IETF Logo Mail Archive

Re: [TLS] Better TLS Client Authentication

Tim Cappalli <Tim.Cappalli@microsoft.com> Tue, 24 May 2022 05:11 UTC

Return-Path: <Tim.Cappalli@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E300EC07512F for <tls@ietfa.amsl.com>; Mon, 23 May 2022 22:11:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.574
X-Spam-Level:
X-Spam-Status: No, score=-2.574 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.575, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BPSDBdumomCs for <tls@ietfa.amsl.com>; Mon, 23 May 2022 22:11:23 -0700 (PDT)
Received: from na01-obe.outbound.protection.outlook.com (mail-cusazlp170110003.outbound.protection.outlook.com [IPv6:2a01:111:f403:c111::3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5BB2CC075142 for <tls@ietf.org>; Mon, 23 May 2022 22:11:23 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oLtl7eZAjrmfdLbG9NMQ+EpDn6GQQ9qkF+1kydXWqV1x2a/YAc2hsWcCwu4TqTVCht0PjNUS9I8rQWIb5YnE1ygTXIfuO3hKoTCeMdts46Pp7Nuveq9U+Le3ImkiTvYJrl+bSipKxS0A9wK82BF6n8souMb613L5klnQGqglHqrq6SYtpZ4JiSp3odiy6x/RPRn2bYNcMJkThM62UTuygE6FJjIiX3SsruKa2l/RUuQCGCZR9VgOPEj91q0MQJkteArQFBDq+Duq5UEzIdycwK1SCbOG/zKDdCkTAAu7vPNo41Cl1sVD9bLIqPdj4JgwHfgTa/jDYF9gunxDZMkvcg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YlRVzDcafrrsOklOjAhe6DJabrdJkvVHr3014isDr54=; b=OOINXGFyf1wsAnwCfAcXC5fewgNffNvQXsmrBAuRtit8cwoL2JjMeedIZf1gmqZRXx1qpyc/xJIJngkLfvpFZDB4FKEtseFf5dHh4Cx+jo8s8KXQQAUDQbzZU4U8j+FEGVGxysbv41v1cHdhT573Xm/sK7Zj7DVUlKvgaE88junB7KrcCujvSmn/vTta02IZ9OpfrapyJv3l+IszYvnR/yTsiizuJvIwcTeqmoWCtLkJczFGdQlGmMjnL1d3+F6hlaTe/6Atr/OeYzm7EXRJwr4eJgzk6tLB960/OiKhu0EfN9setCbgvaFaRqzb2RRmpfPxglyCe2GBFSKO8WQyjA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YlRVzDcafrrsOklOjAhe6DJabrdJkvVHr3014isDr54=; b=cM36Jxuh3ByAS7MumBLZAOD9XEiYR995rcwP2Q8vpHyBhgFxNrdqWJtUqCg73woJvJeD1E5ZMHheth5w8P0AbquDrcHueCV6myZ/oKYnZbeTCZHj7JA9Up4bqSIljqEt7X62vNGXhGSk+q2tZhzG0TSmX8njg5K6RJnEQvkli6k=
Received: from MN2PR00MB0478.namprd00.prod.outlook.com (2603:10b6:208:c6::14) by MW4PR00MB1025.namprd00.prod.outlook.com (2603:10b6:303:68::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5326.0; Tue, 24 May 2022 05:11:19 +0000
Received: from MN2PR00MB0478.namprd00.prod.outlook.com ([fe80::4c4d:f448:d705:5adf]) by MN2PR00MB0478.namprd00.prod.outlook.com ([fe80::4c4d:f448:d705:5adf%5]) with mapi id 15.20.5327.000; Tue, 24 May 2022 05:11:19 +0000
From: Tim Cappalli <Tim.Cappalli@microsoft.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] Better TLS Client Authentication
Thread-Index: AQHYbiLna3GdDoQF1k2j8NH99IB2ca0tfGOO
Date: Tue, 24 May 2022 05:11:19 +0000
Message-ID: <MN2PR00MB0478B4440612CD370100E39A95D79@MN2PR00MB0478.namprd00.prod.outlook.com>
References: <CAMm+LwiWnpZ7R3X_FvZijwK=WEcSnTZNEEkX19GdKvkmXwt0NA@mail.gmail.com>
In-Reply-To: <CAMm+LwiWnpZ7R3X_FvZijwK=WEcSnTZNEEkX19GdKvkmXwt0NA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2022-05-24T05:08:39.0506397Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 49d73795-713a-478b-1312-08da3d43d61f
x-ms-traffictypediagnostic: MW4PR00MB1025:EE_
x-microsoft-antispam-prvs: <MW4PR00MB1025A870FC9940FCD132B31495D79@MW4PR00MB1025.namprd00.prod.outlook.com>
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: U6nEw3AD+HYMU6k7nggpjsn6nE1LDp8Daybmf19DoTToH727pinba+mKoJRpKcVXG++9whsPX70CILtUo6hNrOyHKDOx//QBJCv/TPs1oHtrKR1CHdCa5GkVUTzxfMkeTv92k7Q0qZOCJUUkRkX6W6utfxy+7W0xpe5yFcV3Vhh/kkNy+AEPGfklzMYiM4vvoN34ZmXHf3rQ3mLLaHH0nqEpIkDZf/lED8/le/8Swh6GnZBNyuMP0kTUvBq4ciEEED/AXlYXj4RNLkf6bZv02fNYIThfC4r3hggMwzBbS8Zbcx4WZP8viqfPBb4xp0HAslujjyKWAhu0f2la+f/1aK4FNX6qJtpkSAElknKX9q5ZvHaY7zqm4pFIrlOJAkxfLQltJ1cvE6+V2TW6fpOtIPytpj1Cle82ZBNVGJGVXw3m8nBbnO9UzeqiIq0qpYBNO35kx6rKakY19O7K/F1OvlnZehRAyPrxQusPqgbmL3bhQMFfBw+MbjhZ8kmP7KU6IX7QgJmgbVjwGVTxPFpRQWRDHyrM3YKz4EMsLzHk8lH2fDiwhxA+GZX8W0zUUYbDsQ2YAEqzlUFKQrNJTYlcmDOO6QewtPz+rBthOM6Bd+GkDOD7w5bIXl/DEhmFepv66ANVj7Vi0jUZReRcn2YhAcaJF4weD1VqlH+6m4Hgb0ViCCXi9JrUzrLbm3IRV+D1sbZRreTw4o9pWVF+s9IN5ba4vJSVkl9zO0BKP1FHsNH7j9u1phk9AqRu45kNg2daFw+tiWJCaP0qVxaUiGQ8AXlzfcp6ycsBv9hssq5lvrsqKaBmVlQ03eeox8D7FAIZxVEM+tiqJfWB5WiXpwFdag==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR00MB0478.namprd00.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(451199009)(66446008)(8676002)(186003)(64756008)(66556008)(91956017)(66476007)(52536014)(8936002)(5660300002)(33656002)(76116006)(66946007)(6506007)(2906002)(9686003)(7696005)(86362001)(10290500003)(53546011)(26005)(71200400001)(508600001)(122000001)(82950400001)(8990500004)(83380400001)(55016003)(966005)(316002)(110136005)(38070700005)(166002)(38100700002)(82960400001); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 6mxJq735TSYHeGiZ/WlGaVAgtCgvQT5aUYgiR8gy9IniTNbxrG7y9h0iXMR4CZ0Bt2a9X5Ms1jZqsc5BlqKEWzLTXASWOZ6Buj09tWxaIRtY7NgjlOBGaX0bGwMYGMBR0VFUmjXtejgaVneOlH8Gmwl8tqihvx8Hx4GUq7Vy007R8N8nikb2S14EW1nVKivcA/Nn+b9ScMVKNGZBofvtGDIJDSW/VpfGEq/vYaEg/7//TgYaIapZyBVl0GwkYFEVjmT5O1O6UTL24tdg/lz0TYLgLphg1X1OCEVhUB2inSRytUNs+rFmCNISABSrEBlGsLjB+q3xRz1UI/PseyQZGp8NekMH7Qvc4/4yT5DAHdKQ+yh13PAVTQESZzcZdpr1yx234RQIcbLrcE5ero7MYu0P9EwhQGEaOx1YHK1qA6qYvsDs06t6pxEImdS9p5BYOgLAV9gNdY0tfBaK5HwtIFefyDExzdkDEPuqdOFnXJX8xcc9xOAhDDgGFuqFSmE1FBHK7+z2lXFrU9spEfcv9YZe7exm+gsN414sXmA+QDrATvWZya36ZKpjN6O43nlSX41Qy4EdICkaUPxlq510qNYSDldmzZWX7atCTPCVS+3E5CWJzVH+o37DnwX8oWZY0EMKOF48sXjA2GfH18YZjT1CoalWU+pTHaUOrEqSqyK3X+ipXZRX6PSR/KQSZB1fCapwSgDoT5whIbdnB6uUKXnYQ5lDenlTZ+3MdiHBGLXy6N1Ag6vIRpFjkP+bCwdWR2H/AOMDfcfvTC77UDsXL2yF24LNccby+mudK7CFf02fCevshVUG/0lknj9rFha1XANxgBW9+CRw5sjUMpeTTtRMa83xZVT+U9GRtH/HwJCRj7iS6jJEvoMs1jUPWDaYeJCBQhh83MHZ6zu/dVVcewrzgmG5Cdpgp4VrZTBO513SJFd/ZL1fk5VUdos/NeowP8J47utkZ+Leb6r2hzaB7ELez4Qu+s6TL/GVuuaDpcBlWCHt/i/JU95M4IpU5hUHnl+j87kUC2nOIYwalhghiPbDnYUUK9GFJxp/nuyNWYSkoJ5qCmtGteDfzRfUqzsiTdadld+SbtV4NoTWCBuvBiIv3syhINhs67pbO8ytp11GaYZ3Kl41V05oBMlMarBPzFmroPojcoekGYICfyVoU/lw7wd86sc31r3tmcbwCpJw3Pq8aU9LOMrq4SwkrDnekQN+0u11VDAYIDvK6//01HC/FcRWWsuKdLIBFQTuPPS5GldsK2AuaTOAm5bVf4l4jHL6KtMdyD/VFPrLyFcHv6QMX9h6+SPTQwo0KuqPDqL/GxlewREOO4MFfWJmMascvTrBEAix+WUWgJkNzPq3LTYz59Pi+3t1vJvzRj8aw3ya0SwPC+WAYsArxQq4SW89scWyKq5LOq05S941C27JftblQRWOTPhrEGMhxU/DDKJcewblsQqlyP3xQQb+K0Rb8dAkL0cAH/oyQzg9GPtdGnCBFh1w/vkAwTCt8tFmNDwadSTfWJZe7Dki5KENzdSbj9iyhhIUhTvTBHqJw2+9JqoQFWD03vtnonRaWgk1875FK+oxGseCZMzc4P2qQCg+UTGIFboYWsCYTLaaqlNjSXUAda2PpSq4UO+YZICHimbM/+YN5dmikWSk49OkLJ6OCK4iOgLbLd0nBdhrWkVVLs9f0mBo1wBw2Kik2eiKNSg=
Content-Type: multipart/alternative; boundary="_000_MN2PR00MB0478B4440612CD370100E39A95D79MN2PR00MB0478namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR00MB0478.namprd00.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 49d73795-713a-478b-1312-08da3d43d61f
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 May 2022 05:11:19.0497 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: HMUL7eXEUYBNDGqi1Osya6xXbsoe7rZzvkSiGtrCzBnAXg+5oJgNHb5r3Dk3YOlqSWON/V+1InhUaqaC2fWlQw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR00MB1025
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/hwVIkRalw58VRtYRg_bWYrFiKU8>
Subject: Re: [TLS] Better TLS Client Authentication
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 May 2022 05:11:26 -0000

You mentioned FIDO, but I didn't see a reason why you don't want to use it. The industry has largely accepted the mature FIDO standards stack (WebAuthn & CTAP) as the strong authentication method that replaces passwords in a privacy preserving and phishing resistant manner.

Why create something new, especially using technologies that are not very user friendly?

tim

From: TLS <tls-bounces@ietf.org> on behalf of Phillip Hallam-Baker <phill@hallambaker.com>
Date: Sunday, May 22, 2022 at 23:28
To: tls@ietf.org <tls@ietf.org>
Subject: [TLS] Better TLS Client Authentication
I am looking for people interested in discussing the following proposal to create a profile of TLS Client Authentication certificates to enable transparent Web Site authentication in Philadelphia:

I have a three step plan for eliminating Password Authentication

1) Deploy an open standards based, E2E secure password vault
2) Transition Web sites to use of public key authentication
3) Deploy a 2FA type scheme to address 'ceremony' use cases

I don't want to get into detail here, but I believe the trick to eliminating passwords is to deploy a password management solution in phase 1 that creates a sufficiently large base of users whose devices are provisioned with the necessary private keys to make use of public key auth practical.

So, I had assumed that this was all about enabling FIDO. But when I look at what I want to achieve and what legacy deployments provide, I suddenly realized I can do everything I need using TLS client auth. The only question is what the BEST way to do it is going to be.


So I have running code that can provision key pairs and credentials to every device Alice owns:

https://www.youtube.com/watch?v=zrBv717w8yY<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DzrBv717w8yY&data=05%7C01%7Ctim.cappalli%40microsoft.com%7C8d2d1c84b14944a8b65308da3c3a07e2%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637888517206896679%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=4V4ijtshBNU5dTiZ49BgQibcjpXnaRtgpjvuvgLolCQ%3D&reserved=0>

It would not take a great deal of extra effort to provision certificates into the Windows/MAC/etc keystores so that IE, Edge, Firefox, Chrome, Safari, etc. etc. can all make use of the certificates. Its just a question of writing a script.


I am pretty sure I can get 'something' to work. But I would appreciate some help from folk who are closer to the real-world implementations.

Reading through the specs, I think we can make it so that after an (optional) one time registration, Alice can just use the Web site without the need to ever log in ever again.

The only reason Alice would ever need to repeat registration is if the Web Site had some policy requiring Alice to affirm that yes, this really is her device and she agrees to terms. That is what I call 'ceremony' and it is not an authentication issue. I have another way of addressing that issue.


As far as I can tell, all that I really need is to write a certificate profile for BTCA certificates.

The thing that I am dropping here is the notion that certificates are bound to anything other than a key. So all this is telling the site is that this is the same person who came to the site before. It is not providing the user credential PKIX is really all about.

I do have some questions though. In particular whether using X.448/Ed448 certs is practical.

The big downside to my current approach is that the certs that are used are going to be super-linking identifiers. But we are currently losing that fight.

v2.23.0 | Report a Bug | By Email