IETF Logo Mail Archive

RE: [TLS] TLS 1.2 hash agility

<Pasi.Eronen@nokia.com> Fri, 28 September 2007 08:59 UTC

Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IbBhX-0002Nn-3a; Fri, 28 Sep 2007 04:59:59 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IbBhU-0002Nb-UI for tls@ietf.org; Fri, 28 Sep 2007 04:59:56 -0400
Received: from smtp.nokia.com ([131.228.20.170] helo=mgw-ext11.nokia.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IbBhM-0001vr-IW for tls@ietf.org; Fri, 28 Sep 2007 04:59:54 -0400
Received: from esebh106.NOE.Nokia.com (esebh106.ntc.nokia.com [172.21.138.213]) by mgw-ext11.nokia.com (Switch-3.2.5/Switch-3.2.5) with ESMTP id l8S8xHLo026329; Fri, 28 Sep 2007 11:59:36 +0300
Received: from esebh103.NOE.Nokia.com ([172.21.143.33]) by esebh106.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Fri, 28 Sep 2007 11:59:17 +0300
Received: from esebe105.NOE.Nokia.com ([172.21.143.53]) by esebh103.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.1830); Fri, 28 Sep 2007 11:59:16 +0300
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [TLS] TLS 1.2 hash agility
Date: Fri, 28 Sep 2007 11:59:16 +0300
Message-ID: <B356D8F434D20B40A8CEDAEC305A1F2404A52680@esebe105.NOE.Nokia.com>
In-Reply-To: <200709272356.l8RNu5Zr017321@mgw-mx02.nokia.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [TLS] TLS 1.2 hash agility
Thread-Index: AcgBYf0RetUayb2DT/+R0QRL+OiW0wASrWkA
References: <46ABB82D.8090709@pobox.com> <46ACCCCB.8000201@pobox.com> <B356D8F434D20B40A8CEDAEC305A1F24046B2496@esebe105.NOE.Nokia.com> <20070914215611.0342933C21@delta.rtfm.com> <46EB102E.2070900@pobox.com> <20070914225606.9E9B433C21@delta.rtfm.com> <46EC2AE7.9040903@pobox.com> <20070917185820.6E7CC33C3A@delta.rtfm.com> <46FA745A.3070305@pobox.com> <20070926152907.8A60B33C23@delta.rtfm.com> <46FA91E8.5020303@pobox.com> <46FB4397.6040203@pobox.com> <B356D8F434D20B40A8CEDAEC305A1F2404A1F1D7@esebe105.NOE.Nokia.com> <200709272356.l8RNu5Zr017321@mgw-mx02.nokia.com>
From: Pasi.Eronen@nokia.com
To: housley@vigilsec.com
X-OriginalArrivalTime: 28 Sep 2007 08:59:16.0867 (UTC) FILETIME=[D96A9530:01C801AD]
X-Nokia-AV: Clean
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 52f7a77164458f8c7b36b66787c853da
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

The "_sign" part in "rsa_sign" also means that the cert has to 
contain a RSA public key that can be used for signing. So
if we defined a new type, it would be called "rsa_sign_v1_2" 
or something...

At this point of the protocol, we already know what protocol 
version was negotiated, so changing the semantics is possible 
without ruining backwards compatibility.

Besides, it wouldn't be enough to define a new "rsa_" type; 
this issue applies to all client certificate types, so 
we'd have to obsolete all of them ("MUST NOT send any of these
if TLS 1.2 is negotiated") and assign new numbers. This would 
also require revising RFC 4492, which I'd rather avoid...

Best regards,
Pasi

> -----Original Message-----
> From: ext Russ Housley [mailto:housley@vigilsec.com] 
> Sent: 27 September, 2007 19:26
> To: Eronen Pasi (Nokia-NRC/Helsinki)
> Cc: tls@ietf.org
> Subject: RE: [TLS] TLS 1.2 hash agility
> 
> For backward compatibility, wouldn't it be cleaner to add a new 
> rsa_xxx type to indicate the different semantics.  The new type would 
> not be supported by non-TLS v1.2 implementations, nut the handling of 
> rsa_sign wouid be the same in all cases.
> 
> Russ
> 
> 
>   At 05:41 AM 9/27/2007, Pasi.Eronen@nokia.com wrote:
> >mike-list@pobox.com wrote:
> >
> > > The only thing I could come up with is that putting the list of
> > > signature algorithms in the CertificateRequest is a change to the
> > > format of that message, so it requires version-specific 
> processing,
> > > whereas if you use the server extension, the format of Certificate
> > > Request is the same as previous TLS versions.
> >
> >CertificateRequest will require version-specific processing anyway,
> >because its semantics will change. For example, in TLS 1.0/1.1
> >ClientCertificateType "rsa_sign" meant a certificate containing
> >an RSA key, and signed with RSA. In TLS 1.2, it will probably
> >mean just a cert containing an RSA key; the signature algorithm
> >part will be specified separately.
> >
> >(Another difference is that in TLS 1.0/1.1, clients that didn't
> >have certificates often just ignored CertificateRequest;
> >current draft of TLS 1.2 mandates sending an empty Certificate
> >message instead.)
> >
> >Best regards,
> >Pasi
> >
> >_______________________________________________
> >TLS mailing list
> >TLS@lists.ietf.org
> >https://www1.ietf.org/mailman/listinfo/tls
> 
> 

_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

v2.35.0 | Report a Bug | By Email | System Status