IETF Logo Mail Archive

Re: [TLS] Distinguishing between external/resumption PSKs

Nikos Mavrogiannopoulos <nmav@redhat.com> Fri, 20 September 2019 11:32 UTC

Return-Path: <nmavrogi@redhat.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8C20A1200D5 for <tls@ietfa.amsl.com>; Fri, 20 Sep 2019 04:32:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.299
X-Spam-Level:
X-Spam-Status: No, score=-4.299 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhat.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2v7HUugl3-27 for <tls@ietfa.amsl.com>; Fri, 20 Sep 2019 04:32:19 -0700 (PDT)
Received: from us-smtp-delivery-1.mimecast.com (us-smtp-2.mimecast.com [205.139.110.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1D531120018 for <tls@ietf.org>; Fri, 20 Sep 2019 04:32:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1568979137; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=/WA0s7Z2rMvGpyx0sOXpsrXgGpgf2QBGvZRf8EULOeU=; b=ZEICh8Gag6ZbPfyzl7KNHuEdW0PbERoj6o5uljdovSOKrFJDoIBR60FTR3Cq/kGzW1TC0s yLzEcsSnDEfc+D3dOSvgpaxzvRsnPLf+rsSckWOTwhHbE+Ds8uMvMiRgLpeQJan6v4kPYO pt+/EjnBDqtTKdsCj8wQdHqYrIEbVA4=
Received: from mail-ua1-f71.google.com (mail-ua1-f71.google.com [209.85.222.71]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-38-NO7oiZdIP1e-cz2Pw1Z2ZQ-1; Fri, 20 Sep 2019 07:32:15 -0400
Received: by mail-ua1-f71.google.com with SMTP id q60so1321017uaq.11 for <tls@ietf.org>; Fri, 20 Sep 2019 04:32:15 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=hdaPW2k+dluzTRDHnZTz922ttsWcCF/HwPxkXhuGgDU=; b=YCm+6JqRaG5B556RlDWGboxVUqiuj0ucK4o20Xi/QB/Jv+3Cw/z1D4Ko+AE3/mwNZV ASbNy96ZZztLIB6sYKaGCio8b/6VSKkc1URDPt9SFoXesWOaFaCZR3+aIabsehl7uJho CtDoR2AdjnZ4GvAJ9KR/RGxrRqaKT8KwbtPld8or3EsFXvePK91n00lxmFOfnO2r9kt9 BSBET3pbjq8BbKqtdWGAJTcQnd8ovJl/tdmQUDzTxkYqQWxycWqV8hl1+10ImJA6CefC paV4uRasc5y6VwswXkuF/UUQeFjTxvWNi6DwAGd3qde983HkrbZD6dabZiVLqympZgYB 3Jjw==
X-Gm-Message-State: APjAAAUUrav4lBkRcge8hocO3i0LzY8hpPqIS99cq+yuieLHFmCHpdYb 5hnEX/RHxqjbx/lJCO7Plwe8pLqrhZVxJLGOFgSA6icK8/PBhhfBSv4bOqfMAeRCrYMPZ7UDvW9 qhJj63JeY8rUPTr/TrD8=
X-Received: by 2002:a9f:3713:: with SMTP id z19mr8637036uad.126.1568979134799; Fri, 20 Sep 2019 04:32:14 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxWhpJgOoJvVnmaD37Une4PtzRiy+SiHAaGy7Sy9pwif1Ds/OGUl+rtMyFSKWRbxk0/zkbdUraLmsRqXV+i3Wk=
X-Received: by 2002:a9f:3713:: with SMTP id z19mr8637021uad.126.1568979134576; Fri, 20 Sep 2019 04:32:14 -0700 (PDT)
MIME-Version: 1.0
References: <CY4PR1101MB227834A5DF828F000C6D1144DB890@CY4PR1101MB2278.namprd11.prod.outlook.com> <CACykbs2qp0EDa3pGfFpQY6rgruJD1f-6mZ_B5KF8kBkrXD9caw@mail.gmail.com> <CY4PR1101MB227871FEF520A88CF65BADF6DB890@CY4PR1101MB2278.namprd11.prod.outlook.com> <CACykbs3aQxM3kxa3khOYbj8naXfcaPmSOKY01nAsuAyfEWYkzg@mail.gmail.com> <CAL02cgT73q0iOj=7fMsneQwjAFFDnSYM92MhV0adSfU2qOCurQ@mail.gmail.com> <CACykbs2=e9LvnvvU=zOWuzqeU4aYXOA3SPWBwQGyPcW6QjrSkA@mail.gmail.com> <CAL02cgSuFGNd26TS8bNbjhh+YEYVbAH5TQBneeLNyouZemAZXw@mail.gmail.com> <DDFDB072-63F6-4B52-9F64-56772910515D@huitema.net> <20190919183539.GB5002@localhost> <CAL02cgRdeP6noogLiVXzthKGMNGq7gyFhPKqHGQCsrACg9Cs5A@mail.gmail.com> <20190919214851.GC5002@localhost>
In-Reply-To: <20190919214851.GC5002@localhost>
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Fri, 20 Sep 2019 13:32:03 +0200
Message-ID: <CADh2w8T+zxaJ8+Wju-NbCq+Sh-qF3mkda3SY2izPh8Zk-Sq6Eg@mail.gmail.com>
To: Nico Williams <nico@cryptonector.com>
Cc: Richard Barnes <rlb@ipv.sx>, "tls@ietf.org" <tls@ietf.org>
X-MC-Unique: NO7oiZdIP1e-cz2Pw1Z2ZQ-1
X-Mimecast-Spam-Score: 0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/5HbUg-lSvkzQWxgpQRuu9eKz6Uc>
Subject: Re: [TLS] Distinguishing between external/resumption PSKs
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Sep 2019 11:32:22 -0000

On Thu, Sep 19, 2019 at 11:49 PM Nico Williams <nico@cryptonector.com> wrote:
>
> On Thu, Sep 19, 2019 at 04:57:17PM -0400, Richard Barnes wrote:
> > I don't think anyone's asking for these cases to be differentiable on the
> > wire.  The question is whether the *server* can differentiate, in
> > particular, the application running on the server.
>
> And the answer to that one is "yes", because the server has control over
> the PSK IDs.

You are making a lot of implicit assumptions for that. Consider a
"server" consisting of multiple front end implementations all
connected to a DB back-end. Does that "server" has control over PSK
IDs? A server can also be replaced on an upgrade with a different
implementation, or a different version of the implementation, does
that also guarantee that the server still has control over the PSK
IDs? It looks to me like a hard problem to tackle except for few
straightforward cases.

regards,
Nikos

v2.23.0 | Report a Bug | By Email