IETF Logo Mail Archive

Re: [TLS] Status of X.509v3 TLS Feature Extension?

Nico Williams <nico@cryptonector.com> Tue, 29 April 2014 21:57 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 50B681A09D8 for <tls@ietfa.amsl.com>; Tue, 29 Apr 2014 14:57:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.044
X-Spam-Level:
X-Spam-Status: No, score=-1.044 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, IP_NOT_FRIENDLY=0.334] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fQ893u8FOsFF for <tls@ietfa.amsl.com>; Tue, 29 Apr 2014 14:57:55 -0700 (PDT)
Received: from homiemail-a87.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) by ietfa.amsl.com (Postfix) with ESMTP id A94141A09A9 for <tls@ietf.org>; Tue, 29 Apr 2014 14:57:55 -0700 (PDT)
Received: from homiemail-a87.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a87.g.dreamhost.com (Postfix) with ESMTP id 9402B26C05E for <tls@ietf.org>; Tue, 29 Apr 2014 14:57:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type; s=cryptonector.com; bh=ztvdjSWf9eVAMTTLqGHO T8fHKGM=; b=sykK73yb4Vm50zDq4KLEOwomyZ0IAjvAIsfwt2LsvtlWAbkEbEKF d62Me9g97rvhnYJ46a7vjgGbxmTXzJHYyXYNcXprUxcwd9XOAaqApW93jFYBARru FsppiwdBL4f0/Ek/tRzeSGb46j7aAeg7UsUl8C3gAQzZ/9IIr5jDyXo=
Received: from mail-we0-f172.google.com (mail-we0-f172.google.com [74.125.82.172]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a87.g.dreamhost.com (Postfix) with ESMTPSA id 446CB26C05B for <tls@ietf.org>; Tue, 29 Apr 2014 14:57:54 -0700 (PDT)
Received: by mail-we0-f172.google.com with SMTP id u57so856296wes.17 for <tls@ietf.org>; Tue, 29 Apr 2014 14:57:52 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.194.57.38 with SMTP id f6mr257584wjq.59.1398808672746; Tue, 29 Apr 2014 14:57:52 -0700 (PDT)
Received: by 10.216.29.200 with HTTP; Tue, 29 Apr 2014 14:57:52 -0700 (PDT)
In-Reply-To: <CAL9PXLw5=wUsWBFGdFOPumXP4qJJx91_8Z7H0gjFvzWd4wAObA@mail.gmail.com>
References: <2A0EFB9C05D0164E98F19BB0AF3708C7120C61F669@USMBX1.msg.corp.akamai.com> <20140428180218.C805D1ACE1@ld9781.wdf.sap.corp> <m2r44hw86f.fsf@localhost.localdomain> <CF855F95.39E86%paul@marvell.com> <CAL9PXLzCOyi2eWF39+oj0uEFWoU4muYBNm3hRYuZ-vepPxgN+A@mail.gmail.com> <CAK3OfOj+1Lm1fAGY8OYauE8LhTSCNoAo6bHYsy11=NSUmGTmCQ@mail.gmail.com> <CAL9PXLw5=wUsWBFGdFOPumXP4qJJx91_8Z7H0gjFvzWd4wAObA@mail.gmail.com>
Date: Tue, 29 Apr 2014 16:57:52 -0500
Message-ID: <CAK3OfOj-EPqdn8Bmn8qHpE06DtL74cvNU1hB1OD6CBg34wO5qw@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: Adam Langley <agl@google.com>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/5rSbKvI6w75erjtAX2zWCMxqe_w
Cc: Geoffrey Keating <geoffk@geoffk.org>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Status of X.509v3 TLS Feature Extension?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Apr 2014 21:57:56 -0000

On Tue, Apr 29, 2014 at 4:25 PM, Adam Langley <agl@google.com> wrote:
> On Tue, Apr 29, 2014 at 2:22 PM, Nico Williams <nico@cryptonector.com> wrote:
>> Why couldn't that work?  There'd be a need to cache OCSP Responses for
>> intermediates, sure.  What else?
>
> That's totally viable, I'm just suggesting that revocations of
> intermediates are very rare and generally involve browser pushes in
> any case. So the effort of getting a server that does multi-stapling
> over just stapling, and of shipping the extra OCSP responses in every
> handshake, might well win out. I think it would be quiet reasonable
> for a site to have Must Staple just for the leaf certificate.

I suspect that for intermediates closer to the server it'll be best to
staple responses.  For intermediates closer to the root issuer it'll
be best to deal with pushing.

We have to consider environments where long cert paths are involved,
and where network connectivity isn't universal.

Of course, in bridged PKIs the RPs have to handle revocation checking
for part of the cert path anyways.

I think the right thing to do may well be to implement full stapling
but configure partial stapling as appropriate:

a) stapled OCSP checking on the client side
b) CRL checking / push on the client side
c) full _and_ partial OCSP stapling on server sides

d) server admins need to configure stapling (and refreshing) of
whatever length of the server cert chains is appropriate, from the
leaf towards the root.

Nico
--

v2.23.0 | Report a Bug | By Email