[TLS] draft-sullivan-tls-post-handshake-auth-00
Nick Sullivan <nicholas.sullivan@gmail.com> Sat, 06 August 2016 01:38 UTC
Return-Path: <nicholas.sullivan@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F220212D73B for <tls@ietfa.amsl.com>; Fri, 5 Aug 2016 18:38:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.799
X-Spam-Level:
X-Spam-Status: No, score=-0.799 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jLZxNqkxL4qn for <tls@ietfa.amsl.com>; Fri, 5 Aug 2016 18:38:55 -0700 (PDT)
Received: from mail-it0-x22b.google.com (mail-it0-x22b.google.com [IPv6:2607:f8b0:4001:c0b::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4AE8A12D17A for <TLS@ietf.org>; Fri, 5 Aug 2016 18:38:52 -0700 (PDT)
Received: by mail-it0-x22b.google.com with SMTP id f6so39235031ith.0 for <TLS@ietf.org>; Fri, 05 Aug 2016 18:38:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to; bh=vWB6ua8g51cu+etztsoIN4giPHxN06hFtP3JLxItBCk=; b=CRxBfTae/arUPVBrIyCqS7wrfFCMWsergI2x6eBBamg7wCGSCH0UowsTz2BD7Jd7gp dA1Vq6V2BvvaHmBzJ0QhmapkZPxG7vXplSN/Yr8HKpto5+dimOtiCn1EZILo7w0Kg3Rj yZJMsksXepmfhJZISH5LT9rOzG0zIBwClm96ZOWK1YtWazgKzvleMmbqR58C3o76ghU8 f23CUlBH1YJSSR8MrOGB9yAYjSpACcIJpHptNr5eFvzqBx+yfna5HUZXc1wno2hOQzn4 rrOiqlKWeXLL8btB0/nI0sElZRfXSULNbvO7EdoYcISCxlIhN37+YIoeff/+1Dl35S5d YU9A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=vWB6ua8g51cu+etztsoIN4giPHxN06hFtP3JLxItBCk=; b=WkbBrJ25Rt64TQeLUKiKhiOgYhpfh5rcEkngOBZF5813MvXmBRVstBF/F/5LWAkNzi sG16My8ccQoif26h41ftTm59mJao96hqpdUhkXtTeevYOCVh319MWjoyd/vWaUQkCgWc U164SlWTYAE7RSg6qKlBmBUCdEPXByk4KKSYCHDvczuBTrd6x0llsRhTtLcNyZKIPFis T8y86f24ij/EmmfaMcg0sYg4RZm18ckg/nCZ49nlMvSmJdLGNAsYTUFOoX30QK+ZGyER 1aBXzQpzspQtq6xr7F7YIaVc1tKp4nrrd3gA/hrXSa9/1JFiqhtjPSFQh/T+LsLlLG9J b1fw==
X-Gm-Message-State: AEkooutZOkWMvle8HsdlOGucvm1rmi3XPNnr2V+UF3SJt9a3FgBvyJBTGFcihPAPGOTaXAgIge+jwYgQS5FBpQ==
X-Received: by 10.36.246.8 with SMTP id u8mr7538711ith.23.1470447531419; Fri, 05 Aug 2016 18:38:51 -0700 (PDT)
MIME-Version: 1.0
From: Nick Sullivan <nicholas.sullivan@gmail.com>
Date: Sat, 06 Aug 2016 01:38:40 +0000
Message-ID: <CAOjisRyH6Fz-_FbOaE7gMK-WXQetP=R6hJwAevRdsMYVBv95uw@mail.gmail.com>
To: "tls@ietf.org" <TLS@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c0551a4c56d9f05395d3ecc"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Bbz0302G16rqw7GfLogNsvfXFp0>
Subject: [TLS] draft-sullivan-tls-post-handshake-auth-00
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Aug 2016 01:38:57 -0000
<https://tools.ietf.org/html/draft-sullivan-tls-post-handshake-auth-00> We discussed on this list a proposal to allow secondary certificate authentication in HTTP/2 (https://tools.ietf.org/html/draft-bishop-httpbis- http2-additional-certs). In that discussion, some questions were raised around whether or not certificate authentication should be handled in the HTTP/2 layer or at the TLS layer. This draft is our attempt to create a more complete mechanism for post-handshake authentication in TLS 1.3 that supports standard use cases like in-browser client certificate authentication as well as new use cases like secondary certificate authentication in HTTP/2. This draft takes the post-handshake client authentication mechanism from TLS 1.3 (Section 4.4.2.) and generalizes it to allow four types of post-handshake authentication: * solicited client authentication * spontaneous client authentication * solicited server authentication * spontaneous server authentication Support for these modes is negotiated in a new TLS extension. As written, this draft is complementary to the current TLS 1.3 draft, however, it makes use of modified versions of the Certificate and CertificateRequest structures instead of those from TLS 1.3. If the working group agrees that a separate draft is a reasonable approach for post-handshake authentication, it may make sense to merge the structure changes from this draft into the TLS 1.3 specification and remove post-handshake authentication from TLS 1.3. Doing so would likely make both TLS 1.3 and this draft smaller, simpler to analyze, and easier to implement. This draft comes with the caveat that the new post-handshake flows still need formal a security proof. Nick Sullivan
- Re: [TLS] draft-sullivan-tls-post-handshake-auth-… Nick Sullivan
- Re: [TLS] draft-sullivan-tls-post-handshake-auth-… Martin Thomson
- Re: [TLS] draft-sullivan-tls-post-handshake-auth-… Ilari Liusvaara
- Re: [TLS] draft-sullivan-tls-post-handshake-auth-… Martin Thomson
- Re: [TLS] draft-sullivan-tls-post-handshake-auth-… Ilari Liusvaara
- [TLS] draft-sullivan-tls-post-handshake-auth-00 Nick Sullivan