IETF Logo Mail Archive

Re: [pkix] Registration of a new sAN:otherName (NAIRealm)

mrex@sap.com (Martin Rex) Fri, 05 July 2013 22:57 UTC

Return-Path: <mrex@sap.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6759121F9EB5 for <pkix@ietfa.amsl.com>; Fri, 5 Jul 2013 15:57:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.679
X-Spam-Level:
X-Spam-Status: No, score=-9.679 tagged_above=-999 required=5 tests=[AWL=-0.030, BAYES_00=-2.599, HELO_EQ_DE=0.35, J_CHICKENPOX_39=0.6, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q0Jy5DX1rO7D for <pkix@ietfa.amsl.com>; Fri, 5 Jul 2013 15:56:59 -0700 (PDT)
Received: from smtpde01.sap-ag.de (smtpde01.sap-ag.de [155.56.68.170]) by ietfa.amsl.com (Postfix) with ESMTP id 054CD21F9E9E for <pkix@ietf.org>; Fri, 5 Jul 2013 15:56:58 -0700 (PDT)
Received: from mail05.wdf.sap.corp by smtpde01.sap-ag.de (26) with ESMTP id r65MulZ9014600 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sat, 6 Jul 2013 00:56:48 +0200 (MEST)
In-Reply-To: <009001ce79c7$62c69f80$2853de80$@augustcellars.com>
To: Jim Schaad <ietf@augustcellars.com>
Date: Sat, 06 Jul 2013 00:56:47 +0200
X-Mailer: ELM [version 2.4ME+ PL125 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20130705225647.D5D251A881@ld9781.wdf.sap.corp>
From: mrex@sap.com
X-SAP: out
Cc: pkix@ietf.org
Subject: Re: [pkix] Registration of a new sAN:otherName (NAIRealm)
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: mrex@sap.com
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Jul 2013 22:57:03 -0000

Jim Schaad wrote:
> 
> > >
> > > The section numbers are still the same. There is one change in content:
> > > It's not an IA5String but a UTF8String. The value in the cert needs to
> > > be compared with the NAI realm; and that realm is itself UTF-8. So to
> > > enable byte-by-byte comparison of non-ASCII realms, it's got to be
> > > UTF8String.
> > 
> > Uh-oh!
> > 
> > Comparisons for the purpose of authentication (or endpoint identification)
> > require clear and strict canonicalization and comparison rules (e.g. case-
> > sensitivity).
> 
> In this case the ramifications are being considered in the document
> describing NAIs (http://datatracker.ietf.org/doc/draft-ietf-radext-nai/) and
> we have been beating this issue around for a long time.


The draft you mention properly describes the underlying problem:

                                                  We RECOMMEND that the
   owner of the realm pre-provision all proxies with the "utf8-realm"
   portion of the NAI, along with the value returned from passing the
   "utf8-realm" to the ToAscii function.  This key-value pair can then
   be placed into the logical AAA routing table discussed above.  Having
   only one entity perform the ToAscii function ensures that the result
   returned by that function are considered as canonical by all other
   participants in a AAA network.


For the TLS extension ServerNameIndication this means, that
the certifcate (sAN-DNSName) *MUST* contain the A-label
(which is also necessary since it is limited to IA5String),
and the TLS extension SNI conveys the A-label, and the Server
does a binary matching of the server name conveyed through
TLSextSNI to the DNSName-sANs of his server certificates.

In the TLSextSNI scenario, the "only one entity" doing the ToAscii
is the TLS Client (more likely the application caller on top of it),
so that what the client will use to perform ServerEndpointIdentification
with the Server's Certificate is the exact same A-Label that is sent
in TLSextSNI and the exact same A-Label that the server uses for
choosing the most appropriate server certificate.


Admittedly, I haven't check this draft, but storing an
UTF8String in a certificate sAN is very likely to cause multiple
independent entities having to compare user input to that sAN,
and the trouble-maker that the above paragraph warns about.


-Martin

v2.23.0 | Report a Bug | By Email