Re: [TLS] [EXTERNAL] Re: Servers sending CA names

Andrei Popov <Andrei.Popov@microsoft.com> Wed, 12 April 2023 21:20 UTC

Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DEB3BC1524DC for <tls@ietfa.amsl.com>; Wed, 12 Apr 2023 14:20:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nq2og30l1aVu for <tls@ietfa.amsl.com>; Wed, 12 Apr 2023 14:20:11 -0700 (PDT)
Received: from DM5PR00CU002.outbound.protection.outlook.com (mail-cusazlp170110003.outbound.protection.outlook.com [IPv6:2a01:111:f403:c111::3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DF6EBC1522D9 for <tls@ietf.org>; Wed, 12 Apr 2023 14:20:10 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=CXZnouBPpe7FC8vefgSqnCN9T/ceiMTDLX2AJbEw7fIjfq87PW/fO5t8C2Qr9e3sWJKwoWdLaJ687CBJuu1QMhyaDMGwKyA2YG7IvzaT+mCnYgdFocnoY4SvG3CUkrqtjr0+D3Mxgla941knf1zh3Y+ZIRwmZKvigSQHShqkGmxtPRITWcrDzjAHY4cQK4/Vd55wmzRI2X05QzevU2og/UsaXmseHSyVnwYDTPIB981CqQfP0H5eTZMVLXF1gxWvcoEe08zOFNxiPzH1t60nTZtwVSE8gRTpqBVDhpvLLZ4DgvvOQtD1c3/jbMvbEeAGNgsr0Z9+9+Y9pkIO00quNg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=yg59jRVvVgZbSB9Zv4GTdrYFmxNza1Bvu6cXyBGcXsI=; b=emhKJrU+hhnFfnZnYVwndTKces4V9nB4gHUKq3r9R/4+oRnMntykq3aF9dKqgItPPHVEQJXFvhyFGu6o0TyLOx1lL4OG2IFIdWJn4+hR4I8woVs6el2Tx0pFV/U+o2Q1bln9UZ1E2IslZ6ZkC2NKGKfiT82xcVdObjB+y8pbJIWByXdBVYqVS3zGRGxYZWxZ7UrcX7bM5k+j1swmtZc708wBG3PzYrwLKLGX9PI/bljpX6M5ow1BruduXgL5M14EJqC5M/g1cq01iMOJsYVhmF8LPT2p0e1RHuv9DOqkbUVA66B9yQt3Cso0E8jajppgZvUDFOqJMore3Ui43uvsOA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=yg59jRVvVgZbSB9Zv4GTdrYFmxNza1Bvu6cXyBGcXsI=; b=UFWUMia3b6t8ygLtUjX4HvEdcB0/sOn+E8viDSvvTFqGv8rG0RGA2q323Q/5BJwmHZGmQf5XPs4HeSHVqAYMpdnRzM1Dw4EEqh8qAtNMEghrE36xNKG3n1KTC+gleHK1z5B1AApUvgWALSWpr8obixeQ5SZKo3/wE/H8BCDv02Y=
Received: from BY5PR00MB0675.namprd00.prod.outlook.com (2603:10b6:a03:208::8) by BL0PR00MB0753.namprd00.prod.outlook.com (2603:10b6:208:1c2::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6338.0; Wed, 12 Apr 2023 21:20:04 +0000
Received: from BY5PR00MB0675.namprd00.prod.outlook.com ([fe80::a263:65b8:a7de:957f]) by BY5PR00MB0675.namprd00.prod.outlook.com ([fe80::a263:65b8:a7de:957f%3]) with mapi id 15.20.6337.000; Wed, 12 Apr 2023 21:20:03 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: David Benjamin <davidben@chromium.org>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [EXTERNAL] Re: [TLS] Servers sending CA names
Thread-Index: AQHZbX8pwn/3qKB5+0e2MbhfPCZiVq8oKGqAgAAEegCAAABXgA==
Date: Wed, 12 Apr 2023 21:20:03 +0000
Message-ID: <BY5PR00MB06757280F69B9C6D55AD2B048C9BA@BY5PR00MB0675.namprd00.prod.outlook.com>
References: <51B56747-0347-43AB-93A7-C3FDF49902D2@akamai.com> <ZDcbv4g5-tjN-Mu-@straasha.imrryr.org> <CAF8qwaBaOq1_Ow_vtB=DGjjDkAx+N+CPMpfn1huP=DRsCiFtaA@mail.gmail.com>
In-Reply-To: <CAF8qwaBaOq1_Ow_vtB=DGjjDkAx+N+CPMpfn1huP=DRsCiFtaA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=98dee532-3772-4f78-b9cc-7eaedf2828da; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2023-04-12T21:16:57Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BY5PR00MB0675:EE_|BL0PR00MB0753:EE_
x-ms-office365-filtering-correlation-id: 1cfb78bd-1064-44d1-9636-08db3b9baea6
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: yu+G3HU13GMTnoUBAQndK6l0ig/FQyfr2V8Y23wO1H1r7h6UOFBAYz157nJHAU1uQMm3rKuKhjtDS9w73xNokNMdHTdzjm9r+/QcyBZhwcKa4MC4TmMxPVpk1cPTl01NhLLEyKuRCpRi6S0uvDWohMHq4Zk7gSiKK+7Gr6MtV5iU2heGbRY30104ZeFfqK376Pc7/53rsNvN89MPnhw4UTIikCq9Pqd5+bMdhfjzXD9pvI6sWQdAeeV5O9xxNSWdiZN1ms07mmMVp3BSbb3JNIAR27eFauViL0Q3q0Nr5AWvpFHcToyUFv6laO9k7Sl8GmeP38VZYOt0D7Gu6Gh2oxto5cBgSPWay523f02Oe1nu0wsfpMt3QPrMIcJWrOy07FYsFmc/vbUsmrn+0YyXXlAoNkpqYp11gMxJ9XUgv7GNEbFIo3G8dZRHh8HyHIrs5PCE6zyDkurNXBH/8Yw0hpw1/f0fabm58/HkTkUlT3CDMvFnbg9U9bVi3P3TYuh2ZFL61VYM61mdLdi4adKn7IYvhOKndpWLn/ZPp/V2npXJOhuDYOYP9OFrh9Orj3j17E/ouprOP6U6xe6lx2fyzF5wUom0RFMxmBPB4eW/PwYtpWUnOc5s8buiv3B5MKWdXWLNW5X3oJF1QiDEggrNgQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR00MB0675.namprd00.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(4636009)(39860400002)(396003)(366004)(376002)(346002)(136003)(451199021)(55016003)(786003)(9686003)(6506007)(186003)(53546011)(83380400001)(41300700001)(10290500003)(478600001)(316002)(110136005)(66556008)(66946007)(66446008)(66476007)(64756008)(7696005)(71200400001)(966005)(76116006)(38070700005)(166002)(82960400001)(82950400001)(38100700002)(122000001)(8990500004)(86362001)(33656002)(8676002)(8936002)(2906002)(5660300002)(52536014); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 8NgmGhU98u74VwpLX+u4gd5ywWfu097GdJh+zDJtKy8SwoCiixFgYl5TIkoHU1nZYiOfM4LqzUfHLNrrtsENWtitfF+lJEE3Y9+9VONpG6k8wJcSMI3+Wnxn4IuU7o0FJWghTcWur4JV78VGuxqyp+nIJsvk8RdOnGvMUGXuGpxv3FX7ThgkgiN+UdLEtEp5DwM7l0+Vt8nUSLkst2Sv1BfBfTUQ0MZKo2nr7BjGv9ICXOgNB3VEoK2uJjYWwtjb2lAm8K/4zj+VFWF8NHcW6/XuECN8scwg6w6oI7pS2R5iPMmXxlwELatYr7QgDjeTOZqfvQg4mlgfJxfpoiU5NHIaRYGJaxFPQuwhlAtK910WMnhPVT0MqFUqZowN87zyuYQAYLbMPsEBGtDwQJLM8j1wnhueNNHC/bS13uWh3U0nNhgId5PmKXd8hgsG6KdvmF2IPIRqhmqcs3Kj8F+fgk5S8t4RWUPaldNt5BWc+3ozFcVlvUAoQv4AHtLAvs1DmjG6xUz+zWnh0yKRpSb3uDot1gq9SmpWJiuFYKI5KXyvTFIMbSmcE3yCmwZLY6L7gdQyWd13BHKQzAbQjvex2y+FJ7p4GQZUTeSJLAqq9It2goFDj2cTsFpM9389CMjAI5W2BHY10Ec9gUX5kNj+LLQX+6uAQGiIym2X37NA7KSC/bFXqMvDHdTlZmXaiCn9pfrNn0/RLVHcQroeywMETDlUOXTF0eHhucj/akKjV4f1TZ7Mpr3M80I2aaWL/rfcEu2tp0HkeLkb8rbuLcljGHcbW4zzvA8/DqMqB5BCnCu5uziuLO63UWdgzICgWtDp9PNtzvTMb9yEjM4teQBTJAZkBKkdT5iSW/XXWhALJAB5myg3ES7dtxj5B84JtPt+1RbsPVZpAVjnPzr5RxzS1aOXfBRUZxlh/lw+WmP+cj+NETm9Hnd/vvHNaTPQqiyPI8P2Q8TImZf1L7aFY+fH5QjIicWjfMotC+IFTOC0xCSNUijcw/mtAKMkzeSXv6UZ07v3q/pQkMuigcsLzkYdETYvNTY/UYk5e67mbqO9yyQIzskhk0vCvb5XI7i8mqufYsFyCnLzaL8UXrdQ2alxjDtKEUOYbbH74UMCz41ej/N884iIwKN2M2Zs+IR+b7HoO+5b9pSKDutQ3HfMJfwuX72jy4x0ZN/gqIpYCmN9PlZyiaNbu/sDfigG9ZfPBjAIeOCr14WxHn5HYOZQM0X/e/cLzyhEIaRYs6cyn9rKExhkIyCTgDTmkVhJACjkhGb2m5+jMRkd4zvfwWF8jdpHTCLBE2DKAbGUsAEFsD4IBL/n2A45CkuRgH+3obEkLvbmEnATrRUIV8wqZsdc4rgGMojueGX2WdBzAwjBM4mFwlr/WJO9L4+KBtH/KctHv+RFs3BxuIyj2n6D0WhOhhpquGlta1P+8bvoTwM0hwR0hBsr41x6vOc6U6PaBP+xABhJo/jZSGLwVvSZEjLG2yMfjsXA6UOdxMduMTSLSP7JiuK3rcq1WgR/mt0ZszazG3N5hAiYu5+S9mGmNDxCb9suoEaEYC1WdLCzuw8pNBSJyw9DZSKRz3C/mY0UI0dBVhOiCXU+6GD+V7hcGl74LqPGTUbkaz7ix8xOkud/uu4bh+c9iBIYo2MZjRp3YCzDYOaT
Content-Type: multipart/alternative; boundary="_000_BY5PR00MB06757280F69B9C6D55AD2B048C9BABY5PR00MB0675namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR00MB0675.namprd00.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 1cfb78bd-1064-44d1-9636-08db3b9baea6
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Apr 2023 21:20:03.8652 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 6eyV8ioWU2aB7x3gWoR4M/EygU/n52BizZ1FckSVEqvzWzorj2cK0oQjaF+8E5hhl5pmhAtpfrYriDCRibJvLg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL0PR00MB0753
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/4rerbkQXwSYz8OUPsgSdrKA8mWk>
Subject: Re: [TLS] [EXTERNAL] Re: Servers sending CA names
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Apr 2023 21:20:15 -0000

Windows TLS stack uses them (when available) for certificate selection. Schannel-based TLS servers don’t send CA names by default, but can be configured to do so.

Cheers,

Andrei

From: TLS <tls-bounces@ietf.org> On Behalf Of David Benjamin
Sent: Wednesday, April 12, 2023 2:16 PM
To: tls@ietf.org
Subject: [EXTERNAL] Re: [TLS] Servers sending CA names

Chrome also uses this to filter the set of client certificates when asking the user to pick one. We also sometimes use this to figure out what intermediates to send, in cases where the server does not already have all its intermediates available. (Though this is not very reliable and OS-dependent. Client certificate deployments are a bit of a mess.)

Omitting it may be fine in contexts where you expect clients to only have one possible certificate chain and that they have a priori knowledge to only send that one. That can make sense in machine-to-machine communication, and makes less sense when the client is a human that needs to make decisions about identities to use.

I agree with Viktor that this isn't any more optional in TLS 1.2 than TLS 1.3. Optional and non-empty if present vs. mandatory but may be empty express the same set of states. It's just an encoding difference, motivated by extensibility and client/server symmetry, not changing client certificate expectations.

On Wed, Apr 12, 2023 at 4:59 PM Viktor Dukhovni <ietf-dane@dukhovni.org<mailto:ietf-dane@dukhovni.org>> wrote:
On Wed, Apr 12, 2023 at 08:41:31PM +0000, Salz, Rich wrote:

> Is this generally used?  Would things go badly if we stopped sending them?

I take you mean sending CA names as part of a certificate request.

    https://datatracker.ietf.org/doc/html/rfc8446#section-4.3.2
    https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.4

Yes, many servers send a non-empty list of CA names as part of
certificate request, and some clients (notably some Java-based clients)
fail to complete the handshake if the request does not list an issuer
associated with any of the client's available certificates.

So servers historically have been able to get away with an empty list,
hoping that the client will then send the only/default certificate it
typically has on hand (or not send any, but still continue the
handshake).

It looks perhaps like CA name lists are "more optional" in TLS 1.3 than
they were in TLS 1.2, but this impression may be just an artefact of the
separation of the CA names to a separate extension, rather than an
actual change of expected client behaviour.

--
    Viktor.

_______________________________________________
TLS mailing list
TLS@ietf.org<mailto:TLS@ietf.org>
https://www.ietf.org/mailman/listinfo/tls