[lamps] draft-ietf-lamps-lightweight-cmp-profile-05 concern
Nick Lamb <njl@tlrmx.org> Tue, 16 March 2021 16:19 UTC
Return-Path: <njl@tlrmx.org>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E85AC3A12F6 for <spasm@ietfa.amsl.com>; Tue, 16 Mar 2021 09:19:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=tlrmx.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b3no_uPO4xrO for <spasm@ietfa.amsl.com>; Tue, 16 Mar 2021 09:19:46 -0700 (PDT)
Received: from bumble.birch.relay.mailchannels.net (bumble.birch.relay.mailchannels.net [23.83.209.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9CB673A12F4 for <spasm@ietf.org>; Tue, 16 Mar 2021 09:19:44 -0700 (PDT)
X-Sender-Id: dreamhost|x-authsender|njl@tlrmx.org
Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 1A7FD343945; Tue, 16 Mar 2021 16:19:41 +0000 (UTC)
Received: from pdx1-sub0-mail-a4.g.dreamhost.com (100-96-17-75.trex.outbound.svc.cluster.local [100.96.17.75]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id A027C3438AD; Tue, 16 Mar 2021 16:19:40 +0000 (UTC)
X-Sender-Id: dreamhost|x-authsender|njl@tlrmx.org
Received: from pdx1-sub0-mail-a4.g.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384) by 100.96.17.75 (trex/6.1.1); Tue, 16 Mar 2021 16:19:41 +0000
X-MC-Relay: Neutral
X-MailChannels-SenderId: dreamhost|x-authsender|njl@tlrmx.org
X-MailChannels-Auth-Id: dreamhost
X-Spill-Bored: 702e59ba5a77d88e_1615911580874_3289690823
X-MC-Loop-Signature: 1615911580874:4158417311
X-MC-Ingress-Time: 1615911580874
Received: from pdx1-sub0-mail-a4.g.dreamhost.com (localhost [127.0.0.1]) by pdx1-sub0-mail-a4.g.dreamhost.com (Postfix) with ESMTP id 491A67EEF0; Tue, 16 Mar 2021 09:19:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=tlrmx.org; h=date:from:to :subject:message-id:mime-version:content-type :content-transfer-encoding; s=tlrmx.org; bh=+pYI15BEL3ThedpVX19u 8SFP5sA=; b=ECZSHt5Il3KzszGF697g4ieqSWOEr284/LcoR6JReY7qvkTzMyCC vlBI3oGevAMs8m/hg9cNgHfdc6CCt9wb+bN+BmzMY/gLo7aIEYC/aNNR53znN2Lq 2ara6L4btb2cKuM6sktOitXBy7NJe+WzcD2Q3J/oIs4n3AHLUalL8/E=
Received: from totoro.tlrmx.org (124.89.2.81.in-addr.arpa [81.2.89.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: njl@tlrmx.org) by pdx1-sub0-mail-a4.g.dreamhost.com (Postfix) with ESMTPSA id 5D3417E65E; Tue, 16 Mar 2021 09:19:37 -0700 (PDT)
Date: Tue, 16 Mar 2021 16:19:32 +0000
X-DH-BACKEND: pdx1-sub0-mail-a4
From: Nick Lamb <njl@tlrmx.org>
To: hendrik.brockhaus@siemens.com, spasm@ietf.org
Message-ID: <20210316161932.6e2d2075@totoro.tlrmx.org>
X-Mailer: Claws Mail 3.17.8 (GTK+ 2.24.33; x86_64-redhat-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/AH2JZ0ClE7KkZ2MWK8KEBd32NUk>
X-Mailman-Approved-At: Wed, 17 Mar 2021 08:01:48 -0700
Subject: [lamps] draft-ietf-lamps-lightweight-cmp-profile-05 concern
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Mar 2021 16:19:48 -0000
Hi I am not a LAMPS working group member, but I watched a video of the presentation of this ID at IETF 110 on Youtube. I noted with concern that the presenter suggests TLS 1.3's PSK modes are suitable for use with a password. This is _explicitly_ not the case. To quote RFC 8446: "Deriving a shared secret from a password or other low-entropy sources is not secure. A low-entropy secret, or password, is subject to dictionary attacks based on the PSK binder. The specified PSK authentication is not a strong password-based authenticated key exchange even when used with Diffie-Hellman key establishment." If CMP or LAMPS generally needs a way to use passwords to authenticate TLS it's worth reaching out to the TLS WG to ask them what you should do here, or contrariwise if this profile for CMP is to use PSKs it should likewise make explicit that you must not use passwords and similar human memorable low-entropy secrets. Nick.
- [lamps] draft-ietf-lamps-lightweight-cmp-profile-… Nick Lamb
- Re: [lamps] [EXTERNAL] draft-ietf-lamps-lightweig… Mike Ounsworth
- Re: [lamps] [EXTERNAL] draft-ietf-lamps-lightweig… Scott Fluhrer (sfluhrer)
- Re: [lamps] draft-ietf-lamps-lightweight-cmp-prof… Nick Lamb
- Re: [lamps] [EXTERNAL] draft-ietf-lamps-lightweig… Nick Lamb
- Re: [lamps] [EXTERNAL] Re: draft-ietf-lamps-light… Mike Ounsworth
- Re: [lamps] [EXTERNAL] draft-ietf-lamps-lightweig… Mike Ounsworth