Re: [TLS] [Editorial Errata Reported] RFC8446 (6204)

Eric Rescorla <ekr@rtfm.com> Thu, 04 June 2020 16:37 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 203D83A0DAD for <tls@ietfa.amsl.com>; Thu, 4 Jun 2020 09:37:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tL6ylyGNnz7J for <tls@ietfa.amsl.com>; Thu, 4 Jun 2020 09:37:56 -0700 (PDT)
Received: from mail-lj1-x22d.google.com (mail-lj1-x22d.google.com [IPv6:2a00:1450:4864:20::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88D4F3A0D12 for <tls@ietf.org>; Thu, 4 Jun 2020 09:37:55 -0700 (PDT)
Received: by mail-lj1-x22d.google.com with SMTP id c17so8090124lji.11 for <tls@ietf.org>; Thu, 04 Jun 2020 09:37:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=J0/WQu8/0quVezHK6P9GmIRCDFKFkSLn/dSydy53rfo=; b=b2Hg9WGR/Fu/njig6Db1wNByk1W6frzMU4qxdrTwotaFZu8vNBkA5DS5DxiZPnGvIb UfmJlL8XNDZKzaMH91npH9FJgeiMl4k3iusk7qZFp3GfHdnVnFZR+qTI/XpF6Np5hQa4 nuSpR2ogIpa81qljik4kERXaQjJmkFXbLrllg1I+DRKMExiXB6Emc2OFmpEH6gpC3UyU OQxOoFQcYwzkMe4q62Xroh5RlpNDLYehff10thSgXJwJBwKMGCBUbTMM9eQGQmLysHia iT2RD1PHLh9w7iQ6GQU31l9RuQkIsUPbf5TGKTS+arWj/x7UO1K/hG75K+U0z6OYiNE2 2uUg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=J0/WQu8/0quVezHK6P9GmIRCDFKFkSLn/dSydy53rfo=; b=ptxj+tN0tlDBDuaOqrWx2hMnAtIyiJqN0W4Hv11n6OUE5gSGUaWPQtFcfKVxEBFznF GJBGdkRGjguH8qcS9wXqipkbCL7JTCAxZ/r3KaKVqKeXWl9/s5TqTjUIpFnkyw4e7aL4 jYbBbObnu10CUVKae5yWYYDP6iFy1xVktzQwdA8cYnt559WOoIzlhAODxMb6uUf7gMaA phxgQ30jKZPbRun84EEXtKsw5QxdOp/GhdGQDIVartf+pJLCQFql6kWMYLxMwqHNhLVv aObRh5pL7OmxB8KLzlarw51Xd+cZgSCaeV56PprhRVSfUfagoGhpqt3ji087PQitcC9Y OcgQ==
X-Gm-Message-State: AOAM533fgHY4To1FLrR4gnFTojIEE1Wk2w9iAVm6RWGuN6qe9kI1MJ5y 1IA5TTYSzejD6V+IsyeBsTizK8eZZI403LpFGafnAg==
X-Google-Smtp-Source: ABdhPJz0eYU5Du7r/4GlghjjooqeLsxHc65UK7nBhEFOk8drExKJETBr8OFOgZxmtbup8jXFRHwx/ORXfY0acGHQFmM=
X-Received: by 2002:a2e:3609:: with SMTP id d9mr2429215lja.409.1591288673575; Thu, 04 Jun 2020 09:37:53 -0700 (PDT)
MIME-Version: 1.0
References: <20200604000011.387A5F4070F@rfc-editor.org> <73b5d3e2-d2f4-447c-84d6-0ae0a08374a9@www.fastmail.com> <CABcZeBMswqW4rWGmTxwK_zUy0-anRt6PFPo_YK1zNhWQw7wtSg@mail.gmail.com> <F3357894-3045-44A9-B30E-8AD2DEB37DE6@vigilsec.com> <CABcZeBOmRAFV9M1W6bmD8OCFcDpQmC+5M=4reRzMhjnpPHC4dg@mail.gmail.com> <070E5A6D-7D2F-405A-B5D8-8C90379306D9@vigilsec.com>
In-Reply-To: <070E5A6D-7D2F-405A-B5D8-8C90379306D9@vigilsec.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 4 Jun 2020 09:37:17 -0700
Message-ID: <CABcZeBP8hmBdNdxpiVJ_rnub4TnOCOVLm+D7yGBotSQDoU9g3Q@mail.gmail.com>
To: Russ Housley <housley@vigilsec.com>
Cc: Martin Thomson <mt@lowentropy.net>, IETF TLS <tls@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000001fd61105a744c4f6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/2_F5kK95pMnFleb0mgE5t6mtbIo>
Subject: Re: [TLS] [Editorial Errata Reported] RFC8446 (6204)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Jun 2020 16:38:04 -0000

On Thu, Jun 4, 2020 at 9:24 AM Russ Housley <housley@vigilsec.com> wrote:

> Eric:
>
> On Wed, Jun 3, 2020 at 6:07 PM Martin Thomson <mt@lowentropy.net> wrote:
>>
>>> I think that this is a useful erratum and it should be approved/HFDU.
>>> The extension to which this text alludes is RFC 8773, not
>>> post_handshake_auth.
>>>
>>
>> Yes, although 8773 actually is not super-clear about post-handshake, so
>> that's actually something we should clarify there.
>>
>>
>> RFC 8773 is not intended for post handshake.  So, I never thought about
>> that.  What is the use case you are considering?
>>
>
> I don't have one. I'm just trying to make sure things are clear. perhaps
> an erratum on 8773 to make ultra clear?
>
>
> I do not find it unclear.
>

I am looking at 5.2 which seems like it could be more precise.



> What do you have in mind?
>

Changing:
   TLS 1.3 does not permit the server to send a CertificateRequest
   message when a PSK is being used. This restriction is removed when
   the "tls_cert_with_extern_psk" extension is negotiated, allowing
   certificate-based authentication for both the client and the
   server. To: TLS 1.3 does not permit the server to send a
   CertificateRequest message when a PSK is being used. This restriction
   is removed when the "tls_cert_with_extern_psk" extension is
   negotiated, allowing certificate-based authentication for both the
   client and the server.

To:
   TLS 1.3 does not permit the server to send a CertificateRequest
   message when a PSK is being used. This restriction is removed when
   the "tls_cert_with_extern_psk" extension is negotiated, allowing
   certificate-based authentication for both the client and the
   server. To: TLS 1.3 does not permit the server to send a
   CertificateRequest message when a PSK is being used. This
   restriction is removed for the main handshake when the
   "tls_cert_with_extern_psk" extension is negotiated, allowing
   certificate-based authentication for both the client and the
   server. This extension has no impact on external PSK usage
   with post-handshake authentication, which is prohibited by
   TLS 1.3.

-Ekr

Russ
>
>