IETF Logo Mail Archive

Re: [Secdispatch] Requesting agenda time for draft-vaughn-tlstm-update

Kenneth Vaughn <kvaughn@trevilon.com> Wed, 04 August 2021 17:56 UTC

Return-Path: <kvaughn@trevilon.com>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4FDF03A0E30 for <secdispatch@ietfa.amsl.com>; Wed, 4 Aug 2021 10:56:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (768-bit key) header.d=trevilon.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hx1W-8BaSs_V for <secdispatch@ietfa.amsl.com>; Wed, 4 Aug 2021 10:56:46 -0700 (PDT)
Received: from tre.trevilon.com (tre.trevilon.com [198.57.226.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABDB33A0E29 for <secdispatch@ietf.org>; Wed, 4 Aug 2021 10:56:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=trevilon.com; s=default; h=References:To:Cc:In-Reply-To:Date:Subject: Mime-Version:Content-Type:Message-Id:From:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=5TqQmcnXOWtC7IzVpgGQiJ7vQGIUphCfZQvpUnrTWJ8=; b=jU+7nUp+tgcvgUhp47Mx/IvxNx LUQPFmQEplYfNX+CeXdAtAELakGm6iDgixC5Qk6fmgflbZ/Z8mF6PxMihBX+S0Kd9HnMe3XSjBLEn qDow3xreT+xML8GdkT8cSmJwl;
Received: from [92.119.18.40] (port=56453 helo=smtpclient.apple) by tre.trevilon.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <kvaughn@trevilon.com>) id 1mBL8H-0004Wt-2K; Wed, 04 Aug 2021 17:56:45 +0000
From: Kenneth Vaughn <kvaughn@trevilon.com>
Message-Id: <6CB9CF84-CF11-4386-A790-8FD9FCC0E0AD@trevilon.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_90F9FE0C-13BC-41D2-B22E-4007CF8C365F"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.100.0.2.22\))
Date: Wed, 4 Aug 2021 12:56:43 -0500
In-Reply-To: <CABcZeBNhD1KwndZhRB7Qvho6ubycu+6EbvOYBM1tp5gEM5crOg@mail.gmail.com>
Cc: IETF SecDispatch <secdispatch@ietf.org>
To: Eric Rescorla <ekr@rtfm.com>
References: <E01AA1FF-B905-4635-9174-518294AFF2A2@trevilon.com> <CABcZeBNhD1KwndZhRB7Qvho6ubycu+6EbvOYBM1tp5gEM5crOg@mail.gmail.com>
X-Mailer: Apple Mail (2.3654.100.0.2.22)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - tre.trevilon.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - trevilon.com
X-Get-Message-Sender-Via: tre.trevilon.com: authenticated_id: kvaughn@trevilon.com
X-Authenticated-Sender: tre.trevilon.com: kvaughn@trevilon.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/H2iScHVZlinvcWjGV3NfpfLfHcI>
Subject: Re: [Secdispatch] Requesting agenda time for draft-vaughn-tlstm-update
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Aug 2021 17:56:52 -0000

Correct, TLS 1.2 provided separate one octet identifiers for the hash and signature algorithm. TLS 1.3 replaces the two identifiers with a single, two-octet cipher suite identifier that indicates a unique combination of hash and signature algorithm. The former method provided for 255 hash algorithms and 255 signature algorithms - apparently, it was determined that some combinations did not make sense so the values were combined - meaning all 65535 values can be assigned to meaningful combinations but also meaning that we can no longer assume that the first octet uniquely identifies the hash algorithm by itself.

If the IANA continues to maintain the TLS 1.2 hash algorithm registry, I agree that there could be an easier fix for RFC 6353; but there does not seem to be any guarantee at present that this will happen as TLS 1.2 ages. This results in two possible paths forward:

Option 1 is that we require the IANA to continue the maintenance of the 1.2 registry AND we create an update to RFC 6353 that clarifies that the 1.2 hash algorithm registry should still be used for the fingerprint, even when using TLS 1.3 (the update is needed as the mapping for 1.3 is ambiguous otherwise) OR 

Option 2 is that we update RFC 6353 with a new fingerprint algorithm that uses the 1.3 registry (and then there is no additional requirement on IANA)


Our proposal was based on the concept that, if we are updating RFC 6353 anyway, we might as well decrease long-term maintenance issues for IANA (but recognizing that this is a bigger change on the standard and on implementations). But I agree that the work load could be shifted to IANA, which would simplify other issues. What is important is that we reach consensus on the approach to be followed and document the decision so that it is unambiguous. It's largely a question of who has to do the work.



Regards,
Ken Vaughn

Trevilon LLC
6606 FM 1488 RD #148-503
Magnolia, TX 77354
+1-936-647-1910
+1-571-331-5670 cell
kvaughn@trevilon.com
www.trevilon.com

> On Aug 4, 2021, at 12:01 PM, Eric Rescorla <ekr@rtfm.com> wrote:
> 
> Hi folks,
> 
> I'm trying to follow the change in S 2.1 about the TLSTM fingerprint.
> 
> In TLS 1.2, one represented signature algorithms as:
> 
>       struct {
>             HashAlgorithm hash;
>             SignatureAlgorithm signature;
>       } SignatureAndHashAlgorithm;
> 
> We found in TLS 1.3 that it was not really possible to mix-and-match
> them and so changed this to a two-byte SignatureScheme that represented
> the pair of hash and algorithm as well as any other values but without
> any other internal structure. E.g.,
> 
>           rsa_pss_pss_sha256(0x0809),
> 
> As I understand it, 6353 used the TLS 1.2 HashAlgorithm identifier to
> indicate which hash was used to make a fingerprint, and you're changing
> this because TLS 1.3 deprecated this field? If so, I don't think this
> is necessary: you're not referring to anything in TLS, you're just
> reusing the code point. So, I would probably not make any change
> here.
> 
> -Ekr
> 
> 
> 
> 
> 
> On Sun, Jun 27, 2021 at 7:31 PM Kenneth Vaughn <kvaughn@trevilon.com <mailto:kvaughn@trevilon.com>> wrote:
> I would like to present https://datatracker.ietf.org/doc/draft-vaughn-tlstm-update-01/ <https://datatracker.ietf.org/doc/draft-vaughn-tlstm-update-01/>, a new version of the proposed update of RFC 6353 (TLSTM). Based on feedback from this group, and the recent IETF decision to finalize DTLS, the ITS community decided to keep support for DTLS in the update. The result of that decision was to reverse a number of changes in the text and it made more sense to write the proposed new version 01 as an update to RFC 6353 rather than a replacement of RFC 6353. The result is a shorter document where the changes are more evident.
> I would like to request 10-15 minutes at IETF meeting of the Security Dispatch group to discuss the possibility of launching an effort to continue the development of this document as an official IETF document.
> Regards,
> Ken Vaughn
> 
> Trevilon LLC
> 6606 FM 1488 RD #148-503
> Magnolia, TX 77354
> +1-936-647-1910
> +1-571-331-5670 cell
> kvaughn@trevilon.com <mailto:kvaughn@trevilon.com>
> www.trevilon.com <http://www.trevilon.com/>
> _______________________________________________
> Secdispatch mailing list
> Secdispatch@ietf.org <mailto:Secdispatch@ietf.org>
> https://www.ietf.org/mailman/listinfo/secdispatch <https://www.ietf.org/mailman/listinfo/secdispatch>

v2.8.7 | Report a Bug | By Email