Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Issue
Hannes Tschofenig <hannes.tschofenig@gmx.net> Wed, 11 July 2012 16:08 UTC
Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8274121F8552 for <tls@ietfa.amsl.com>; Wed, 11 Jul 2012 09:08:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.615
X-Spam-Level:
X-Spam-Status: No, score=-102.615 tagged_above=-999 required=5 tests=[AWL=-0.016, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SS9dmCQV-dHk for <tls@ietfa.amsl.com>; Wed, 11 Jul 2012 09:08:17 -0700 (PDT)
Received: from mailout-de.gmx.net (mailout-de.gmx.net [213.165.64.22]) by ietfa.amsl.com (Postfix) with SMTP id 67E1321F85A2 for <tls@ietf.org>; Wed, 11 Jul 2012 09:08:17 -0700 (PDT)
Received: (qmail invoked by alias); 11 Jul 2012 16:08:47 -0000
Received: from a88-115-216-191.elisa-laajakaista.fi (EHLO [192.168.100.106]) [88.115.216.191] by mail.gmx.net (mp004) with SMTP; 11 Jul 2012 18:08:47 +0200
X-Authenticated: #29516787
X-Provags-ID: V01U2FsdGVkX1/jtkZ+et/jkqezUEvuiER3xidMw7MNq/1103BW9Z EKOJRRX3UkeM68
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
In-Reply-To: <4FFD98D4.1090000@gnutls.org>
Date: Wed, 11 Jul 2012 19:08:35 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <4FB857C7-D595-4B07-AE55-E9E77095369E@gmx.net>
References: <1CA8C4CB-1FD8-4498-9988-41B6334F58FD@gmx.net> <4FFD98D4.1090000@gnutls.org>
To: Nikos Mavrogiannopoulos <nmav@gnutls.org>
X-Mailer: Apple Mail (2.1084)
X-Y-GMX-Trusted: 0
Cc: tls@ietf.org
Subject: Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Issue
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Jul 2012 16:08:18 -0000
Hi Nikos, thanks for the response. On Jul 11, 2012, at 6:16 PM, Nikos Mavrogiannopoulos wrote: > On 07/11/2012 12:56 PM, Hannes Tschofenig wrote: > >> Hi all, >> >> draft-ietf-tls-oob-pubkey specifies a new TLS certificate type for exchanging raw public keys in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) for use with out-of-band public key validation. >> >> Here is the latest draft: >> http://tools.ietf.org/html/draft-ietf-tls-oob-pubkey-03 >> >> I would be great to get your feedback on an open issue that concerns the semantic of the exchange. I believe there are three use cases we would like to support with this work. Below, I provide high level message exchanges to explain those: >> I) Server uses Raw Public Keys (client authentication happens at some other layer) > > > If you don't need a client certificate or public key, you don't send a > certificate request. You mean: If the server does not want any client authentication then it does not send a certificate request. If that's what you mean then I agree with you. But in this scenario the server provides the raw public key. > >> II) Client and Server use Raw Public Keys >> (the smart object use case - CORE working group) > > > Your draft already covers that case. That's what I thought but Paul had a different understanding. It is not quite clear what the semantic of the cert_type="RawPublicKey" in the client hello message is. > >> II) Hybrid Scenario > >> (the OAuth Holder-of-the-Key Use case) > > (server X.509 certificate, client raw public key) Yes. > > I see two options. 1. You overload the ClientCertificateType of the > certificate request with a raw_rsa_sign that does what you intend. I currently had taken the route that I use an extension to indicate what stuff is in the certificate payload. It seems that RFC 6091 and the recently submitted OBC had chosen the same approach. > 2. > You create a new extension that modifies the format of the certificate > request to include an explicit certificate format. Of course the existing certificate format cannot (and should not) be changed. One could put an additional marker into the cert payload that makes it easy for the client and the server to differentiate the content of the payload. In the implementation I put together for the smart object security workshop I just used the the cert_type to determine what the content of the cert is and I didn't had to take additional steps. (Maybe I am making this too complicated and it is in fact trivial to differentiate the two payload types.) Ciao Hannes > > regards, > Nikos
- [TLS] draft-ietf-tls-oob-pubkey: The Open Issue Hannes Tschofenig
- Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Iss… Eric Rescorla
- Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Iss… Nikos Mavrogiannopoulos
- Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Iss… Hannes Tschofenig
- Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Iss… Eric Rescorla
- Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Iss… Hannes Tschofenig
- Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Iss… Robert Cragie
- Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Iss… Nikos Mavrogiannopoulos