IETF Logo Mail Archive

Re: [kitten] Status update on draft-ietf-kitten-tls-channel-bindings-for-tls13-15

tom petch <daedulus@btconnect.com> Fri, 29 April 2022 08:30 UTC

Return-Path: <daedulus@btconnect.com>
X-Original-To: kitten@ietfa.amsl.com
Delivered-To: kitten@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18D3DC1595E2 for <kitten@ietfa.amsl.com>; Fri, 29 Apr 2022 01:30:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.758
X-Spam-Level:
X-Spam-Status: No, score=-3.758 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, NICE_REPLY_A=-1.857, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=btconnect.onmicrosoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O7rXmCuuAz-O for <kitten@ietfa.amsl.com>; Fri, 29 Apr 2022 01:30:52 -0700 (PDT)
Received: from EUR02-VE1-obe.outbound.protection.outlook.com (mail-ve1eur02on0709.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe06::709]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DAA97C15948A for <kitten@ietf.org>; Fri, 29 Apr 2022 01:30:51 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=AyNdCXcvkmP+lA/F59QtU7nyeKlzTtIfzDw28GcuXuLmMFwGKYL9Wf+SMTuMPq8Ht2pPmtFgiIary8vDfvIPZ7E4AFVcNiBYZOn+r8Jtm9PQxaH5MGWuyaYy7PoOKnvcBJJoHEI8ka+/NJSliprjrAiho/wLCTdQxfoSAKXB1s9ISSFOFt+8r3UFK5V7jDSlB0lQf8b4QiBRx1A2uOGcqhTbahFrxO6RfRYLaD1cnjpSJ99YsOq2FAnnRh4JcBSiafuy56/+lyMvuUDCHBLUwREfz6Y4AvbGT3Xu8WxsR7R8ugPGvzjhC5YDvb85rr+Sf8FqtXQdoHPKLWW5n7DUFw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KbuEBn1JAEshX6ullB6tPkI5XIG7V4JFaZRBCZ354zA=; b=GmO0Faw9/zhV4/NphJFOOQxP2W9hRw9Qax4kIzGg/TX/MKV1kCg9o8vsaHq9nOYkOFhGQFIERUJyFwnbT/dVKXwYSt7ShjHcN7lbwkrJ86fzmSxt9cj+VKTBsLNM7Cm/bDC8ytnQd7qcY2OmdONHOopSwLXC4FKIkKoFJtfPnQX9glLnm+WIo8QFbB93Vz2ngnB/bw8ijSAfbkuCO/aIqe9HaHtHErsbDQP/mNVYXoRSFoCkO/IPePO1BYmk1qcnSeWlV738On+WKWKngw0E1i5uLenSvt3uGHlGnIvTJxGNL1RMaEd127nuZAk7kObVEcOUDpdDQrSLacFil4QETw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=btconnect.com; dmarc=pass action=none header.from=btconnect.com; dkim=pass header.d=btconnect.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btconnect.onmicrosoft.com; s=selector2-btconnect-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KbuEBn1JAEshX6ullB6tPkI5XIG7V4JFaZRBCZ354zA=; b=ePZFJ8DmMxGGdcfQGYG/OV+wOccHkLpzzipSRij60QEQnNnMUPuf4N/zWpNcLtojJ3uiyNpw7mxJM/tpL8B4drqy0g4GXDKMMLTQ9auqYqmMjT0kn2xM15HdM+Qy2hh69hJf0kDC1WLvv1fiGuWfwoLlQNRucOagYez/cxD+f5M=
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=btconnect.com;
Received: from VI1PR07MB6704.eurprd07.prod.outlook.com (2603:10a6:800:18b::8) by DB7PR07MB5849.eurprd07.prod.outlook.com (2603:10a6:10:89::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5206.14; Fri, 29 Apr 2022 08:30:47 +0000
Received: from VI1PR07MB6704.eurprd07.prod.outlook.com ([fe80::9c36:eb0d:f01c:82e5]) by VI1PR07MB6704.eurprd07.prod.outlook.com ([fe80::9c36:eb0d:f01c:82e5%7]) with mapi id 15.20.5206.014; Fri, 29 Apr 2022 08:30:47 +0000
To: Benjamin Kaduk <kaduk@mit.edu>
References: <9365ee48-162a-4b1f-20b5-4f3853e43201@isode.com> <52B1911E-5D62-49F1-91AC-D4B9476A9CA2@aiven.io> <f1e8c499-49c7-c41c-c641-a51c0f2010e2@isode.com> <626ABCB2.9000605@btconnect.com> <20220428162301.GX13021@mit.edu>
Cc: Alexey Melnikov <alexey.melnikov@isode.com>, Paul Wouters <paul.wouters@aiven.io>, kitten@ietf.org
From: tom petch <daedulus@btconnect.com>
Message-ID: <626BA232.2020902@btconnect.com>
Date: Fri, 29 Apr 2022 09:30:42 +0100
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:38.0) Gecko/20100101 Thunderbird/38.5.0
In-Reply-To: <20220428162301.GX13021@mit.edu>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
X-ClientProxiedBy: LO2P265CA0447.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:e::27) To VI1PR07MB6704.eurprd07.prod.outlook.com (2603:10a6:800:18b::8)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 7d26ead8-15f0-479f-846f-08da29ba8f74
X-MS-TrafficTypeDiagnostic: DB7PR07MB5849:EE_
X-Microsoft-Antispam-PRVS: <DB7PR07MB584923FBD71677247ACE664CC6FC9@DB7PR07MB5849.eurprd07.prod.outlook.com>
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: C1McasYU4V3UtficDFHqRYDiM/2dL59d6djILK0ZB2pfsqNc+BkDDofQ8oJ2ZsTpyL0LOb7S1lkQwExG01aQQsvHYzy/zfQd6XKca5LuktvAF1wPthrWSdf6VdKikRPCLv55ntclP/XHJnJfFga0prxAmLNiZEgErVDB7NYG3utYeCjrEfJE3Bp/HyKFKohXKEd47Gd0ILaFngdz8VUU3NYNee2VeSfsAgTl909njnfC0FA8Lg4UtIKqkV8v4WtP1Pm1ctKNj7a+3ppjH44Tp+/Eb4i/sCL83TjDoXfsjYhpucPpQYWW2822byVpmYIKZJhNp/+wrtXsr1NNcAwmMuYWvyenxuIub42PGaAL0Oc1HwZDOqlQOTEtbf8sN6EF7J1bt1NMT5I/DWv9b7f0Q3+uuZDMGDMuxuiy3D29SCdnScb46oHxDZTQwmbE89i5Lmzjhy3k0Qwz2PuW69fQSEGdrSQi1BHDsP0CmH5YeAr2i1Jlz5zQIsKW+vsBCdgeprsZeDaBMUx7NrRLlKKvKqiI3khXtVCNTX18KQc7XFprkkM/vPtD1ISq5AV6JTLXMMdV/G4adPlbx9ZBFCO2nG935Fe4LhwfMnchS+ixDMm0i5+wLmdq1u5rNHhOVDdmI3ib+YdF10L0hLHvqPkWjDauoWCO5DggBbjynJ1gTEdH0HELWG7nfuAlDs2e13lNWMRQsKOakOl20qrruacImQ==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR07MB6704.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(366004)(6486002)(53546011)(26005)(87266011)(6512007)(8936002)(316002)(54906003)(6506007)(5660300002)(6916009)(52116002)(66476007)(8676002)(4326008)(82960400001)(6666004)(66946007)(66556008)(508600001)(86362001)(38350700002)(38100700002)(186003)(36756003)(2616005)(83380400001)(33656002)(15650500001)(2906002); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: gLUC1mK53eycVOhqj7P0M3f6nuzvca4JzVv5WPhN23WA8EZIzUKu8uIWZ0cxrnVKQMdC/M21Abni6ATdQn4M2Vly3UZAEXkYXpOGGAQZOhh3NluDBHOgRVecsupIQOM/xPZA3NL0W4w9kIRcRy9W6lYKm025xoE8LySCHal9Ji+3ph9HDC0UDEfSAYpmyi5brUgtRQszLKTIXcPWUISa8blaqjuuYdRv+Er8TDL0QLEsdbSYBZ0t5qMOU+mdPkvBja8TGRVMnk+VlvPN7syO2btxPztPw7TVyROPdPR4sQyvmQdAAKmBY32M2bGs5a0NRNFTlxPIKjM/DEOAPmnhDAK/UUGAfjPw+D65ehufZiLGVD6GyvdXeuaakJ4GFj93VgZvK8h4j0fhHOugrfRAxsBvSaG7kJHGOPHPI22S6lBmLeTWUkvw4G6r2WYfY2g2+HujERX9u0V2NuptI5zsJ8vZ15L/o+mYX+Ve6rKPJY4d5cxFMN4g0Y/InPhHS6A+5qZLDIs7bxJb+csOguRGc7K1N4kqfstDL2GUpNQ8ZBtWmbzWy8YVbfxwJ2WvnrWGHiBoq92cHj8bD0JIb09eHnKTe77XP/efJiaKOxUNOJ3AZHKOLTGb6w7MftUGet+Ixuj2rUooVSuCZjGfVsllzP3OV5Sq+/z6EAoIBshmqNqMBVnWQrbNYDNqRcDUiDnrTHPYdlq9lDdCnAWuSlxBcv06yV+yO06/ZjRRLP4/z0PbEaAmFQYeYd5EH1pvBdBdOSe4XLESb0yVFaVI/BtUeL+OAf0JwSHnlEtpFr40I6ygc9kmA1ANi469IHtLzOIkbNxWvu3ZNWj+oDRs0irPDeMuMut6AjPQdwv19MB3zzGbkXHdzQlFVXWId4lmuTJiBcH9sIbpYf+YE0lQVfMDmM1iPXoTpRzXZ3nFqskek0ZJtzORKfk8b/DMTbs4GdfODal7f8/IngMVJifxQQNhJgjIV7gw+kXS6ePz8UR7B6GKrMQEXRK6H0XxS5BrlZwBPHNisX5f1W86VvDzFFtZRL6ob8akm0gdSW9Lmi+FIUVzPtZtUBDT8jam7QnRN6DapNlgsfcGqXaKOFkST2zNCu3EtlxxZxi6WrbgJDedbHk7Ipeq0KXvO03Vq971w7jCx1IYtwcfuKuxpt4yeJWCUFFZmtqOJTla2FBwnpuS03TP39JL1GyAq/zXplhTnYrkYkXojq46TPZRqW4/AS6z4fQ8ZxXc+lcDXWP0xtfP6gkIXAJBBvuM/KGeZGOPw01tzHCd8zpbBtCHSExa51oiWm4csNPbdX8NuBK8OzfA2rsqEE+j/oAkErScLZ5aXLhV2jN9KStmKVzO/ITFF+MxSvqHElS3MjdjNOE19FCJ7xDe7Ex0FIaFD0Odn1pRXPrqRyoUMF04DqXF3EGw5lik7hsL7wGloOMCP7nywwB3SXIJVsQp3l8oG2fYXN6sCSxqCpQ6WaMoJ7FsYFlUCKcsjrEKUHqMNEcKfgkhZp9p7r5oQlb64hbmE+zpZQakWCA7JKWEruPR2hn92EAWMppObiJCmFz/yhNP1uHVM7T88lOC3gc2t6oJxwcqCVxKDfrwHUJKs1+rSqRnz3RJElvxe/arvg1caywFBs7KLgxtrz7JNKYZ8+lQscnCrsb7LVc96DZ0Osn932vBv+pPNRZ3Ao1U9lm5T7dAXnyC6n8dPYdThLiFjwq6j4+O5Suly3A6wBqZo+qF2dsfzbIDNocBBnA5tOBMHI1jk49pvrrtBJI=
X-OriginatorOrg: btconnect.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7d26ead8-15f0-479f-846f-08da29ba8f74
X-MS-Exchange-CrossTenant-AuthSource: VI1PR07MB6704.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Apr 2022 08:30:47.7685 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: cf8853ed-96e5-465b-9185-806bfe185e30
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: N18k5322QeKr44yBD1fe5ZQowa81eJoIa3NwS03J9tDdBxKcyq7UF3h0T98wQo+SG0QAgBA53dshpFCUyZB/8A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR07MB5849
Archived-At: <https://mailarchive.ietf.org/arch/msg/kitten/7nJdQ0wnWltxd3Wnw-ueGSRWskw>
Subject: Re: [kitten] Status update on draft-ietf-kitten-tls-channel-bindings-for-tls13-15
X-BeenThere: kitten@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Common Authentication Technologies - Next Generation <kitten.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/kitten>, <mailto:kitten-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/kitten/>
List-Post: <mailto:kitten@ietf.org>
List-Help: <mailto:kitten-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/kitten>, <mailto:kitten-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Apr 2022 08:30:53 -0000

On 28/04/2022 17:23, Benjamin Kaduk wrote:
> Hi Tom,
>
> On Thu, Apr 28, 2022 at 05:11:30PM +0100, tom petch wrote:
>> On 26/04/2022 17:35, Alexey Melnikov wrote:
>>> On 25/04/2022 16:34, Paul Wouters wrote:
>>>> i am confused how an Updates: call is depending on consensus. either
>>>> it updates something said in that document or it doesn't.
>>>>
>>>> in theory this cannot be a subjective call?
>>>
>>> The shortish version of the argument is as follows:
>>>
>>> 1) The desire to include "Updates: RFC 8446" header in
>>> draft-ietf-kitten-tls-channel-bindings-for-tls13-15 is to make the new
>>> TLS 1.3 channel binding "tls-exporter" be discoverable by SASL/GSSAPI
>>> implementors.
>>>
>>> 2) "Updates" header is typically used to make implementors of the
>>> updated RFC be aware of important fixes (in particular changes in
>>> behavior) or mandatory extensions. In the past it was sometimes used by
>>> optional extensions, but this practice is not generally supported now.
>>>
>>> 3) TLS WG now uses higher bar for other documents to include "Updates:
>>> RFC 8446". Optional extensions (such as
>>> draft-ietf-kitten-tls-channel-bindings-for-tls13-15) don't meet this bar.
>>>
>>> 4) draft-ietf-kitten-tls-channel-bindings-for-tls13-15 doesn't define a
>>> mandatory-to-implement extension for TLS 1.3 implementations. Because of
>>> 2) and 3) it must not include "Updates: RFC 8446". Additionally,
>>> implementors can discover this extension through a) IANA registry of
>>> channel bindings or b) through Updates: 5801 (SCRAM) or Updates: 5929
>>> (Channel Bindings for TLS). RFC 5801 is the most likely reason why
>>> people would implement any TLS channel binding in the first place.
>>
>> Alexey
>>
>> My initial reaction was that you were spot on but re-reading the I-D and
>> RFC, the problem is that RFC8446 says that there are no channel bindings
>> which is rather off-putting.  If it had said 'at this time' 'for future
>> study' or some such then I would not see a problem.  It is the somewhat
>> dogmatic 'are not defined for TLS1.3' that I think will mislead people
>> and warrants an update.
>
> Could you please clarify where you see RFC 8446 saying "there are no
> channel bindings"?  I thought it said that the previously defined channel
> binding types are not defined, but actually encouraged future work to
> explore the use of TLS-Exporter values as channel bindings (which this I-D
> does).  (I cound five instances of the phrase "channel binding" or "channel
> bindings" in RFC 8446, easiest to search for "binding" which has ten
> occurences, and have reviewed all five.)


Ben

I am looking at C.5 'the channel bindings described in RFC5929 are not 
defined for TLS 1.3'.

That comes across to me as negative, no hint that they can be in future. 
  TLS1.3 makes a number of things impossible, compared to TLS1.2, as 
anyone who has followed the TLS list will know so for me, that statement 
has undertones of 'and they cannot or will not be because we do not 
think that they should be'.  Those words are not there, of course, but 
that has been the message on the TLS WG list about a number of valuable 
features of TLS1.2 so anyone who has tracked the development of what is 
now TLS1.3, ab initio, may well read such a meaning into them.

I was plesantly surprised when a channel bindings for TLS1.3 I-D 
appeared but not surprised that the work has not been carried out on the 
TLS WG list, the logical home for it IMHO.

Tom Petch



>
>> Perhaps an Erratum for RFC8446 would do the trick.
>
> I don't think so, as I do not see a statement in RFC 8446 that was an error
> at the time of publication.
>
> Thanks,
>
> Ben
> .
>

v2.23.0 | Report a Bug | By Email