IETF Logo Mail Archive

Re: [TLS] TLS 1.3 Authentication using ETSI TS 103 097 and IEEE 1609.2 certificates

Mounira Msahli <mounira.msahli@telecom-paristech.fr> Mon, 27 August 2018 17:24 UTC

Return-Path: <msahli@enst.fr>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A8F46130DD0 for <tls@ietfa.amsl.com>; Mon, 27 Aug 2018 10:24:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=telecom-paristech.fr
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3USCbA_sc_zR for <tls@ietfa.amsl.com>; Mon, 27 Aug 2018 10:24:38 -0700 (PDT)
Received: from zproxy130.enst.fr (zproxy130.enst.fr [137.194.2.194]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B0D63129C6A for <tls@ietf.org>; Mon, 27 Aug 2018 10:24:37 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by zproxy130.enst.fr (Postfix) with ESMTP id 3EA3012061F; Mon, 27 Aug 2018 19:24:36 +0200 (CEST)
Received: from zproxy130.enst.fr ([IPv6:::1]) by localhost (zproxy130.enst.fr [IPv6:::1]) (amavisd-new, port 10032) with ESMTP id t8VJd8mTdYaF; Mon, 27 Aug 2018 19:24:35 +0200 (CEST)
Received: from localhost (localhost [IPv6:::1]) by zproxy130.enst.fr (Postfix) with ESMTP id 0B6B21207EF; Mon, 27 Aug 2018 19:24:35 +0200 (CEST)
DKIM-Filter: OpenDKIM Filter v2.10.3 zproxy130.enst.fr 0B6B21207EF
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telecom-paristech.fr; s=A6AEC2EE-1106-11E5-B10E-D103FDDA8F2E; t=1535390675; bh=AFGNEz1Lm0kocK8BL2e/tMEZc0wUvK5gb0UgCpv+oJY=; h=Date:From:To:Message-ID:MIME-Version; b=v0xmt7uHIjTO/+ELTjoYsOcp1wBq0wleR+jrtClaI7kMVHOtZ9CCmlKGPBChrmITp 1UvX1CNM8R2a5q9V96x8a4phLkwtEUfXmTg8Miq6B+SELmWarPM/sF6b1IhQEUkFLm 1p51yvf1LBXfS2ifp+JBKWuKroAgREmMaCIfT25A=
X-Virus-Scanned: amavisd-new at zproxy130.enst.fr
Received: from zproxy130.enst.fr ([IPv6:::1]) by localhost (zproxy130.enst.fr [IPv6:::1]) (amavisd-new, port 10026) with ESMTP id 5efYvchmv_6z; Mon, 27 Aug 2018 19:24:34 +0200 (CEST)
Received: from zmail112.enst.fr (zmail112.enst.fr [137.194.2.205]) by zproxy130.enst.fr (Postfix) with ESMTP id C313A12061F; Mon, 27 Aug 2018 19:24:34 +0200 (CEST)
Date: Mon, 27 Aug 2018 19:24:34 +0200
From: Mounira Msahli <mounira.msahli@telecom-paristech.fr>
To: Ilari Liusvaara <ilariliusvaara@welho.com>
Cc: tls <tls@ietf.org>
Message-ID: <235113009.594519.1535390674699.JavaMail.zimbra@enst.fr>
In-Reply-To: <20180827163405.GA19628@LK-Perkele-VII>
References: <1231917830.3727154.1535119783361.JavaMail.zimbra@enst.fr> <20180824155038.GA2743@LK-Perkele-VII> <1417403886.3796035.1535132676840.JavaMail.zimbra@enst.fr> <3804815.tkeyhOaURY@pintsize.usersys.redhat.com> <997722663.579236.1535386875575.JavaMail.zimbra@enst.fr> <20180827163405.GA19628@LK-Perkele-VII>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Originating-IP: [::ffff:137.194.205.118]
X-Mailer: Zimbra 8.8.9_GA_3019 (ZimbraWebClient - FF61 (Linux)/8.8.9_GA_3019)
Thread-Topic: TLS 1.3 Authentication using ETSI TS 103 097 and IEEE 1609.2 certificates
Thread-Index: Xcm6mm9O96psfXKxVJT69BwJ+fenOg==
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/3nj5QmkyI49FHafODMukcMd4UP0>
Subject: Re: [TLS] TLS 1.3 Authentication using ETSI TS 103 097 and IEEE 1609.2 certificates
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Aug 2018 17:24:40 -0000

One could abbrevate the handshake traces to just show the relevant 
parts (which could also cut some clutter)? I think the relevant 
messages always occur in the same order (clienthello, serverhello/ 
encryptedextensions, certificate, certificate). 

Yes, so we can neglect the ServerHelloDone for TLS 1.2? 

The table in section 4.2.  Extensions of [RFC 8446] (TLS 1.3) indicates the messages where a given extension may
appear:
 | client_certificate_type [RFC7250]                |      CH, EE |
 |                                                  |             |
 | server_certificate_type [RFC7250]                |      CH, EE |

But in RFC 7250 (TLS 1.2), the same extensions could appear in CH and SH. 

I think, it could be better to make distinction between two TLS versions in handshake phase in terms of presentation. 

I don't have any objection to combine both in one document. 

I agree with you about the rest of comments. 

Cheers 
Mounira 




----- Mail original -----
De: "Ilari Liusvaara" <ilariliusvaara@welho.com>
À: "Mounira Msahli" <mounira.msahli@telecom-paristech.fr>
Cc: "tls" <tls@ietf.org>
Envoyé: Lundi 27 Août 2018 18:34:05
Objet: Re: [TLS] TLS 1.3 Authentication using ETSI TS 103 097 and IEEE 1609.2 certificates

On Mon, Aug 27, 2018 at 06:21:15PM +0200, Mounira Msahli wrote: 
> Hi Hubert, 
> 
> I can do the exercise but the result will be two sections totally 
> decorrelated: one for TLS 1.3 and one for TLS 1.2. Two drafts in 
> one document. 

The certificate message might be bit annoying as it has different 
format in TLS 1.2 and 1.3. But most textual discussion probably can be 
shared between the versions. 

> - The handshake phase in TLS 1.2 is different from handshake/TLS1.3 

One could abbrevate the handshake traces to just show the relevant 
parts (which could also cut some clutter)? I think the relevant 
messages always occur in the same order (clienthello, serverhello/ 
encryptedextensions, certificate, certificate). 

> - The certificate type is different. One uses cert_type and the 
> other uses extension defined in [RFC7250]. 

cert_type is deprecated. One should use the RFC7250 extensions even in 
TLS 1.2. The TLS 1.3 certificate format negotiation works the same as 
in TLS 1.2, with exception of extensions being in different message. 


-Ilari

v2.23.0 | Report a Bug | By Email