IETF Logo Mail Archive

Re: [TLS] New Version Notification for draft-wouters-tls-oob-pubkey-01.txt (fwd)

Paul Wouters <paul@xelerance.com> Fri, 18 November 2011 23:20 UTC

Return-Path: <paul@xelerance.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E5EF21F8564 for <tls@ietfa.amsl.com>; Fri, 18 Nov 2011 15:20:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.427
X-Spam-Level:
X-Spam-Status: No, score=-6.427 tagged_above=-999 required=5 tests=[AWL=0.172, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2oincouPx9zt for <tls@ietfa.amsl.com>; Fri, 18 Nov 2011 15:20:10 -0800 (PST)
Received: from mx.xelerance.com (mx.xelerance.com [193.110.157.188]) by ietfa.amsl.com (Postfix) with ESMTP id 5B3CB21F8562 for <tls@ietf.org>; Fri, 18 Nov 2011 15:20:10 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mx.xelerance.com (Postfix) with ESMTP id B1CA311E; Fri, 18 Nov 2011 18:20:07 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=xelerance.com; h= content-transfer-encoding:content-type:content-type:mime-version :user-agent:references:message-id:in-reply-to:subject:subject :from:from:date:date:received:received:received:received; s= smtp; t=1321658406; x=1322263206; bh=g4O60RnY4+WqMUE+bhmmMmUbbOh TKKwXMt0cP6zy8dQ=; b=VUiLByn4501mJxQyuT8AWnPxUA96FQgCfCovTcM3Nj7 TYvj07eqhj3SyVSQY3H+N8XRUGo25JgRWpajTKdZcWscG5eX6SZ+0+6vAFZxokHm XwnyR5/a6ZqEDZwG6EwLHhOOiz076wofInbeyB9kRQptjEifMkNMZif9QHOUN7pE =
Received: from mx.xelerance.com ([127.0.0.1]) by localhost (mx.xelerance.com [127.0.0.1]) (amavisd-new, port 10026) with LMTP id c2WMPe-9INjY; Fri, 18 Nov 2011 18:20:06 -0500 (EST)
Received: from mail.xelerance.com (mail.xelerance.com [193.110.157.189]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.xelerance.com (Postfix) with ESMTPS id BC3B384; Fri, 18 Nov 2011 18:20:06 -0500 (EST)
Received: by mail.xelerance.com (Postfix, from userid 1001) id A1C6650C; Fri, 18 Nov 2011 18:20:06 -0500 (EST)
Received: from localhost (localhost [127.0.0.1]) by mail.xelerance.com (Postfix) with ESMTP id A0A35142; Fri, 18 Nov 2011 18:20:06 -0500 (EST)
Date: Fri, 18 Nov 2011 18:20:06 -0500
From: Paul Wouters <paul@xelerance.com>
To: Badra <mbadra@gmail.com>
In-Reply-To: <CAOhHAXzmysLrTj5kODHaxLNvpzax0JUjrSSqvg-oUQyXukTFJQ@mail.gmail.com>
Message-ID: <alpine.DEB.2.00.1111181811200.19177@mail.xelerance.com>
References: <alpine.DEB.2.00.1110311914480.17385@mail.xelerance.com> <CABcZeBOqziPWk5Je=Ld+Fa0i-vz+HXKaFTDyswptfKG6dXJkxw@mail.gmail.com> <CAOhHAXyMneJv_-gsKiKkXcyd+03VZdBbaiamyuWm3Y2QNaxtSw@mail.gmail.com> <alpine.DEB.2.00.1111181601190.19177@mail.xelerance.com> <CAOhHAXzmysLrTj5kODHaxLNvpzax0JUjrSSqvg-oUQyXukTFJQ@mail.gmail.com>
User-Agent: Alpine 2.00 (DEB 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 8bit
Cc: tls@ietf.org
Subject: Re: [TLS] New Version Notification for draft-wouters-tls-oob-pubkey-01.txt (fwd)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Nov 2011 23:20:11 -0000

On Fri, 18 Nov 2011, Badra wrote:

>             And how does draft-wouters-tls-oob-pubkey differ from draft-ietf-tls-cached-info-09?
> 
> cached-info still needs PKIX validation on the first run, and then supports caching
> the authentication. oob-pubkey allows for out of bound public key authentication
> with tls server suppressing the sending of its (often huge) unneeded PKIX chain.
> 
> 
> 
> And how, in your draft, will the client have a copy of server's authenticated key? 

The draft is called "out of band" for a reason :)

One method is to get it via DANE/DNSSEC, for example:

dig -t TYPE65468 _443._tcp.dane.xelerance.com

That will give the client an authenticated hash of the public key. During the TLS
handshake, the TLS server gives the TLS client its public key in the server certificate
of cert_type "RawPublicKey".

The DANE draft does not (yet) have a subtype for "raw key" but is expected to get one as
soon as TLS defines the cert_type (which this draft would do)

> Currently, the server doesn't need to describe known roots. Does it mean that the server also has a copy of the client's authenticated key?

If the TLS server wants to authenticate the TLS client, it will also need and out-of-band
authentication. The TLS client will send its public key in a certificate of cert_type="RawPublicKey"
and the TLS server will have to lookup that key for authentication. (to make that easier on
the server, perhaps we can think about the client version of "SNI", but we left that out of
this draft not to complicate things at this stage)

Paul

v2.23.0 | Report a Bug | By Email