Re: [TLS] draft-shore-tls-dnssec-chain-extension-00
Viktor Dukhovni <ietf-dane@dukhovni.org> Wed, 01 July 2015 03:58 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DCF171A8A6C for <tls@ietfa.amsl.com>; Tue, 30 Jun 2015 20:58:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SeBvWWZlMJ3s for <tls@ietfa.amsl.com>; Tue, 30 Jun 2015 20:58:22 -0700 (PDT)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 323A41A8A56 for <tls@ietf.org>; Tue, 30 Jun 2015 20:58:22 -0700 (PDT)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id 97912284D2B; Wed, 1 Jul 2015 03:58:20 +0000 (UTC)
Date: Wed, 01 Jul 2015 03:58:20 +0000
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: tls@ietf.org
Message-ID: <20150701035820.GJ14121@mournblade.imrryr.org>
References: <55922571.8080605@nomountain.net> <alpine.LFD.2.11.1506302319510.29441@bofh.nohats.ca> <CAHPuVdVc01v4EKM5A9OEQ2Y78b=zZeQjKHigP3NR5nAT=y7FwQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAHPuVdVc01v4EKM5A9OEQ2Y78b=zZeQjKHigP3NR5nAT=y7FwQ@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/44atA9l5oxtrowNSzcLkbcKjzHU>
Subject: Re: [TLS] draft-shore-tls-dnssec-chain-extension-00
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tls@ietf.org
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jul 2015 03:58:24 -0000
On Tue, Jun 30, 2015 at 11:33:23PM -0400, Shumon Huque wrote:
> > Having browsers have some kind of "validate this chain of DNS records
> > that is asumed to be in some validation order" seems awfully specific
> > code that is "just not DNS enough" to cause problems. I'd rather see
> > the data fed into existing real dns validation libraries.
>
>
> Me too. But I think there are some folks who want to implement the
> validation themselves in the application, so the draft is trying to cater
> to both camps.
Notice that Paul said "libraries" not "servers". So the validation
would still be "in application", but ideally with well tested DNS
code, maintained by experts. This is a difficult enough bunch of
logic to get right, so making the input as DNS-library friendly as
possible is a worthwhile goal. The code could also be in a TLS
toolkit used by the application, with the TLS toolkit using a
suitably robust DNS library, or rolling its own validator logic.
Separately, Shumon's mention of CNAME/DNAME raises a critical
complication. A single chain from a TLSA RRset to the root will
often be insufficient.
Instead, there would need to be in various cases:
* A validated chain of CNAMEs (possibly synthesized via validated
DNAME RRs) leading from the client's requested SNI name to
a final TLSA base domain. (0 or more CNAME/DNAME indirection
records and all the DNSKEY/DS/RRSIG records to validate
these).
* A validated chain of CNAMES from _port._proto.<base-domain> to
an actual validated TLSA RRset (and ...).
* The final TLSA RRset with all the requisite validation records.
* Also a potential change in the client's notion of the reference
identifier to match in certificates, to the final TLSA base domain.
While still feasible, this makes locating and processing all
requisite records significantly more complex. Servers and clients
will need very carefully designed and implemented libraries to
collect and process this data. Caching at the server end is likely
unavoidable, while the client likely also needs a cache to keep
the handshake overhead more modest on average.
--
Viktor.
- [TLS] draft-shore-tls-dnssec-chain-extension-00 Melinda Shore
- Re: [TLS] draft-shore-tls-dnssec-chain-extension-… Viktor Dukhovni
- Re: [TLS] draft-shore-tls-dnssec-chain-extension-… Melinda Shore
- Re: [TLS] [dane] draft-shore-tls-dnssec-chain-ext… Shumon Huque
- Re: [TLS] draft-shore-tls-dnssec-chain-extension-… Paul Wouters
- Re: [TLS] draft-shore-tls-dnssec-chain-extension-… Shumon Huque
- Re: [TLS] draft-shore-tls-dnssec-chain-extension-… Viktor Dukhovni
- Re: [TLS] draft-shore-tls-dnssec-chain-extension-… Daniel Kahn Gillmor
- Re: [TLS] draft-shore-tls-dnssec-chain-extension-… Viktor Dukhovni
- Re: [TLS] draft-shore-tls-dnssec-chain-extension-… Melinda Shore