_J2OVu for <kitten@ietfa.amsl.com>; Thu, 26 Nov 2020 05:44:18 -0800 (PST)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A2043A10F5 for <kitten@ietf.org>; Thu, 26 Nov 2020 05:44:17 -0800 (PST)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 5528E5C0124; Thu, 26 Nov 2020 08:44:16 -0500 (EST)
Received: from imap34 ([10.202.2.84]) by compute4.internal (MEProxy); Thu, 26 Nov 2020 08:44:16 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=samwhited.com; h=mime-version:message-id:in-reply-to:references:date:from:to :cc:subject:content-type:content-transfer-encoding; s=fm1; bh=gc fMv6OP/e0VV3pvn7Um9kPTCL1n/Dmh2cuQJZecrJw=; b=YBtZxHhM4tynRNPeaa vOMugNBTxBTa+w8Z2j0MmQ/pGGt3Crn66PK0A5vP7u46QqMmdSXtiimamrv/hgYt ffYu1VECVLKVeVcaKdC38NQpJY/WByNNsDatG26aMDz307keQ5vRGnwJbR7WEgsG 6uEsXZze/Jtxppemm32skjZNq1n8TPANrH+258ZeYrxPSQz/3YLRqBlWr/Y4lzl+ 2+6Z+dOD2gdtY4UvZ4ssMwMdX4Z+IAf7BuUvewt3zVG467aI7xaHGtB226+auQ+9 OP3SxNvgG8VJcM5x98dBN7SR5W2K4iK8JOQEKEwLd5bz13krF2IFbb4gMPuoRWKf 9FNg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; bh=gcfMv6OP/e0VV3pvn7Um9kPTCL1n/Dmh2cuQJZecr Jw=; b=f3sLKkdyzo4T3O/tzZBVNjQNKWmLuvgHRaWSxqr+6Mq0LOdTtMP9T7Mvy DECCbnAttL13QkAfFLAOSTWDJnEdEO/AhRgiZMjEl3PD/5EGoNngEOe2X2mAsLZ+ wgyqX4OcEU5D7ptsH1t8n1r2AiGauQ9CYtKNbYSxAPrXuGgN3P7f19G8yFwXKFrd ATJKuOGRWT7LD/lWsFMIKEoiSx+U1FQYG358YGu1hX1FHPCCTXbqIjIqYnDxaWO3 Sco1jMI3eO8se8xaQenOhlREPxxVSBPql8dX0RhoXcsHASWUamcyiFY+zgst7p38 VFxh2SjzDDmzO7oCpdEbl7R2iIUkw==
X-ME-Sender: <xms:MLG_X-MPJUmivSnjmLE4xdjdPmWiBtGdhALvDlyvrO-ZLLKw2X6W0Q> <xme:MLG_X8_RRziQlioCaB_V9UrwKu17iEuzn_efbEq4Va3Tikt1Nl0hJRlgh__nqaZh3 tm6fEDPCgqLFIqTZQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrudehvddgheeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhepofgfggfkjghffffhvffutgfgsehtqhertderreejnecuhfhrohhmpedfufgr mhcuhghhihhtvggufdcuoehsrghmsehsrghmfihhihhtvggurdgtohhmqeenucggtffrrg htthgvrhhnpedvffeuvdduhfefvdeiheeukeffhfekjeevgffggedtlefhhffhieevkedu vefhjeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpe hsrghmsehsrghmfihhihhtvggurdgtohhm
X-ME-Proxy: <xmx:MLG_X1SnSGEkgnLDaV5qP4fPu5JcJ4eRg7zuHYo089PLgrWTMK0U5A> <xmx:MLG_X-simBDRmGlZ_PJ4CS8joh7TyQPtnMpH2qNdCN1XIiiwxayXyg> <xmx:MLG_X2fEDfdRUBuLfDPxA2jhyMMuwPhnqeF7IAS2Cdy9ddB9nA2ZRw> <xmx:MLG_X4rPQDDGKaRxy1itB3fBYxHzj_Ty9bAMuCMtFHj8So4XUO_5kA>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 07C451460062; Thu, 26 Nov 2020 08:44:15 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-622-g4a97c0b-fm-20201115.001-g4a97c0b3
Mime-Version: 1.0
Message-Id: <48c1644c-27e0-4940-baf1-1e7d20e597f6@www.fastmail.com>
In-Reply-To: <20201126022134.GS39170@kduck.mit.edu>
References: <jlgsg965tu9.fsf@redhat.com> <d2bfc973-36c6-40f6-9a2f-cca6b4bce0b0@www.fastmail.com> <20201126022134.GS39170@kduck.mit.edu>
Date: Thu, 26 Nov 2020 13:43:55 +0000
From: Sam Whited <sam@samwhited.com>
To: Benjamin Kaduk <kaduk@mit.edu>
Cc: KITTEN Working Group <kitten@ietf.org>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/5COWzb1oYjVg6WeKhlzW3VpqbAU>
Subject: Re: [kitten] Comments on draft-tls-channel-bindings-for-tls13
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Nov 2020 13:44:19 -0000
Responses inline: On Thu, Nov 26, 2020, at 02:21, Benjamin Kaduk wrote: > I would have to go trawl through the archives to be sure, but in TLS > 1.3 the first Finished is sent by the server, and does not cover the > client Certificate. So the RFC 5929 tls-unique is not fit … Not to mention that in some situations it may not even exist (ie. when 0-RTT is enabled). If you find a citation for this I'm game to expand this section a bit to cover why it wasn't great for TLS 1.3 specifically. > It may (or may not) be worth a reminder that any renegotiation is > pre-TLS-1.3. Probably a good idea; I'll ear-mark that for the next version. I don't have it in front of me, but I vaguely remember mentioning that it wasn't defined when renegotiation was in use, but since we don't define it for TLS 1.2 anyways that's probably redundant. I'll try to clear that up anyways. > Indeed, and I've been attempting to promote this unified usage. If you can think of a way to do it safely I'm not against defining this for TLS 1.2, I just don't think I personally have the expertise to do so since the key exchange mechanisms may or may not be safe for channel binding and it feels bad to have a CB mechanisms that has to have a big allow list of ciphers and lots of warnings like "Don't do this if you're using RSA key exchange, it won't actually be a valid binding", etc. —Sam
- [kitten] Comments on draft-tls-channel-bindings-f… Robbie Harwood
- Re: [kitten] Comments on draft-tls-channel-bindin… Sam Whited
- Re: [kitten] Comments on draft-tls-channel-bindin… Benjamin Kaduk
- Re: [kitten] Comments on draft-tls-channel-bindin… Sam Whited