Re: [TLS] Possible TLS 1.3 erratum
Peter Gutmann <pgut001@cs.auckland.ac.nz> Mon, 19 July 2021 19:37 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C382A3A3CF8 for <tls@ietfa.amsl.com>; Mon, 19 Jul 2021 12:37:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.888
X-Spam-Level:
X-Spam-Status: No, score=-1.888 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_NONE=0.001, T_SPF_HELO_TEMPERROR=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id resOwn1rZhMU for <tls@ietfa.amsl.com>; Mon, 19 Jul 2021 12:37:20 -0700 (PDT)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [103.96.23.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 81C073A3CF5 for <tls@ietf.org>; Mon, 19 Jul 2021 12:37:19 -0700 (PDT)
Received: from AUS01-SY4-obe.outbound.protection.outlook.com (mail-sy4aus01lp2170.outbound.protection.outlook.com [104.47.71.170]) (Using TLS) by relay.mimecast.com with ESMTP id au-mta-66-ULNqX_bXMrSMfL4GAX8RAA-1; Tue, 20 Jul 2021 05:37:15 +1000
X-MC-Unique: ULNqX_bXMrSMfL4GAX8RAA-1
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com (2603:10c6:10:10b::10) by SY4PR01MB5436.ausprd01.prod.outlook.com (2603:10c6:10:fc::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4331.22; Mon, 19 Jul 2021 19:37:08 +0000
Received: from SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::98a4:33de:1d06:e141]) by SY4PR01MB6251.ausprd01.prod.outlook.com ([fe80::98a4:33de:1d06:e141%4]) with mapi id 15.20.4331.033; Mon, 19 Jul 2021 19:37:08 +0000
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Hubert Kario <hkario@redhat.com>
CC: Ilari Liusvaara <ilariliusvaara@welho.com>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] Possible TLS 1.3 erratum
Thread-Index: AQHXeWfZVoV1kD9i3UmF8KiMIWESdatEADMAgAGM1TeAABZcgIAEloO3gAAWdICAAGeoFw==
Date: Mon, 19 Jul 2021 19:37:08 +0000
Message-ID: <SY4PR01MB6251EDB24FCAAEEFF65B5A58EEE19@SY4PR01MB6251.ausprd01.prod.outlook.com>
References: <SY4PR01MB6251452C5CD94479D34112DBEEE19@SY4PR01MB6251.ausprd01.prod.outlook.com>, <db76d008-f90e-4f6c-ae47-dd4971d8ce13@redhat.com>
In-Reply-To: <db76d008-f90e-4f6c-ae47-dd4971d8ce13@redhat.com>
Accept-Language: en-NZ, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 605966d6-9daa-46b9-3a21-08d94aec98d3
x-ms-traffictypediagnostic: SY4PR01MB5436:
x-microsoft-antispam-prvs: <SY4PR01MB5436FB953B79409042CB8E1EEEE19@SY4PR01MB5436.ausprd01.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: r/WCMH5T7btE4URJrIbVDXRHGmeY1Xv0gvcOxfNWTAvI+EjDstBwLCIbYKwMFmc0FjF9qEr+iDl6JSwnpTyH+JHRCz8ZnGI7oChO2z2gPzY+BDsmZy888uceG6HiSIgtddWo630DZE1mOAXnoKKJy8FV0jXZaw2MdJrpJeB+cM1RZa3FXd31f0193tMQR9RRXlPiiybcbLRA38wJ0ZL/kAUTdb/CT7UIZTgb7tt/vDKLhaUyHuF8P8GchhusjHycCx51vU+Tg94Oc53OZfoegEn3oW+YrFxMyb/4s4HDvfgkjsXhyDK32Jp1SPTv6BM2LbIpGntlrk9wfTQS2Oz+74zzdFtnUX1tUEWopEJCTJ+tjnP3sC1hQ8HjZHVAi/nbPT/ASYbHhj5ah5dedbmxT0Nq0DVf7hqFyNq/mmTfdoI9YVayfG2G87e8xJx+lLxQDn6EQnycPXL6/JrCs2RgdJGcy97bDk957x7Z9l8iuAuJGWd91KiHPyiQqrS3BjzqEViUbYdcet67jOBOM9Hpnzpd2/tbb+DKnZC7zFaPpdpXmE3ccIEjjp0/yUTUsUMF7zd5mkD+H7FrPQ1F+4qGGtRNPjjoEysVKTvIj/bqiR/Cvcoo0+4t33kyECl0P68Sn+x8XFmjFUr+S3maldqRCCdrrsOLwxkxtVRwnImH1DhLB5LgJ4YEF0CQ15nDr7aGzKkrk9cLDH2PzEBV6hvhTg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SY4PR01MB6251.ausprd01.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(346002)(39850400004)(136003)(366004)(376002)(33656002)(316002)(26005)(6916009)(9686003)(6506007)(786003)(8676002)(66446008)(8936002)(52536014)(122000001)(83380400001)(4326008)(38100700002)(5660300002)(55016002)(2906002)(478600001)(71200400001)(54906003)(7696005)(86362001)(66946007)(66556008)(64756008)(186003)(4744005)(76116006)(66476007)(38070700004); DIR:OUT; SFP:1101
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: VN9Dr96cxGMwtOOJ4Iiz10Em4yfhigW+L39ioJgc0ceK0un1EZTsbkMD2PJJcojJwi7WiIIfRCIkRKPQqFCr1eQw3TxP11AtsvNcfR0354BCPpQw+bXBUyfkTNFDxTwMp5Sqr9DSPgSx6EDIFtRsYT3DwNG4jMBpkLSGcIz5tqXGe5VuGh68UMozviJ9T5W/hr+xjqpoVnejFzhW9NmrZStlti1YS0G3woNa7etONTUcbE7ordipfcddu4ghAcKqIoUl1vUmrcMHD+Q0pIi+QT7Gu3kSOVqz2jZ4OLLLST7mBpdvH8C/wwi9WsCQ1IoLuIXhuhzSwXk52cTvYpaSH5ohH+d7Ng3k0+toqJX+FTWsA8qRak9B7l/SYCI4NSemxMU1VYhVAsAoKdpe2O2H5W/etzT1b6zqx1Bt5xQinktt8MEEaUAiPQ90T3XVqbioXMbvhKJkaeBy4GMDWUbq0EF1htim/S7NqBb5XXtyktibin1vPYqVmxrnmL9SVl2rX7Kr6EQHtlqXXvnQkKvcdpRyvgyBjEjvBI/hQBDst++vMuhcgq6VZG8yUn98YmRUVG2TDJpalhhiVu/BSpoJD1qEH69+B9kVl5ZFv+NoDESX8CV8XVc7JEdEs71Z1vOoJ+FsnboMk6FbNBpqhj6EPmRJJXGrU6QIouK+ienB7NVZ26uWnUzKjabs8KhXE0K2vznNAKCCKVNBHbNPzLtH27XQJflZTW4/V9zgcYfzDgV5qbYsuigiTP+3QQn81ZA0/Nd3LkcyQmakn0PEWR7WX8sxYqpJkau6JxP4qehHbFmkCsmTxXAximyWhyNq8hb73D+ywwRE8uLc6ey4z2RP6ojiSYxDrOiMoiY5/EejjXope5OE+xtencFAEJlFD87Tm68H2Vla+obi2NJQ77TY59eKEEAGX3g0qiFhmyPBlfYCAnuPVrDmIFHNFrrQVs4lV/olde4GcnwOirDn3sdxLIO7PzBDc/TyQ05ruPMv28HvCjeb4wvFciJDwzlO5qpjhyEyhcp/YQiMWwcUHYQuBKdAwCXf+stDWYER77PyfrewXMM3tqSOgauFbeFkvu+IeUA4voyC4/6s5c/KkEHPtOW/PcGxA/OZdazMZZSa2YzKsPUmqJEfhTtU2IDxEffQSSyTV1rl80/+q1LhjWQBrA/6bFTdjDt/E1CFz5jRh0xP85jhDO0blbhZEOuLS6RbPNdzkmF0r7fWV/ke4qBgYDkjZtH+qQSzlsqowMy07OTMGluUQISVSc0aWBMSanq2GH7q0843ytKzT4ovvEExY4qAdvjC4tN+n2u1hzoo6DY=
x-ms-exchange-transport-forked: True
MIME-Version: 1.0
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: SY4PR01MB6251.ausprd01.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 605966d6-9daa-46b9-3a21-08d94aec98d3
X-MS-Exchange-CrossTenant-originalarrivaltime: 19 Jul 2021 19:37:08.4351 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 73EgPBQ/Smwz9pzVkRb2vzZymQfTZtRTVhzi7x1MI3oHnv5S3Pn6NiBnRpMSenP/sCyf5obroA3vL+p4+KucsoXh9IygcK1doidfMivC6js=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SY4PR01MB5436
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset="WINDOWS-1252"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/84cBIiqAu0bknty4FrqCs7pfbRM>
Subject: Re: [TLS] Possible TLS 1.3 erratum
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Jul 2021 19:37:25 -0000
Hubert Kario <hkario@redhat.com> writes: >It only doesn't matter if you don't want to verify the certificate... > >It's one thing to be able to be able to verify an RSA-PSS signature on TLS >level, it's entirely another to be able to properly handle all the different >RSA-PSS limitations when using it in SPKI in X.509. Is there anything that's jumped through all the hoops to implement the complex mess that is PSS but then not added the few lines of code you need do verify it in certificates? And if so, why? In any case it's still encoding a minor implementation artefact of the certificate library being used into the TLS protocol, where it has absolutely no place. You either do PSS or you don't, and the TLS layer doesn't need to know what magic number you use to identify it in certificates. More to the point, for a number of certificate libraries there's no way for the TLS layer to know what magic number is used because it's a minor implementation detail that isn't exposed in the API. Peter.
- [TLS] Possible TLS 1.3 erratum Peter Gutmann
- Re: [TLS] Possible TLS 1.3 erratum Eric Rescorla
- Re: [TLS] Possible TLS 1.3 erratum David Benjamin
- Re: [TLS] Possible TLS 1.3 erratum Nick Harper
- Re: [TLS] Possible TLS 1.3 erratum Peter Gutmann
- Re: [TLS] Possible TLS 1.3 erratum Ilari Liusvaara
- Re: [TLS] Possible TLS 1.3 erratum Peter Gutmann
- Re: [TLS] Possible TLS 1.3 erratum Hubert Kario
- Re: [TLS] Possible TLS 1.3 erratum Martin Thomson
- Re: [TLS] Possible TLS 1.3 erratum Peter Gutmann
- Re: [TLS] Possible TLS 1.3 erratum Hubert Kario
- Re: [TLS] Possible TLS 1.3 erratum Peter Gutmann
- Re: [TLS] Possible TLS 1.3 erratum Ryan Sleevi
- Re: [TLS] Possible TLS 1.3 erratum Peter Gutmann
- Re: [TLS] Possible TLS 1.3 erratum Ryan Sleevi
- Re: [TLS] Possible TLS 1.3 erratum Hubert Kario