Re: [TLS] Revocation and authentication of raw public key (was: AD review of draft-ietf-tls-oob-pubkey)
Paul Wouters <paul@nohats.ca> Tue, 23 April 2013 13:28 UTC
Return-Path: <paul@nohats.ca>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9836721F96BA for <tls@ietfa.amsl.com>; Tue, 23 Apr 2013 06:28:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.339
X-Spam-Level:
X-Spam-Status: No, score=-2.339 tagged_above=-999 required=5 tests=[AWL=0.260, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ussqbsEC0H4t for <tls@ietfa.amsl.com>; Tue, 23 Apr 2013 06:28:05 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) by ietfa.amsl.com (Postfix) with ESMTP id 02C7A21F84A1 for <tls@ietf.org>; Tue, 23 Apr 2013 06:28:04 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3Zw57g2tN0z9ZN; Tue, 23 Apr 2013 09:27:59 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id XV-FAQTXdJYV; Tue, 23 Apr 2013 09:27:58 -0400 (EDT)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) by mx.nohats.ca (Postfix) with ESMTP; Tue, 23 Apr 2013 09:27:58 -0400 (EDT)
Received: by bofh.nohats.ca (Postfix, from userid 500) id 7C61680EC7; Tue, 23 Apr 2013 09:27:59 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 6F29D80E19; Tue, 23 Apr 2013 09:27:59 -0400 (EDT)
Date: Tue, 23 Apr 2013 09:27:59 -0400
From: Paul Wouters <paul@nohats.ca>
To: Bert Greevenbosch <Bert.Greevenbosch@huawei.com>
In-Reply-To: <46A1DF3F04371240B504290A071B4DB63D716CC2@szxeml558-mbx.china.huawei.com>
Message-ID: <alpine.LFD.2.10.1304230916340.509@bofh.nohats.ca>
References: <516D5ADE.3050506@ieca.com> <46A1DF3F04371240B504290A071B4DB63D715C65@szxeml558-mbx.china.huawei.com> <2A0EFB9C05D0164E98F19BB0AF3708C7B311446B@USMBX1.msg.corp.akamai.com> <46A1DF3F04371240B504290A071B4DB63D716CC2@szxeml558-mbx.china.huawei.com>
User-Agent: Alpine 2.10 (LFD 1266 2009-07-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"; format="flowed"
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Revocation and authentication of raw public key (was: AD review of draft-ietf-tls-oob-pubkey)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Apr 2013 13:28:05 -0000
On Tue, 23 Apr 2013, Bert Greevenbosch wrote: > I think name-to-key association is half of the problem, whereas revocation is the second half. SSH seems to focus on the first half, whereas OCSP-lite focuses mainly on the second half. Revocation is only required in the indirect path. That is, supplier A signs something for consumer B, and enduser C needs to verify B. Now A needs a method to tell C about revocation of B. When you use raw public keys, the authentication happens out of band. If there are no three players, with two of them talking only indirectly, no OCSP-like mechanism is required. For instance, using DNS(SEC) with raw keys there is only B and C. When B loses trust in their key, they simple remove it from DNS(SEC) to communicate this to A. The same applies to SSHFP records in DNS(SEC) or ActiveDirectory. OCSP was only needed before because there were three parties. While it is still possible an out of band method to validate TLS keys to require three parties, any revocation list mechanism should be part of the out of band method specification. I am not sure what out of band method this OCSP-lite case covers. If there is a specification of that out of band method, then that specification should perhaps include this OCSP-lite specification as part of it. I don't see a value of specifying a generic revocation method. I see danger in such a specification if it _introduces_ a third player where there should not be one for a specific out of band authentication method. Using TLS raw keys from DNSSEC, The RRSIG/TTL and DNS trust anchors can tune the behaviour of when TLS raw keys are valid or not. No OCSP variant is neccessary. The same is true for content based on ActiveDirectory/LDAP or Radius/Diameter where there is already a central control mechanism for relaying this information. Paul
- [TLS] AD review of draft-ietf-tls-oob-pubkey Sean Turner
- Re: [TLS] AD review of draft-ietf-tls-oob-pubkey Bert Greevenbosch
- Re: [TLS] AD review of draft-ietf-tls-oob-pubkey Salz, Rich
- [TLS] Revocation and authentication of raw public… Bert Greevenbosch
- Re: [TLS] Revocation and authentication of raw pu… Paul Wouters
- Re: [TLS] Revocation and authentication of raw pu… Salz, Rich
- Re: [TLS] Revocation and authentication of raw pu… Bert Greevenbosch
- Re: [TLS] Revocation and authentication of raw pu… Trevor Perrin
- Re: [TLS] AD review of draft-ietf-tls-oob-pubkey Joseph Salowey (jsalowey)
- Re: [TLS] AD review of draft-ietf-tls-oob-pubkey Daniel Kahn Gillmor
- Re: [TLS] AD review of draft-ietf-tls-oob-pubkey Joseph Salowey (jsalowey)
- Re: [TLS] AD review of draft-ietf-tls-oob-pubkey Bert Greevenbosch
- Re: [TLS] AD review of draft-ietf-tls-oob-pubkey Sean Turner
- Re: [TLS] AD review of draft-ietf-tls-oob-pubkey Sean Turner
- Re: [TLS] AD review of draft-ietf-tls-oob-pubkey Sean Turner