Re: [TLS] [tls13-spec] relax certificate_list ordering requirements to match current practice (#169)

mrex@sap.com (Martin Rex) Tue, 12 May 2015 20:51 UTC

Return-Path: <mrex@sap.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DB6D1AD1A6 for <tls@ietfa.amsl.com>; Tue, 12 May 2015 13:51:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.951
X-Spam-Level:
X-Spam-Status: No, score=-5.951 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, J_CHICKENPOX_32=0.6, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2g9UKZwOP8qk for <tls@ietfa.amsl.com>; Tue, 12 May 2015 13:51:33 -0700 (PDT)
Received: from smtpde02.smtp.sap-ag.de (smtpde02.smtp.sap-ag.de [155.56.68.140]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE6A41AD0C6 for <tls@ietf.org>; Tue, 12 May 2015 13:51:32 -0700 (PDT)
Received: from mail05.wdf.sap.corp (mail05.sap.corp [194.39.131.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtpde02.smtp.sap-ag.de (Postfix) with ESMTPS id F364744704; Tue, 12 May 2015 22:51:30 +0200 (CEST)
X-purgate-ID: 152705::1431463891-0000413A-F0D8DC97/0/0
X-purgate-size: 1502
X-purgate: clean
X-purgate: This mail is considered clean (visit http://www.eleven.de for further information)
X-purgate-Ad: Categorized by eleven eXpurgate (R) http://www.eleven.de
X-purgate-type: clean
X-SAP-SPAM-Status: clean
Received: from ld9781.wdf.sap.corp (ld9781.wdf.sap.corp [10.21.82.193]) by mail05.wdf.sap.corp (Postfix) with ESMTP id DB8BB412A8; Tue, 12 May 2015 22:51:30 +0200 (CEST)
Received: by ld9781.wdf.sap.corp (Postfix, from userid 10159) id CBCF61B2EB; Tue, 12 May 2015 22:51:30 +0200 (CEST)
In-Reply-To: <939995E0-4ED0-479A-8B3A-628FE2C8C31B@gmail.com>
To: Yoav Nir <ynir.ietf@gmail.com>
Date: Tue, 12 May 2015 22:51:30 +0200 (CEST)
X-Mailer: ELM [version 2.4ME+ PL125 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20150512205130.CBCF61B2EB@ld9781.wdf.sap.corp>
From: mrex@sap.com (Martin Rex)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/1WG0YkhfTPUTj1EwTQIDQtHvOyU>
Cc: "TLS@ietf.org \(tls@ietf.org\)" <tls@ietf.org>
Subject: Re: [TLS] [tls13-spec] relax certificate_list ordering requirements to match current practice (#169)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: mrex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 May 2015 20:51:40 -0000

Yoav Nir wrote:
[ Charset UTF-8 unsupported, converting... ]
> 
>> 
>> But a machine/automata/algorithm that will automatically download objects
>> from URLs from still-untrusted data provided by the peer is definitely
>> insecure and irresponsible.
> 
> In that sense, how is AIA different from revocation checking?
> Whether you use CRLs or OCSP, you?re following a URL in the
> (still untrusted or at least possibly revoked) certificate
> to retrieve an object.

Possibly revoked?  yes.

Untrusted? *NO*.  Look at the algorithm in rfc5280 again.


https://tools.ietf.org/html/rfc5280#section-6.1.3

   6.1.3. Basic Certificate Processing


   The basic path processing actions to be performed for certificate i
   (for all i in [1..n]) are listed below.

      (a)  Verify the basic certificate information.  The certificate
           MUST satisfy each of the following:

         (1)  The signature on the certificate can be verified using
              working_public_key_algorithm, the working_public_key, and
              the working_public_key_parameters.

         (2)  The certificate validity period includes the current time.

         (3)  At the current time, the certificate is not revoked.  This
              may be determined by obtaining the appropriate CRL
              (Section 6.3), by status information, or by out-of-band
              mechanisms.

         (4)  The certificate issuer name is the working_issuer_name.



-Martin