IETF Logo Mail Archive

Re: [TLS] Enforcing stronger server side signature/hash combinations in TLS 1.2

Martin Thomson <martin.thomson@gmail.com> Fri, 24 March 2017 05:08 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C17E3129407 for <tls@ietfa.amsl.com>; Thu, 23 Mar 2017 22:08:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PlITmnAz_un1 for <tls@ietfa.amsl.com>; Thu, 23 Mar 2017 22:08:47 -0700 (PDT)
Received: from mail-qk0-x230.google.com (mail-qk0-x230.google.com [IPv6:2607:f8b0:400d:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 01BE91243F6 for <tls@ietf.org>; Thu, 23 Mar 2017 22:08:46 -0700 (PDT)
Received: by mail-qk0-x230.google.com with SMTP id p64so3074267qke.1 for <tls@ietf.org>; Thu, 23 Mar 2017 22:08:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=hUNwfm5BanClv73gLBi0clUgGJ0SGrXzoU4aKz9sWQM=; b=giwOd7T/C0652BqJslBKF7GSbmG59U5+reuUfApPwQlSTcPZP+t3wgkQhbGTSdJGRp KJgbyOBAwbVU2wMNlTWd98XcpPYQnzch8r96P4fNoqemQogF6iE0fursALynwT8QBr0F kvY8WtZdXKdFk3K3XrJMio/exx/AzoHAvfYSsrTd9KMBCzogdq7Teyspoom2SDxtb6qf U31Psln85+Me7+N8utVXoC7HR8Ea7GTn9q45v41Ru0w0FNIdyjpBVLA0UoHvwhVoljYB aOKgZRh8pKABoLp4J3Cmc1QKJJb8EJi53/8ZFV6kUrR4g1/LJec2lC9Gfy/STCjLvM28 VBYw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=hUNwfm5BanClv73gLBi0clUgGJ0SGrXzoU4aKz9sWQM=; b=U/zlW5hq/eOozV+oxIkVOg6OxwCbKF6gyCiaM5aoJhFCvpUUAEDIjh6tY3hhKZkLgE OOkGhVobVhpmU/BuZIRcShk6RNCRWMqSnJjl04skUnZ7Y3rufCKWlfaQ33jkanNQreUj f/8pCfifw2mhi7rh4kX+zpnAvbpIKYfS1nccG3t57E3TFnDVyNsCvL6HcUltkr2HpDcf 7G2mXwu9nTE/eEsC4cACJzo0/hGLpcd6Pmf54c+6pvh2w+3RRJNQhQbveCBIIdjcOvik ZM33eEAxe/0R86EFQG5WNawInjx318gTSB7gqAkoWtldl8j0dSOl07756oebObKF5pIu 1Q9w==
X-Gm-Message-State: AFeK/H2nPYoWpRmPIuQFwDfSynR+WM0hbdHszIYPsbn9V9L9oIV+sz9pvx6fxaUrK5z/HdmAPqiTri+6LD0elA==
X-Received: by 10.55.122.134 with SMTP id v128mr5525007qkc.115.1490332126008; Thu, 23 Mar 2017 22:08:46 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.27.194 with HTTP; Thu, 23 Mar 2017 22:08:45 -0700 (PDT)
In-Reply-To: <52C6D0EF-D6AC-484A-9096-BDAE5C870F82@dukhovni.org>
References: <E6C9F0E527F94F4692731382340B337846DD1B@DENBGAT9EH2MSX.ww902.siemens.net> <1490317199552.71745@cs.auckland.ac.nz> <52C6D0EF-D6AC-484A-9096-BDAE5C870F82@dukhovni.org>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Fri, 24 Mar 2017 16:08:45 +1100
Message-ID: <CABkgnnVS-0vh_fPVQVnq6YxxrYNQ1=+90Ct8CmUocJf7R6k4bA@mail.gmail.com>
To: TLS WG <tls@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/3NKGh6a6BiWdGHMT8MEGXN-OxbQ>
Subject: Re: [TLS] Enforcing stronger server side signature/hash combinations in TLS 1.2
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Mar 2017 05:08:49 -0000

On 24 March 2017 at 12:29, Viktor Dukhovni <ietf-dane@dukhovni.org> wrote:
> I've never seen
> a TLS server that has multiple chains to choose from for the same
> server identity.

I didn't have to look far.  www.cloudflare.com will switch hit and
pick RSA or ECDSA on demand:

$ ./tstclnt -h www.cloudflare.com -p 443 -D -b -C
==== certificate(s) sent by server: ====
Certificate:
    Data:
        Serial Number:03:61:3e:ff:c0:fb:82:d6:a4:d8:45:8e:8f:18:04:3a
        Signature Algorithm: X9.62 ECDSA signature with SHA256
        Issuer: "CN=DigiCert ECC Extended Validation Server
CA,OU=www.digicert.com,O=DigiCert Inc,C=US"
        Validity:
            Not Before: Fri Oct 28 00:00:00 2016
            Not After : Fri Nov 02 12:00:00 2018
        Subject: "CN=cloudflare.com,O="Cloudflare, Inc.",L=San
Francisco,ST=CA,C=US,postalCode=94107,STREET=101
Townsend,serialNumber=4710875,incorporationState=Delaware,incorporationCountry=US,businessCategory=Private
Organization"
    Fingerprint (SHA-256):
12:C4:A5:74:7E:D5:6E:37:2C:87:89:02:25:E4:CD:51:89:6D:8E:AD:7D:55:CF:76:BF:D1:9B:6B:74:6C:70:D0

$ ./tstclnt -h www.cloudflare.com -p 443 -D -b -C -c :009c
==== certificate(s) sent by server: ====
Certificate:
    Data:
        Serial Number:01:bf:d1:dc:15:00:6e:0a:bb:a7:c6:70:ff:5e:11:01
        Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption
        Issuer: "CN=DigiCert SHA2 Extended Validation Server
CA,OU=www.digicert.com,O=DigiCert Inc,C=US"
        Validity:
            Not Before: Fri Oct 28 00:00:00 2016
            Not After : Fri Nov 02 12:00:00 2018
        Subject: "CN=cloudflare.com,O="Cloudflare, Inc.",L=San
Francisco,ST=CA,C=US,postalCode=94107,STREET=101
Townsend,serialNumber=4710875,incorporationState=Delaware,incorporationCountry=US,businessCategory=Private
Organization"
    Fingerprint (SHA-256):
30:BA:61:01:2F:FE:7C:EA:AF:9A:14:8A:0C:B0:C5:C8:52:A9:C0:4F:4B:1C:27:DB:6E:FA:99:19:C7:F4:9C:CF

I just had to ask nicely.  I'm pretty sure that there are more out
there on the web; I'm sure that mail is a whole different proposition.

v2.23.0 | Report a Bug | By Email