IETF Logo Mail Archive

Re: [TLS] TLS Cached Information Extension - version 11

Rob Stradling <rob.stradling@comodo.com> Mon, 06 February 2012 12:21 UTC

Return-Path: <rob.stradling@comodo.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5BC5A21F8600 for <tls@ietfa.amsl.com>; Mon, 6 Feb 2012 04:21:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.367
X-Spam-Level:
X-Spam-Status: No, score=-2.367 tagged_above=-999 required=5 tests=[AWL=0.232, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y3qjvuVVFG+v for <tls@ietfa.amsl.com>; Mon, 6 Feb 2012 04:21:06 -0800 (PST)
Received: from mmmail1.mcr.colo.comodoca.net (mdfw.comodoca.net [91.209.196.68]) by ietfa.amsl.com (Postfix) with ESMTP id BA50521F85FF for <tls@ietf.org>; Mon, 6 Feb 2012 04:21:04 -0800 (PST)
Received: (qmail 8572 invoked from network); 6 Feb 2012 12:20:59 -0000
Received: from ian.bd.office.comodo.net (HELO ian.brad.office.comodo.net) (192.168.0.201) by mail.colo.comodoca.net with ESMTPS (DHE-RSA-AES256-SHA encrypted); 6 Feb 2012 12:20:59 -0000
Received: (qmail 18143 invoked by uid 1000); 6 Feb 2012 12:20:59 -0000
Received: from nigel.brad.office.comodo.net (HELO [192.168.0.58]) (192.168.0.58) (smtp-auth username rob, mechanism plain) by ian.brad.office.comodo.net (qpsmtpd/0.40) with (CAMELLIA256-SHA encrypted) ESMTPSA; Mon, 06 Feb 2012 12:20:59 +0000
Message-ID: <4F2FC5AA.5070600@comodo.com>
Date: Mon, 06 Feb 2012 12:20:58 +0000
From: Rob Stradling <rob.stradling@comodo.com>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:9.0) Gecko/20111222 Thunderbird/9.0.1
MIME-Version: 1.0
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
References: <4EF84292.50201@gmx.net>
In-Reply-To: <4EF84292.50201@gmx.net>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: tls@ietf.org
Subject: Re: [TLS] TLS Cached Information Extension - version 11
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Feb 2012 12:21:10 -0000

Hi Hannes.  A couple of thoughts...


1. Have you considered the NI (Named Information) scheme [1] that the 
DECADE WG have been working on?  It "defines a URI-based name form that 
identifies a named object via hash-based binding".  Would it make sense 
to adapt your definition of CachedObject so that it makes use of NI?
(This would obviate the need for yet another hash algorithm registry).


2. Currently, cached-info only allows a TLS Client to indicate to the 
TLS Server a list of static Objects that it _doesn't_ want to receive 
(because it already has them).
i.e. "Don't send me any Objects of Type X, Y or Z that match Digests A, 
B or C".

How about extending this so that the TLS Client can indicate types of 
Object that it _does_ want to receive?
i.e. "Do send me any Objects of Type X, Y and Z that you have, excluding 
any that match Digests A, B or C".

This added functionality could meet the needs of several other TLS 
extensions that are being proposed, for example...
   - Multiple OCSP Responses [2].
   - Audit proofs for Google's Certificate Transparency proposal [3].
   - TACK rules for Convergence [4].

Or, is it your explicit intention to restrict cached-info so that it 
only supports the "standard" TLS handshake objects (e.g. Certificate, 
Trusted CAs list).
(I can see that such a restriction could help to ensure that client-side 
code can be implemented entirely within the network layer rather than 
bleeding into the application layer).


[1] http://tools.ietf.org/html/draft-farrell-decade-ni

[2] http://tools.ietf.org/html/draft-pettersen-tls-ext-multiple-ocsp

[3] 
http://www.links.org/file/CertificateAuthorityTransparencyandAuditability.pdf

[4] https://github.com/moxie0/Convergence/wiki/TACK

On 26/12/11 09:46, Hannes Tschofenig wrote:
> Hi all,
>
> Nikos provided review comments (see
> http://www.ietf.org/mail-archive/web/tls/current/msg08338.html) and I
> have incorporated them in version 11 of the draft:
> http://www.ietf.org/internet-drafts/draft-ietf-tls-cached-info-11.txt
>
> As you can see, there are a number of smaller changes here and there. I
> hope that readability has improved.
>
> There is an open issue: algorithm negotiation
>
> Currently, the draft defines a registry for hash algorithms that are
> used to produce the hashes of cached information. The client can tell
> the server that it has already cached, for example, the certificate
> chain. The server then has to only send the fingerprint of it (rather
> than the complete certificate chain). The other information (besides
> certificate chains) that can be "fingerprinted" is the list of trusted
> CAs. Does this cover all use cases?
>
> A few algorithms are defined, namely SHA-1, SHA-224, SHA-256, SHA-384,
> SHA-512. Is this a good list to start with?
>
> The draft does not define a way for the client to tell the server that
> it only supports a certain hash algorithm. Should we allow the client to
> indicate what algorithm it supports?
>
> Ciao
> Hannes
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

-- 
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online

v2.23.0 | Report a Bug | By Email