IETF Logo Mail Archive

Re: [TLS] New version of the TLS feature draft

Phillip Hallam-Baker <phill@hallambaker.com> Thu, 18 September 2014 11:57 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 395611A019C; Thu, 18 Sep 2014 04:57:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5cPd25dxKy-T; Thu, 18 Sep 2014 04:57:42 -0700 (PDT)
Received: from mail-lb0-x234.google.com (mail-lb0-x234.google.com [IPv6:2a00:1450:4010:c04::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A4ACB1A0162; Thu, 18 Sep 2014 04:57:41 -0700 (PDT)
Received: by mail-lb0-f180.google.com with SMTP id b12so980857lbj.11 for <multiple recipients>; Thu, 18 Sep 2014 04:57:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=am9UFLxq8n7Y7GjP5aIDlJZ0hgF7pWu1TNIxV4czFVk=; b=Wn81gZABmoPziiMitPcWcDLS29hr53hhJ9O55ey/UIqjrYXS/CR71UssRnamy/zksm PKR3QFSxmpVLr1zIJikLU5NH2Nj5wSKJVwvorqG02QpnomvpGqnSDgxfC+lJL6X7iMn6 7jBeNnI/zMIazfWgQDn77HdTs5kRku4ObNNOJyt33dyIGdza6jboOW5/z8b1/3FTZvvF EJS2HckZzyaEsfYp7Vd+ZxVUG3lbqa11F+/bFukmsUXiv56noMFWwhQq/33d88ZIlIta vcQs7fFp2UvAzIbD+qxb3z3ToAWDlelq/ctxJDIKJuDl5CarWHvbBoe+A/cqFm/8rcoq hvWw==
MIME-Version: 1.0
X-Received: by 10.112.13.232 with SMTP id k8mr3614021lbc.81.1411041459821; Thu, 18 Sep 2014 04:57:39 -0700 (PDT)
Sender: hallam@gmail.com
Received: by 10.112.122.51 with HTTP; Thu, 18 Sep 2014 04:57:39 -0700 (PDT)
In-Reply-To: <1411032333.18523.18.camel@dhcp-2-127.brq.redhat.com>
References: <CAMm+Lwis74P+H1tiG+beRwqfejkRUrjwt82OLpPokJ0jRx_S8w@mail.gmail.com> <1409931283.1731.16.camel@dhcp-2-127.brq.redhat.com> <CA+cU71kRu2bWAtBvBCKNL29pvq=Hnj2Mx70yecS8NBTy_Aj=2A@mail.gmail.com> <1411032333.18523.18.camel@dhcp-2-127.brq.redhat.com>
Date: Thu, 18 Sep 2014 07:57:39 -0400
X-Google-Sender-Auth: s1TvmsesBfIKOgTiYAtJhLWlivw
Message-ID: <CAMm+Lwj+n9HVCBToUYeS+FLctq+pTG99i+EeAmtThPq0AyJtvg@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Nikos Mavrogiannopoulos <nmav@redhat.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/-4VSKbYwYsyNQhXPTC4t_Qh5Fh4
X-Mailman-Approved-At: Sun, 21 Sep 2014 19:40:33 -0700
Cc: "pkix@ietf.org" <pkix@ietf.org>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] New version of the TLS feature draft
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Sep 2014 11:57:43 -0000

On Thu, Sep 18, 2014 at 5:25 AM, Nikos Mavrogiannopoulos
<nmav@redhat.com> wrote:
> On Sat, 2014-09-13 at 20:20 -0500, Tom Ritter wrote:
>> On 5 September 2014 10:34, Nikos Mavrogiannopoulos <nmav@redhat.com> wrote:
>> > I don't see how it does close the door. What should the client do if the
>> > server administrator sets up an old version of a valid ocsp staple?
>>
>> Section 3.1.1 specifies "a server MUST return a valid OCSP token".   I
>> would consider an expired ocsp staple to not actually be valid.  I
>> would refer to it as expired, with the implication that the signature
>> is correct, because if it wasn't a person probably would have said
>> that in addition to describing it as expired.
>
> That's pretty sketchy. OCSP responses have a recommended validity
> interval, this is not the same as X.509 certificate expiration. I'm not
> sure what popular browsers do with responses received by the server that
> are outside the validity period, but I would be very surprised if they
> dropped the connection. If in this document it is assumed that responses
> not within the recommended interval should cause a TLS connection
> failure, it should be explicit.

Given that we currently have a situation where the vast majority of
Web browsers are not PKIX compliant and ignore revocation information
completely and Web browsers are only one PKIX application, I don't
think it is appropriate to use a MUST here to direct how invalid
status is handled.

Dropping the connection is only one response that might be appropriate.

For example, if a certificate is presented during an SMPT STARTTLS
upgrade. Do we want to abort the connection if the certificate is
expired or revoked? Well maybe we do but what if we would have
delivered the message without TLS at all.

In the Web browser case we might also be in an opportunistic
encryption situation. We might drop out the security indicator for a
revoked cert in that case.

We can certainly tell the server that if the feature extension is
present the server MUST be in compliance. Because failure to comply is
almost certain to result in a compatibility issue. That compatibility
issue may be less than rejection of the connection but client is in
its rights to do that.

I don't think we can specify compliance requirements on the client. We
can provide the client with information and tell the client how to
interpret is but we can't mandate anything more.

v2.23.0 | Report a Bug | By Email