[TLS] Should TLS 1.3 servers send "signature_algorithms" extensions

Xiaoyin Liu <xiaoyin.l@outlook.com> Mon, 19 September 2016 22:59 UTC

Return-Path: <xiaoyin.l@outlook.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A99512B5AE for <tls@ietfa.amsl.com>; Mon, 19 Sep 2016 15:59:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.018
X-Spam-Level:
X-Spam-Status: No, score=-2.018 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HK_RANDOM_ENVFROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=outlook.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rNqqyD9sGKDn for <tls@ietfa.amsl.com>; Mon, 19 Sep 2016 15:59:45 -0700 (PDT)
Received: from BAY004-OMC3S1.hotmail.com (bay004-omc3s1.hotmail.com [65.54.190.139]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E2FA312B5C1 for <tls@ietf.org>; Mon, 19 Sep 2016 15:57:00 -0700 (PDT)
Received: from NAM03-DM3-obe.outbound.protection.outlook.com ([65.54.190.188]) by BAY004-OMC3S1.hotmail.com over TLS secured channel with Microsoft SMTPSVC(7.5.7601.23008); Mon, 19 Sep 2016 15:57:00 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=mxhir9hU/gKdU5PiKOCURK6dd1jch3Z5JDjtn+AA3Vc=; b=fn1IZHkDCTyXDJpTO44LhElsQvZIuh/tFn5/Awp/u2gbre625dXBthmfd8ukAwLYH2p9NqGNG5hWbMMQiK5wFzb2uq4AK/OQZ33nKlmKFJvkf0xHYsuD46Xm6CHmtyc+frjOaCPBZpFs306A4U0FF1uBaj1R45Tv/vFjCZMrBiX+s/JJheSMRx/SrzpZQSbRy25CVSjOqhqDnHzHcjOjuCcqp/keVVgbNUMwM1c59Uk4RyKUnIIRXHnBbhDP3Gn4/KmY4T71o4HTTEQ7gkPDCrKiba/XXyXydFwlmuyyQ+J+yHiT32naYr8j9VuqGUBr6wlV+T7aN2DV0XECUPtrTw==
Received: from CO1NAM03FT046.eop-NAM03.prod.protection.outlook.com (10.152.80.56) by CO1NAM03HT183.eop-NAM03.prod.protection.outlook.com (10.152.80.228) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.629.5; Mon, 19 Sep 2016 22:56:59 +0000
Received: from CY1PR15MB0778.namprd15.prod.outlook.com (10.152.80.51) by CO1NAM03FT046.mail.protection.outlook.com (10.152.81.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.629.5 via Frontend Transport; Mon, 19 Sep 2016 22:56:59 +0000
Received: from CY1PR15MB0778.namprd15.prod.outlook.com ([10.169.22.10]) by CY1PR15MB0778.namprd15.prod.outlook.com ([10.169.22.10]) with mapi id 15.01.0629.006; Mon, 19 Sep 2016 22:56:59 +0000
From: Xiaoyin Liu <xiaoyin.l@outlook.com>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: Should TLS 1.3 servers send "signature_algorithms" extensions
Thread-Index: AdISyROb8Ye1yhUJQdmgPlvSWdiRJg==
Date: Mon, 19 Sep 2016 22:56:59 +0000
Message-ID: <CY1PR15MB0778D9D3AE6022E4F268B534FFF40@CY1PR15MB0778.namprd15.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=softfail (sender IP is 10.152.80.51) smtp.mailfrom=outlook.com; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=fail action=none header.from=outlook.com;
received-spf: SoftFail (protection.outlook.com: domain of transitioning outlook.com discourages use of 10.152.80.51 as permitted sender)
x-incomingtopheadermarker: OriginalChecksum:7E2A3A5CD56B2CEB01AA437084091C2DF28BFFE736888C93BD5B2474D97ABBC7; UpperCasedChecksum:3663192706C119850AFE0DBB101DDBE9E22B449E4DCCF33A0A31F0D14E2A4346; SizeAsReceived:7129; Count:36
x-tmn: [+EUP8BvRY7s5LMNNL4SRyYNBXeXsOm39]
x-incomingheadercount: 36
x-eopattributedmessage: 0
x-microsoft-exchange-diagnostics: 1; CO1NAM03HT183; 6:dvMG96Ndw/1ZbfnhcZKi1wldHLIbVac03AlAv4U78//tc6V1oKrfMWn9rRStJr4zJLyebkjUXvQFnan/A9JuhJ3SYnBunSdlHhfC7bVtGArSXkh151jd22ZdeucUgt8c3yM5AFIDbQiwvuBsSS2OqzGzK8Ho22g5pd9QVhw+abftgJU3zoyXhr0DW8n4iIBAI0W1iznvlyTH87pKpdoELkCGXQi+8+KI/EDS2Ivt3iwsJuyboISOUZuFMw5Rf+S953hOlP+obqmYLyQwZhAtXxQ7G/C3BW7F+oX7A/zEL/Q=; 5:PRmAuZ83EtB3ssMJqQ3jHZzOeStnH48nFXocKz8118n00U3VF5Y6jOP3vG2NYEOZk8MDWOimd5lIUI4K515RUBzOhVEKZAIGvr/Zd35U2xWLUifakL+h3iLP258N5ptvetbrgfOaXR+xaczXqZ1zdw==; 24:BZtmBeJeztct5sqIHfUqoAUnLR+KM1eQOliov2S0iwnkBKQaXU8+97TMTm+/QEH/EOS7xJPwF90FKSZT4V7mh2pd5rlw5xDYDWzB+Cd9Gc0=; 7:pMB5QE/ZxRBengZlH62CC4hfu8lFQVSWCURPaCFMuZfrvqOPZQLOTpNNBYoPnff3ORZAIyfDMZyN+Vm3hVvCH6un5iEzMGM7ZccLE4qlYmGA0/XpaeT+mvz5JwtUPIGCLyHGLhOAA+/w9qP0JTmoH57NDs8VBqy5ZAzsfwiDgLDy9thc820PU6K7XukoUZM9XK3N8Nmuv3oFKSBHSwJzmXKpepXLvRYq9UKIm4Ke6ICzsxn9Y35jOEsBqt0fm8NRhAGke7xxEc0OMnwnwDanqBesu7zENv6acNNLht8fvh6ZnOwAwVUm8yk5cgMsxsT0
x-forefront-antispam-report: EFV:NLI; SFV:NSPM; SFS:(10019020)(98900003); DIR:OUT; SFP:1102; SCL:1; SRVR:CO1NAM03HT183; H:CY1PR15MB0778.namprd15.prod.outlook.com; FPR:; SPF:None; LANG:en;
x-ms-office365-filtering-correlation-id: c85d1241-fd6f-4bd3-cffa-08d3e0e0431c
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(1601124038)(1603103081)(1601125047); SRVR:CO1NAM03HT183;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(432015012)(82015046); SRVR:CO1NAM03HT183; BCL:0; PCL:0; RULEID:; SRVR:CO1NAM03HT183;
x-forefront-prvs: 0070A8666B
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_CY1PR15MB0778D9D3AE6022E4F268B534FFF40CY1PR15MB0778namp_"
MIME-Version: 1.0
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Sep 2016 22:56:59.0477 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Internet
X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1NAM03HT183
X-OriginalArrivalTime: 19 Sep 2016 22:57:00.0876 (UTC) FILETIME=[219BF0C0:01D212C9]
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/4BbciCpLCPnIFk3UodGFoY7DNPs>
Subject: [TLS] Should TLS 1.3 servers send "signature_algorithms" extensions
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Sep 2016 22:59:49 -0000

Hello,

There seems to be a conflict in the TLS 1.3 spec on whether servers should send "signature_algorithms" extension or not. In section 4.2.2 Signature Algorithms<https://tlswg.github.io/tls13-spec/#signature-algorithms>, it says:
Servers which are authenticating via a certificate MUST indicate so by sending the client an empty "signature_algorithms" extension.

But in section 8.2 MTI Extensions<https://tlswg.github.io/tls13-spec/#mti-extensions>, it says:
Servers MUST NOT send the "signature_algorithms" extension

So should a server send am empty "signature_algorithms" extension or not in ServerHello?

Thank you!
Xiaoyin