IETF Logo Mail Archive

Re: [TLS] Impact of draft-ietf-mptcp-api on TLS

Peter Saint-Andre <stpeter@stpeter.im> Wed, 28 November 2012 21:41 UTC

Return-Path: <stpeter@stpeter.im>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3A2021F8593 for <tls@ietfa.amsl.com>; Wed, 28 Nov 2012 13:41:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.498
X-Spam-Level:
X-Spam-Status: No, score=-102.498 tagged_above=-999 required=5 tests=[AWL=0.099, BAYES_00=-2.599, NORMAL_HTTP_TO_IP=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jXX5KoONp6w2 for <tls@ietfa.amsl.com>; Wed, 28 Nov 2012 13:41:09 -0800 (PST)
Received: from stpeter.im (mailhost.stpeter.im [207.210.219.225]) by ietfa.amsl.com (Postfix) with ESMTP id 170CD21F8575 for <tls@ietf.org>; Wed, 28 Nov 2012 13:41:09 -0800 (PST)
Received: from [10.129.24.67] (unknown [128.107.239.234]) (Authenticated sender: stpeter) by stpeter.im (Postfix) with ESMTPSA id 2D4CD40062; Wed, 28 Nov 2012 14:46:06 -0700 (MST)
Message-ID: <50B684F6.4050004@stpeter.im>
Date: Wed, 28 Nov 2012 14:41:10 -0700
From: Peter Saint-Andre <stpeter@stpeter.im>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:17.0) Gecko/17.0 Thunderbird/17.0
MIME-Version: 1.0
To: Geoffrey Keating <geoffk@geoffk.org>
References: <20121128153650.7A2971A3BD@ld9781.wdf.sap.corp> <50B6333C.50606@cs.tcd.ie> <m2624ptshs.fsf@localhost.localdomain>
In-Reply-To: <m2624ptshs.fsf@localhost.localdomain>
X-Enigmail-Version: 1.4.6
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Cc: Florian Weimer <fweimer@redhat.com>, tls@ietf.org
Subject: Re: [TLS] Impact of draft-ietf-mptcp-api on TLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Nov 2012 21:41:10 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/28/12 12:52 PM, Geoffrey Keating wrote:
> Stephen Farrell <stephen.farrell@cs.tcd.ie> writes:
> 
>> Hi Martin,
>> 
>> We're trying to figure out if the mptcp API document needs to say
>> anything about tls, and if so, what. And I'd like to do that so
>> mptcp doesn't have to fall back to just tcp for all cases where
>> you need tls, if that's ok, so that mptcp has a chance to get
>> used. (I figure its hard enough being a new transport these days,
>> but being a new transport that is useless under TLS seems like a
>> bit of a killer.)
> 
>> On 11/28/2012 03:36 PM, Martin Rex wrote:
>>> The IP-address that the socket shows after connection
>>> establishment is completely irrelevant to the security of TLS,
>>> even when Server-Certificates with IP-Addresses in the
>>> SubjectAltName are used for server endpoint identification
>>> according to rfc2818 section 3.1.
>> 
>> Well, 2818 is just http/tls/tcp and the context here is 
>> anything/tls/mptcp so I'm not sure that solves the problem of
>> what to say.
>> 
>> I think its true that there's no security issue, but there might
>> be an interop issue, if different folks implement tls/mptcp
>> differently. If the tls code just uses the normal socket api then
>> there's nothing to say, but it won't get the benefit of mptcp. If
>> the tls code uses the basic api then it can see which subflows
>> are being used and different folks might do different comparisons
>> to the certs used.
> 
> Maybe a related example will help: suppose the user is trying to 
> connect to https://198.51.100.3.  There is an HTTP proxy
> configured, so what the browser actually does is make a TCP
> connection to 192.0.2.99, send 'CONNECT https://198.51.100.3', and
> then start the SSL negotiation.  The certificate still has to
> mention 198.51.100.3, and doesn't have to mention 192.0.2.99.
> 
> So, in MPTCP, if the user asks for mphttps://198.51.100.3 (or 
> whatever), then 198.51.100.3 is the address that has to appear in
> the certificate, even if the connection is redirected to some
> other endpoint, even if the redirection happens before any data is
> actually sent on the connection.

This is basically the "CertID" problem (RFC 6125). When Jeff Hodges
and I worked on that spec, we deliberately left IP addresses out of
scope, but if someone wants to work on a similar (though much simpler)
document about IP addresses instead of domain names, I'm sure they
could find quite a bit of text to borrow.

Peter

- -- 
Peter Saint-Andre
https://stpeter.im/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iEYEARECAAYFAlC2hPYACgkQNL8k5A2w/vxh+QCgozvyk8K6K1z6lHEz8hafzTGL
CEYAoL6fF0tgUeP3oohDbXmLRafdTEqj
=iJ0P
-----END PGP SIGNATURE-----

v2.23.0 | Report a Bug | By Email