Re: [TLS] Why there should not be a TLS 2.0

Watson Ladd <watsonbladd@gmail.com> Sun, 08 June 2014 19:46 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D68D91A037B for <tls@ietfa.amsl.com>; Sun, 8 Jun 2014 12:46:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k_O7Jzf06Al0 for <tls@ietfa.amsl.com>; Sun, 8 Jun 2014 12:46:55 -0700 (PDT)
Received: from mail-yh0-x235.google.com (mail-yh0-x235.google.com [IPv6:2607:f8b0:4002:c01::235]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AF00D1A037F for <tls@ietf.org>; Sun, 8 Jun 2014 12:46:54 -0700 (PDT)
Received: by mail-yh0-f53.google.com with SMTP id b6so543443yha.40 for <tls@ietf.org>; Sun, 08 Jun 2014 12:46:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=Gq84zm/3Jr3oKhrhm0kxuibkxCWaD4JSIWnlmcpFv4A=; b=BJjlKUagq0rVDzS3zgMKzx6gPr/kpCujRSOUXXqlCyGVBD8gB++o1qqDh9CHTEacsg 5LzEz2zpIiMUUlxqXrX9QwStsEsW9OEBRO0/ZLzvkDxoaIm1TQJZVIZCoeGCoeJl7/YH bVHGZiHbcavYOlQtzZIHUrg9RJ5I/kfUw9F8Pf/r7+nnKZ2zJyH2N0qHHIKGGEu+gsjW FzznOHptcAJjZ2WSqcaY2Y8HShevMfB0K1fbWOP3MniPrfvayU4J7rLRr8Eof0rqQsyD vyHwVPu9RvOEG0YIoaYsKLFs7jUkCzA9mUh5Eg1Juuyd5U6t63BymyjxKciV10LJvLYO 3bFA==
MIME-Version: 1.0
X-Received: by 10.236.1.229 with SMTP id 65mr3126184yhd.107.1402256814023; Sun, 08 Jun 2014 12:46:54 -0700 (PDT)
Received: by 10.170.39.136 with HTTP; Sun, 8 Jun 2014 12:46:53 -0700 (PDT)
In-Reply-To: <20140608154901.GG27883@mournblade.imrryr.org>
References: <CAMm+Lwiw0TO6D5qnfKFb26kg9-+mzCDHJNd9fMi+BrFf4rQaHA@mail.gmail.com> <20140608122758.GA10562@roeckx.be> <20140608154901.GG27883@mournblade.imrryr.org>
Date: Sun, 8 Jun 2014 12:46:53 -0700
Message-ID: <CACsn0cnAiyAXMhTK8+5h+V9M2B2D5boPN0mQJyF_Af=JOcPyvA@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: text/plain; charset=UTF-8
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/3n2lAaSzpq-FlziczG_PGtQyGi4
Subject: Re: [TLS] Why there should not be a TLS 2.0
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Jun 2014 19:46:57 -0000

On Sun, Jun 8, 2014 at 8:49 AM, Viktor Dukhovni
<viktor1dane@dukhovni.org> wrote:
> On Sun, Jun 08, 2014 at 02:27:58PM +0200, Kurt Roeckx wrote:
>
>> I would imagine that the client would like to do a "please give me
>> a tunnel to that hostname", and then get back some descriptor that
>> it can use to talk to it.  Please note that I say hostname,
>> because I think that you can have several names each which it's
>> own certificate on the same IP address.
>
> Yes, but stronger yet, one needs (ala GSSAPI + Kerberos, which for
> all its limitations gets some things right) to be able to ask for
> service@hostname, not just hostname.  The underlying Kerberos
> stack works with service/instance@REALM, which also makes sense.

See also Ethos, where the network protocol authenticates services and
users to each other. The kicker is services no longer need to
authenticate users.
>
> We could define new DANE record formats for scalable public-key
> cross realm authentication with Kerberos or a Kerberos-like system,
> and DNSSEC for a suitably secure hostname->realm mapping.

Or one could use a certificate format that supported this natively.
The fact that TLS is (mostly) tied to X509 is a real shame when it
comes to extending.

Yes, you could define extensions for certificate type and use them: at
some point SPKI may have been used this way. But as Viktor points out
GSSAPI dominates this space (unfortunately: anonymous users are hard
to rope in here).

Sincerely,
Watson Ladd

>
> --
>         Viktor.
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls



-- 
"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin