Re: [Secdispatch] Agenda time request: DANE for IOT security
Martin Thomson <mt@lowentropy.net> Mon, 16 November 2020 04:35 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A46C3A12B9 for <secdispatch@ietfa.amsl.com>; Sun, 15 Nov 2020 20:35:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=rdf7zpHS; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=blHemurq
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Jy9pZSxn3HsI for <secdispatch@ietfa.amsl.com>; Sun, 15 Nov 2020 20:35:49 -0800 (PST)
Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com [64.147.123.21]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB9893A12BC for <secdispatch@ietf.org>; Sun, 15 Nov 2020 20:35:47 -0800 (PST)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id D332B7D8 for <secdispatch@ietf.org>; Sun, 15 Nov 2020 23:35:46 -0500 (EST)
Received: from imap10 ([10.202.2.60]) by compute1.internal (MEProxy); Sun, 15 Nov 2020 23:35:46 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type; s=fm3; bh=CGTiUd2Udn0OV54MeKFujLOXzH9mDt/ gNa5Mz2/URYw=; b=rdf7zpHSvaLAQpbjGz6olnqRsmos/ukpZx6NtHGbDhzbfcm S8DjjOtd+g+p9+144ZapK0tcLNnsrfzk6eyXsihCck5Nru0dchGJU3oZfjxwjnp3 jriYpQ3QXYosKpTr6s1Sb3fWGZt8l1Vng4iNvOc7pZhlb3vd92JNuMstwsG9wthT PhrNPLiZfYkAjr1ra/jXPUXV8oz7xPT5qxDiXf6c930c+TXjk8ZV2VAMVLbfB4q1 ExF9Gew8pPqzCNZcAZLTRg8okuVH7Xkm45KcU++zGmXKZymzwNpkT9fUPAa5lvFS qL0t3+1kEcaQI57ZCkBqA/USuh9bZxyvH+FkasQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=CGTiUd 2Udn0OV54MeKFujLOXzH9mDt/gNa5Mz2/URYw=; b=blHemurqZU0bbUAKqBSKL/ gb6TR8koQXQ934ZHdrgg31gT1ProZw6IBbQRzirIF8EaQlESNlJnbNtnp9T3lpjH Px6emJVQErM2I/4dS9a3EuUTySNZuSJQrQBw3EYn+6CeIrYmKbgKiUqKtLt3Xi8I yFNHYsFIDzqvz55QoJT6AHxVe0xNeIMCddOEJmhIV1kkxMBMJFQgMygLfIqfrVwO r4WWZgWL913ICoxYSWncD+9nvSJBgSCnGvYeGBDAragpZon2LnRrITs++0DLWlDw 9kFytVRidN5lsJHmK2wMj+RdYPdGNevAH3m8R2j4Kh1rwe5zWXFgJqZwV8zPxjWA ==
X-ME-Sender: <xms:ogGyX63cEbwA459GrhXjTE21eG0Pqk76AYUXAA8UjDxyC07ExkRjPg> <xme:ogGyX9F_UN3cqUzIDZ-l-vh2hWBFvD97rFRlsup_G4M4DTfS60oenFdrqgJs7zncM YG7_jwqpBSgP4YBeNI>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrudeftddgjeehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtsehttd ertderredtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhho figvnhhtrhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpefhiedttdeviefhjeejgf evfeeuudfggfekveekheeugeegleevkeevkedthfeuieenucffohhmrghinhepihgvthhf rdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomh epmhhtsehlohifvghnthhrohhphidrnhgvth
X-ME-Proxy: <xmx:ogGyXy6KKJjxBRrnZ3hdD-N1LRy300yvb4RP6bZe9y9QtFMmEm_agg> <xmx:ogGyX72Vs8DUgSxhov-_zBKSVQ9DOHf9zPqZdpPhMhPBlIKMEfMwJg> <xmx:ogGyX9FTfpHCtJvBziLLhM6RAzsr8PPl5gpfLYnz2YxPTe6wCSP9XA> <xmx:ogGyXxRQrjoOkIieIKYs7l3o7_O4b89YtKjMOeHp4bfdTTME16zV9A>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 33AD7200BD; Sun, 15 Nov 2020 23:35:46 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-570-gba0a262-fm-20201106.001-gba0a2623
Mime-Version: 1.0
Message-Id: <99f34f67-c2f8-42fd-8c05-aff2094db6db@beta.fastmail.com>
In-Reply-To: <CAHPuVdUuerC3yr8sRBD5LY=QX6u7T4_4DvTuJ0Yq5jfkjie74A@mail.gmail.com>
References: <CAHPuVdUKVaZfpyg_aLf6--CXTo_24SEq3ju+sm7OWW9L75_R+Q@mail.gmail.com> <CABcZeBOMdqZuh-K9p4rwgKCtOks0RRhCoMKFZ4UUSP=H2RJxnQ@mail.gmail.com> <CAHPuVdUuerC3yr8sRBD5LY=QX6u7T4_4DvTuJ0Yq5jfkjie74A@mail.gmail.com>
Date: Mon, 16 Nov 2020 15:35:27 +1100
From: Martin Thomson <mt@lowentropy.net>
To: secdispatch@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/kQxgrQ8eUoh3lEgXsU9QIIex3to>
Subject: Re: [Secdispatch] Agenda time request: DANE for IOT security
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Nov 2020 04:35:56 -0000
Please DON'T design for extensibility. That is another aspect of the SNI design you don't want. If this fails, get a new extension point. On Sun, Nov 15, 2020, at 14:41, Shumon Huque wrote: > On Sat, Nov 14, 2020 at 8:28 PM Eric Rescorla <ekr@rtfm.com> wrote: > > I have reviewed these drafts. While I don't have any strong opinions about > > whether this technology is a good thing or not. I do have some thoughts about > > the TLS binding. > > Thanks for the review! > > > > > Overall, it's probably not good to try to do the same thing for TLS > > 1.3 and TLS 1.2, given the very different properties of client > > authentication in the two protocols. > > > > In 1.3 the right way to do this is for the server to indicate > > willingness/desire for DANE information in the CertificateRequest and > > the client to answer that in the Certificate. This will automatically > > encrypt the contents of the extension without resort to ECH, just > > as the client's cert is already encrypted. > > > > TLS 1.2 doesn't support ECH nor does it it encrypt the certificate, > > so it seems like ideally we would not support TLS 1.2 at all for > > this extension. Is there a strong need for it? > > Yeah, we're aware the privacy protections can only be achieved > with TLS 1.3. > > My assumption (possibly mistaken) has been that we will need > to support deployed bases of both TLS 1.2 and 1.3. > > However, since this protocol requires code changes in TLS stacks > anyway, perhaps we can mandate TLS 1.3 only, and modify the > protocol according to your suggestion (adding the new protocol > elements to CertificateRequest and Certificate and remove the > need for ECH). > > I'll ponder and chat with some of the potential consumers of this > technology re: TLS 1.2/1.3. > > > > > > > > Your encoding for the extension is not extensible because it does > > not contain a length as well as a type. > > > > struct { > > NameType name_type; > > select (name_type) { > > case host_name: HostName; > > } name; > > } ClientName; > > > > .. > > > > struct { > > ClientName client_name_list<1..2^16-1> > > } ClientNameList; > > > > The issue is that a receiver of an unknown type cannot properly skip > > past it because it doesn't know the length (note that this is a known > > problem in SNI as well). The correct approach is to have the ClientName > > include a length field: > > > > struct { > > NameType name_type; > > uint16 length; // NEW > > select (name_type) { > > case host_name: HostName; > > } name; > > } ClientName; > > > > struct { > > ClientName client_name_list<1..2^16-1> > > } ClientNameList; > > > > Note that this will create a redundant length but that's basically > > just the natural thing for TLS encoding and not really worth > > fixing. > > Thanks for this suggestion. > > It was modelled after SNI, and thus inherited that defect :) > > At the moment, only one name type (and one instance of it) > is supported, so it doesn't really matter. But it is best to design > for extensibility, so I will plan to add the additional length field. > > Shumon. > > _______________________________________________ > Secdispatch mailing list > Secdispatch@ietf.org > https://www.ietf.org/mailman/listinfo/secdispatch >
- [Secdispatch] Agenda time request: DANE for IOT s… Shumon Huque
- Re: [Secdispatch] Agenda time request: DANE for I… Eric Rescorla
- Re: [Secdispatch] Agenda time request: DANE for I… Shumon Huque
- Re: [Secdispatch] Agenda time request: DANE for I… Martin Thomson