Re: [lamps] Call for adoption of draft-becker-guthrie-cert-binding-for-multi-auth-02

"aebecke@uwe.nsa.gov" <aebecke@uwe.nsa.gov> Tue, 10 January 2023 17:38 UTC

Return-Path: <aebecke@uwe.nsa.gov>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 27436C09C931 for <spasm@ietfa.amsl.com>; Tue, 10 Jan 2023 09:38:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_GOV_DKIM_AU=-0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=uwe.nsa.gov
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CG0so4wFE_D1 for <spasm@ietfa.amsl.com>; Tue, 10 Jan 2023 09:38:10 -0800 (PST)
Received: from GCC02-BL0-obe.outbound.protection.outlook.com (mail-bl0gcc02on2064.outbound.protection.outlook.com [40.107.89.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 81D2AC09C940 for <spasm@ietf.org>; Tue, 10 Jan 2023 09:37:36 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lbIubDHe8B1ADN+U1bVBWnY3ks8u9aLftN8jUBhl/0V3j6U4/e3zzqwSKqIT8+e0PgSRMMFiyvfHk3pBYJoMIWU/croZ6Jym1KIP5xYXSP1ljtUMt5INWJOWp9N66tR5ZLVrh2mIKdKJ17ou1HuIM5ZPEwH+6hxRVur2qNP+ZTeHHTnGc0VYeFCVKWKy+XAn+Q/pwzAPlbcwXaWo0/JNC9DvGvGRuMIZRAADimBnGQjE0Yfohoc+wLddULeDusaVmgNQGwQDPkE4D1T1GBilXUXtJHTeABZvZnOLqm6QFAV1LGrpdiFeSpNpXDG0vdlU+f3stRUMKPdN4GdiYANxpw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=alGBZobNMopyIerEeLX/6fsXCDvaDgfDS9tm6ZbNMGA=; b=Wz+u1J+tBRKWzL7XNCXqw3mR11rypt6ripk7ui4e3JlKpSw7WxVOSSW+tjx5lIUXxKR5TuwsS/qYvVQQnliBlLYWMTLbuITOy1g1XiepuDwuzEJNroWAg7neG2OOegewk+WOyQPKRSzJ1qKMUs52sRhjDjbBKzWmC8O6ruTiUi7VHw1K/mia4BNMfjFr/XBrtw1wAPbcLJfuXCiWLitlvCZi9XO0oMRew4g6c+ALplyolrOXWYiA95dT/nFE7s0fH1BLF5q4BoZ8BMvFHBJ6cz7maiN9XtmRrvmK1jLee9ZB/Qss8AhlOxgM1EOm9lqXPOT/bxrvIwwV0OMCUqplHA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=uwe.nsa.gov; dmarc=pass action=none header.from=uwe.nsa.gov; dkim=pass header.d=uwe.nsa.gov; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uwe.nsa.gov; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=alGBZobNMopyIerEeLX/6fsXCDvaDgfDS9tm6ZbNMGA=; b=A5f8GggLs5s5aFET3Wty+kBNnzsL3hTl46kym8ElKM7S4JJae/DoUYqW9TOklZ4zPflCVQyYv0hrJevGtbhr7PH+NZOytssSowWtWKL9kMaH29MmzW3pMNnEEl8FOhhueONlpgWtjekySPDYfxalfkeCSpc2LdvWf3LqTp5X4D6vc6p+ZfxlUtnr10uqcud+Is7NyjmOzEoDHm+ML0tEnxx+I9T4fKFim3ULruxJZRjd+DFDuNwVV01We8mloYTkSBTdVC2TdXgmfxbm7xx779BWEVPDYVsfydZCu2OijyUqworl1W5AlI4CgF9Omq3Uj1vttu/buWJ82vd7HEK38g==
Received: from SA0PR09MB7241.namprd09.prod.outlook.com (2603:10b6:806:7a::24) by SA0PR09MB6057.namprd09.prod.outlook.com (2603:10b6:806:78::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5986.18; Tue, 10 Jan 2023 17:37:32 +0000
Received: from SA0PR09MB7241.namprd09.prod.outlook.com ([fe80::971b:6838:1a6f:1f16]) by SA0PR09MB7241.namprd09.prod.outlook.com ([fe80::971b:6838:1a6f:1f16%4]) with mapi id 15.20.5944.019; Tue, 10 Jan 2023 17:37:31 +0000
From: "aebecke@uwe.nsa.gov" <aebecke@uwe.nsa.gov>
To: "Kampanakis, Panos" <kpanos=40amazon.com@dmarc.ietf.org>, Russ Housley <housley@vigilsec.com>, LAMPS <spasm@ietf.org>
Thread-Topic: [lamps] Call for adoption of draft-becker-guthrie-cert-binding-for-multi-auth-02
Thread-Index: AQHZIVnAde1UVPtTwEaD1/eHWO3nEK6QvH2AgAc0x9U=
Date: Tue, 10 Jan 2023 17:37:31 +0000
Message-ID: <SA0PR09MB72412D6BBBC556716B5FBDEDF1FF9@SA0PR09MB7241.namprd09.prod.outlook.com>
References: <PH0PR00MB10003EC6A096FE0A363BBFB9F5459@PH0PR00MB1000.namprd00.prod.outlook.com> <PH0PR00MB10002A7A2850A1333B4F6C00F54A9@PH0PR00MB1000.namprd00.prod.outlook.com> <35BEB1D9-7EA5-4CD4-BADA-88CCB0E9E8F9@vigilsec.com> <6FB4E76C-0AFD-4D00-B0FC-63F244510530@vigilsec.com> <bd5a491c78c8406b8de6414aff4f5223@amazon.com>
In-Reply-To: <bd5a491c78c8406b8de6414aff4f5223@amazon.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=uwe.nsa.gov;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: SA0PR09MB7241:EE_|SA0PR09MB6057:EE_
x-ms-office365-filtering-correlation-id: 804c67c5-5964-4eb9-74aa-08daf3315a32
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: A/q1sNa4SstHX1aWQpyeQEttYOoZ1Fu8NjiknFthkz0E6WcsOj1YHK1Y9k2pug3EZOyTtHpPgI0pdDTDqA9EwjgKSLW5Sw3mI3vhbQV3k0BD5l1Y4fDXa0tOfJmjTcbKDLxTL5nAnTt6Ubc8cuclnOoLYQ+LvS/VVJJUsaNp7NyrYE9FCfyaKE96orUkqwBKPbhRyibCunFUGB2I05FAvwlI6eOQhiFhuYQ9fWFmwtrkwnnSGIK3pHyQsnWLDT6bq3U6vG0245C21W5MySxAGaIyECAzdafRa/9J/rIyRrOvMmrXV03WWtch9gclWH8xWrc7fVOC1umqnNWbDas9aYnd0BsoOTgTJwJK47D+FqZJzTOr8GW1JBxIwRr09n1zPoKZggSXAAI6DsCPRlNeBicuOzK8AdFhODi4Ai7ArkJCR2FxCWwK4rYYV8KMsa6qZNtKxYX0K8fEyD2Ifvmu/I7uMVEuqpjcLRyUc4kgP87M190EDz9X/BmJU94CoYTGog/9D2LrAI4Wd8eWNiA0eRcuhE9QpzeRwNmk/AUqb/S3LbLX8ITShyOXSEZO3sFKOS5AUDHOKK6Npp5Dw9R07BEz9BiW3zlRv3QHNOGy0OAd0G61j3oZpxDU4Av62iLwgsHDsP1U30U+WuABkl853u2AZZN1bWR/N1+QrqQB+B8DojrWqK+5GIUqCDjL/fxHn/sOMT10Jj5EQKVaKxSsYAyqr8RjYzMB5K3Mq+hh8hQ=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SA0PR09MB7241.namprd09.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(136003)(366004)(396003)(39830400003)(451199015)(186003)(53546011)(122000001)(52536014)(8936002)(6506007)(55016003)(41320700001)(9686003)(7696005)(66946007)(5660300002)(33656002)(66446008)(66556008)(66476007)(64756008)(45080400002)(91956017)(166002)(966005)(38070700005)(86362001)(71200400001)(76116006)(38100700002)(82960400001)(508600001)(41300700001)(8676002)(110136005)(83380400001)(19627405001)(66574015)(2906002); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: PP5pGFt5K8DDMLH6Qzt6zK4uvAPZHKeYISsj0n7qO4WBr38Xc7g2inbARbWyUI02rIjLJGGfwMY8aY3wgTDNgDswFAWOu+W9B9Dn/Ghgv5zl6wUeRWvAH/6537by6QCLtkUM7f/i3Adq2PqJmgKQWgDPcvsvNN0gVR0xZglPB1mCz7UoqzSlCUgThL4FWWU76god3vcJVc8Y/vBXW2F7oQcJsrbrBUtPiKC6/xXhoX5bek28u0YBO/kcKTgm21yURXYEFZxCxWBD4L08LjVTZfLptofLQVm4hJBQlUBV2iUWpU4LBm1e2Vge7x6oYnDsXMa+4Xqxat++suIZkCdr9Wu2CduXJfSCop9KkvoEqsSmgnd4kcoGAsPbbV5lho1DyxAgIdQUcElQvX0QNZKw4tqk8CapDv0yEgWlNlJz9dnhV5614IpGIh1JkA+p5Vh3UMGG15chhD6cPRuC95QIvb0RdDMhERMGnbwPeuBmgHw3/XxWbEioMb5o/uNUWeAEI8K/c7DpXjF3UdIBUGi5yqdUkYcJT3bkEBy9zyqyxzk+K8FgioWcfxXytFXUEnnLNYvjdXqw5Tcn7T05vTOCRJ3wR2nB3dCOEizzqoP1axal5DM3ObDH67YYIOpgoby/4h8NwdKrpq/BYiKcdVimT4iuQ7OO7ZKDlvkqqTNWZJaDdRLWIXveSNd1qEC32bkRjQlg6UWg+fUsPSugsg882bV8bwrOLkpcCiysUkUrmhHzyNAEqVDnrrYuivRzQGOOJk9YT2lnvf+DcPLpF1JCpWwPgbpd4/bnDIS3e86o492aPn5Q7gfV6d7Zo7MyDRckBXFLwkfF6LbSo11xhzosgsnd6dDfsoejOOyP1X9FS0TSJ3N1lUPfUPoHY5UwTcuZjp1oiK/NdC4pcMhGcGAhBdfl6Fgf8SN4bbZH5+ASeGSK5Cw8VUKLWp+vC8a+QqceqzHGxMmsZjniF9ZR4GoYXSmfuMfCbmVFVzpe+st7QY2PE9sCmzdreVexvQSG8BwRP9+CAldelG6ASL82ImzbGwpMrk+nABrIXLKHGPCIOGAEJewBXcF4aBlUmNpBpYy1rvUgDwJA+ECVJhRlERTzt9nbqYd6D6tUcuWWaVXOzPhZohCSVbe/ejYXiSuE/a68xU0Z+ntR1l5Xkyj3VPt5xzOVV05PggLWG95zlbzIgDK+4hVKsIdPCNCJdJ0EAnYbAyaA3O+L9JMKO4Ge9Y3notgpAkGwvyqWYrwAixkAMrc++Sa30XMTDc9buA5WWQigvvsOif5RN87HzDz+pidpwHAr42Dxu67Tcx58aDAu56PnuS3hfd0mOhRmm9kY/GEqV18lO5djCepDh5tCOUB16+W1KHa1iaf1c87iFX4vuRwYpSiLT4xo+11oY72h8ijLZ8/A2oYUmUJNy1OgMK+kQtsIf7Bfx5fjzOnqMx31T0w+Aq8R5SAbKB7OH/StUN9RrCutP/mzJdz2DPyw0aeIQVwW0NXoeRa7g7FxaqrhT+KaDdBkJOJTDUyF6znJrlcIasGd8K3MeLxOhbPORr3ojWAM5aVZlxPYoFmYJX+zbA+DG0+JNIjhp4hCjlad/Xlj94uX8ly18dqGGE4letkRccQO+jnSzkh+a6P4CIF9d4bg5cwdspiYQYZgs8VPo/vt
Content-Type: multipart/alternative; boundary="_000_SA0PR09MB72412D6BBBC556716B5FBDEDF1FF9SA0PR09MB7241namp_"
MIME-Version: 1.0
X-OriginatorOrg: uwe.nsa.gov
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SA0PR09MB7241.namprd09.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 804c67c5-5964-4eb9-74aa-08daf3315a32
X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Jan 2023 17:37:31.7924 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d61e9a6f-fc16-4f84-8a3e-6eeff33e136b
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA0PR09MB6057
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/-YpYr03vUXvt_5QERPbEigAxrMw>
Subject: Re: [lamps] Call for adoption of draft-becker-guthrie-cert-binding-for-multi-auth-02
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Jan 2023 17:38:15 -0000

Hi Panos,
  Thanks for the comments. It is not always the case that SANs will unambiguously identify a certificate, as they are not globally unique. Especially in the case that may arise in which a different CA has issued a related certificate, we want to provide strong assurance that the certificate is under the control of the correct end-entity. Matching names depends on mapping the namespaces of the issuers (which may suffice for discovery); our draft provides the existing (traditional) PoP nested in the new (PQC) PoP, which we think provides more assurance.

Cheers,
Alie

----
________________________________
From: Spasm <spasm-bounces@ietf.org> on behalf of Kampanakis, Panos <kpanos=40amazon.com@dmarc.ietf.org>
Sent: Thursday, January 5, 2023 9:33 PM
To: Russ Housley <housley@vigilsec.com>; LAMPS <spasm@ietf.org>
Subject: Re: [lamps] Call for adoption of draft-becker-guthrie-cert-binding-for-multi-auth-02

My previous objections and concerns have not been addressed, but maybe I had misunderstood the spirit of the draft. So let me repeat the last, most important, question after Mike's presentation of the draft in IETF-115.

It seems that the draft just wants to provide an extension that says cert A and cert B are related and owned by the same entity and allow a CSR to prove that the requester of Cert B also owns the private key for Cert A. In other words the flow would work as:
- Entity X generates a CSR for CertA and proves it owns the private key for A. The issuer generates CertA after verifying the ownership of private key A and the identity of X.
- Entity X generates a CSR for CertB which is related to CertA and proves it owns the private key for A and B. The issuer generates CertB (related-to-CertA) after verifying the ownership of private keys A and B and the identity of X.
- Entity X owns CertA and CertB which it uses to be authenticated in protocol Y. The protocol Y verifier gets CertA and CertB, it verifies the peer owns the private key for CertA, CertB and it confirms it trusts these certs were issued for Entity X.

Now let's forget the draft and say we do not use a new X.509 or CSR extension. And let's say the flow now works as
- Entity X generates a CSR for CertA and proves it owns the private key for A. The issuer generates CertA after verifying the ownership of private key A and the identity of X.
- Entity X generates a CSR for CertB and proves it owns the private key for B. The issuer generates CertB after verifying the ownership of private key B and the identity of X.
- Entity X owns CertA and CertB which it uses to be authenticated in protocol Y. The protocol Y verifier gets CertA and CertB, it verifies the peer owns the private key for CertA, CertB and it confirms it trusts BOTH of these certs were issued for the same entity Entity X.

Why is the former flow better over the latter? In other words, if CertA and CertB were issued separately, why could the verifier not just use the Subject Name or SANs to confirm the certs relationship while verifying?



-----Original Message-----
From: Spasm <spasm-bounces@ietf.org> On Behalf Of Russ Housley
Sent: Thursday, January 5, 2023 6:02 PM
To: LAMPS <spasm@ietf.org>
Subject: [EXTERNAL] [lamps] Call for adoption of draft-becker-guthrie-cert-binding-for-multi-auth-02

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.



Do the changes that were made in -02 of the Internet-Draft resolve the concerns that were previously raised?

On behalf of the LAMPS WG Chairs,
Russ


> On Sep 15, 2022, at 11:44 AM, Russ Housley <housley@vigilsec.com> wrote:
>
> There has been some discussion of https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-becker-guthrie-cert-binding-for-multi-auth%2F&data=05%7C01%7Caebecke%40uwe.nsa.gov%7Cd4dd908b5872439f1f0408daef96c7fd%7Cd61e9a6ffc164f848a3e6eeff33e136b%7C0%7C0%7C638085728259980926%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000%7C%7C%7C&sdata=nVzReEXbWrb8sHQPdGWv9G95WoP1GiKdjlHZP6DesmA%3D&reserved=0.  During the discussion at IETF 114, we agree to have a call for adoption of this document.
>
> Should the LAMPS WG adopt “Related Certificates for Use in Multiple Authentications within a Protocol” indraft-becker-guthrie-cert-binding-for-multi-auth-01?
>
> Please reply to this message by Friday, 30 September 2022 to voice your support or opposition to adoption.
>
> On behalf of the LAMPS WG Chairs,
> Russ
>

_______________________________________________
Spasm mailing list
Spasm@ietf.org
https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fspasm&data=05%7C01%7Caebecke%40uwe.nsa.gov%7Cd4dd908b5872439f1f0408daef96c7fd%7Cd61e9a6ffc164f848a3e6eeff33e136b%7C0%7C0%7C638085728259980926%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000%7C%7C%7C&sdata=qkCBqRILB587BacZgK9AHy6kqqQmfrTGeqv9dqm1RXg%3D&reserved=0
_______________________________________________
Spasm mailing list
Spasm@ietf.org
https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fspasm&data=05%7C01%7Caebecke%40uwe.nsa.gov%7Cd4dd908b5872439f1f0408daef96c7fd%7Cd61e9a6ffc164f848a3e6eeff33e136b%7C0%7C0%7C638085728259980926%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C2000%7C%7C%7C&sdata=qkCBqRILB587BacZgK9AHy6kqqQmfrTGeqv9dqm1RXg%3D&reserved=0