[TLS] Summary of discussion regarding spontaneuous authentication
Martin Thomson <martin.thomson@gmail.com> Wed, 22 October 2014 10:04 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2094E1A8F42 for <tls@ietfa.amsl.com>; Wed, 22 Oct 2014 03:04:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.101
X-Spam-Level:
X-Spam-Status: No, score=-0.101 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Wl3_-BO4yN9B for <tls@ietfa.amsl.com>; Wed, 22 Oct 2014 03:04:35 -0700 (PDT)
Received: from mail-la0-x231.google.com (mail-la0-x231.google.com [IPv6:2a00:1450:4010:c03::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE3571A038E for <tls@ietf.org>; Wed, 22 Oct 2014 03:04:34 -0700 (PDT)
Received: by mail-la0-f49.google.com with SMTP id q1so2590144lam.36 for <tls@ietf.org>; Wed, 22 Oct 2014 03:04:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=gXra75ws/auwwjlgIxQnCUwGeeAl6w78pXV7y5+6AMo=; b=fRuzjSSrLoOeuMwClkc0TJ1UQAzVrUosREDVsPMv70v9M+UVApQm1H0xeORdmq2t1G rtBowskKt5eNh8G7kh9cVqQPj1uygHBWlUB4Y45vNSROqJCttOaxgM3DR3xoh0scz5fi 3BrHFzHTJjGgWWVAayS6GJHp39H0lCOqe+lPrcrjkZwe+YUHfkrGv6Evy/UAFDxG2WL5 +gZ0i/Wekxyll+VRoA54onE/8PZE2s9pqb1CkDhPPwjYokebHMZRy5ItcTQaKr4bhUK0 XmmbTAfBpRW+7b5LnM1my7IJDlwWWBemcwtY+chtKKTDdFpxeR7/1yxfO1k4OqTjNBvy KjoA==
MIME-Version: 1.0
X-Received: by 10.113.5.7 with SMTP id ci7mr41413384lbd.9.1413972273062; Wed, 22 Oct 2014 03:04:33 -0700 (PDT)
Received: by 10.25.215.217 with HTTP; Wed, 22 Oct 2014 03:04:33 -0700 (PDT)
Date: Wed, 22 Oct 2014 03:04:33 -0700
Message-ID: <CABkgnnUAhEV=wLZyTew=ne7VgSq50XYR3Fo5EfjNXc8=_hbpyg@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/8ErjasEXfWIpKtQoGLogc51kLjU
Subject: [TLS] Summary of discussion regarding spontaneuous authentication
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Oct 2014 10:04:37 -0000
The update proposal that ekr sent around was discussed. The primary concern was that the properties of the connection were considered to change with respect to authentication. Any data received before the authentication, or messages that appear partially before and partially after would have ambiguous properties. Concerns were raised that having the authentication attest to data that was sent prior to the authentication would expose us to a variety of attacks that relied on confusion about the state of the connection. There was also a concern that this would be difficult to analyse. It was pointed out that update was still interesting, but only from a rekeying perspective, because that had far lesser risks and no real API implications. If we decided to continue with Update, then we would have a place to add a future extension that re-enabled this feature. I noted that the use case that renegotiation provides was not going to be supported with the proposed Update message, since there was no analogue for the HelloRequest message. All of this led to the decision not to pursue spontaneous authentication.
- [TLS] Summary of discussion regarding spontaneuou… Martin Thomson
- Re: [TLS] Summary of discussion regarding spontan… Martin Thomson
- Re: [TLS] Summary of discussion regarding spontan… Tom Ritter
- Re: [TLS] Summary of discussion regarding spontan… Ilari Liusvaara
- Re: [TLS] Summary of discussion regarding spontan… Manuel Pégourié-Gonnard
- Re: [TLS] Summary of discussion regarding spontan… Martin Thomson
- Re: [TLS] Summary of discussion regarding spontan… Ilari Liusvaara
- Re: [TLS] Summary of discussion regarding spontan… Martin Thomson
- Re: [TLS] Summary of discussion regarding spontan… Manuel Pégourié-Gonnard
- Re: [TLS] Summary of discussion regarding spontan… Watson Ladd
- Re: [TLS] Summary of discussion regarding spontan… Eric Rescorla
- Re: [TLS] Summary of discussion regarding spontan… Watson Ladd
- Re: [TLS] Summary of discussion regarding spontan… Martin Thomson
- Re: [TLS] Summary of discussion regarding spontan… Ilari Liusvaara
- Re: [TLS] Summary of discussion regarding spontan… Martin Rex
- Re: [TLS] Summary of discussion regarding spontan… Salz, Rich
- Re: [TLS] Summary of discussion regarding spontan… Tom Ritter
- Re: [TLS] Summary of discussion regarding spontan… Joseph Salowey
- Re: [TLS] Summary of discussion regarding spontan… Martin Thomson
- Re: [TLS] Summary of discussion regarding spontan… Andrei Popov
- Re: [TLS] Summary of discussion regarding spontan… Manuel Pégourié-Gonnard
- Re: [TLS] Summary of discussion regarding spontan… Eric Rescorla
- Re: [TLS] Summary of discussion regarding spontan… Martin Thomson
- Re: [TLS] Summary of discussion regarding spontan… Joseph Salowey
- Re: [TLS] Summary of discussion regarding spontan… Martin Thomson
- Re: [TLS] Summary of discussion regarding spontan… Joseph Salowey
- Re: [TLS] Summary of discussion regarding spontan… Peter Gutmann
- Re: [TLS] Summary of discussion regarding spontan… Santosh Chokhani