IETF Logo Mail Archive

Re: [TLS] Deprecating Static DH certificates in the obsolete key exchange document

Eric Rescorla <ekr@rtfm.com> Mon, 15 April 2024 18:30 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEBB4C14CE4A for <tls@ietfa.amsl.com>; Mon, 15 Apr 2024 11:30:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.893
X-Spam-Level:
X-Spam-Status: No, score=-1.893 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EBsUcOEH4YTO for <tls@ietfa.amsl.com>; Mon, 15 Apr 2024 11:30:19 -0700 (PDT)
Received: from mail-yw1-x112a.google.com (mail-yw1-x112a.google.com [IPv6:2607:f8b0:4864:20::112a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E734BC14CF1A for <tls@ietf.org>; Mon, 15 Apr 2024 11:30:19 -0700 (PDT)
Received: by mail-yw1-x112a.google.com with SMTP id 00721157ae682-618944792c3so28399747b3.1 for <tls@ietf.org>; Mon, 15 Apr 2024 11:30:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20230601.gappssmtp.com; s=20230601; t=1713205819; x=1713810619; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=J+sqcd9QWTWewMqcRQ9WeLVCMUILxMAmB1bkl8/0dAE=; b=rDJQ+ILl03AalRMh/K2ZMzgZ7hY+WQph1IZXWhximRfGlvE0m/IFVtwDqzYVOafJ0F Zp+YY5uV4GyzcOZxGh/N/brxHAXV3Zw/FOvw5whcp+0WAdkMrxsxmNdpml66RwxWRGDt tfa1kv5f8gs9qkaDFstruD6xqbHnNfW8BdZFG+MhqPGC5O3SL0PDWQp2sDd5Wb9gUPHt C9gugz8WTdJTAuVELW/lhnh+NeOMRWZv241b2rZhTsRuuLb14OFuOPu5un/PvFZBtCpW U8rM7rPAT5mVmDvX6Gn3i7FQOdxNc/CZHiGdUBERpFpN/p1nS9Qt4jW7GqfIvAf+Qqzq h73A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713205819; x=1713810619; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=J+sqcd9QWTWewMqcRQ9WeLVCMUILxMAmB1bkl8/0dAE=; b=WcM9prLbjOfZX6/pQU8LiWLzuQ/xlGIpAO5VwpNt0sa6VpyrrJmKlpnJpWec5oHbwF Lm+ENJ2KNHaX8Mkt96gN3M1+rxmyJNUvSMX6oQfLpSwKzU5Qp/+JE6mkPGJxwZPqBWlt zGtjtCb1rkWq7Ck5sVvTOKk3rZgLt/VgODwuWPiuTlPmvzV3mKl58pF7+MB+iN4K3TF0 v8jqcXIIrWtN3I86LbRVO8WvrU/0LybyRHFZGRkZi2Iyo3cbkpcKwBmoscwwHScEswU8 G05BlOWWv5zlxs8a2JJJxkRnJ9Xb/823bLXUPWAEFZhPk3UbElNsePjZ4vMePSCqae1H iMqQ==
X-Gm-Message-State: AOJu0YwIQcOiLqxacWeD+5sEtcDDOKdnVt086xU59whB9E3l8qxBKaP2 AarwnsA9dXGSRqB7r/1rlYQV3/kmeBQH3vnS6lkRpj3EPPIv0+9/TwB/Qlep8B6rOrJx4u3u+sM jaKZxbXpH6MhCbgo5FgDR9+1hDYAlQciId0eOhT2EzrsE50L+
X-Google-Smtp-Source: AGHT+IExotess5nwiw9P8piSrtDa4cNq97q+T6FPYUxwGbnXFrdqTEZpmLWVwYgLNRSRVjJ5j3gDdDjK9AJEiyGZR/Q=
X-Received: by 2002:a0d:d656:0:b0:611:26e0:f24b with SMTP id y83-20020a0dd656000000b0061126e0f24bmr10181738ywd.9.1713205818735; Mon, 15 Apr 2024 11:30:18 -0700 (PDT)
MIME-Version: 1.0
References: <CAOgPGoBBq-SBb4N1b0VCyUxMytbgRCoGWOQug-XJAKSYh6Ezag@mail.gmail.com>
In-Reply-To: <CAOgPGoBBq-SBb4N1b0VCyUxMytbgRCoGWOQug-XJAKSYh6Ezag@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 15 Apr 2024 11:29:42 -0700
Message-ID: <CABcZeBMPae+8r65LFAaLAJts+4eG-tK3LBUTBgxiVhrWV9tWMA@mail.gmail.com>
To: Joseph Salowey <joe@salowey.net>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000040def4061626d052"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Czu6hUTZwmS8YMChf5GwhzeKydc>
Subject: Re: [TLS] Deprecating Static DH certificates in the obsolete key exchange document
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Apr 2024 18:30:23 -0000

Yes.

-Ekr

On Mon, Apr 15, 2024 at 11:14 AM Joseph Salowey <joe@salowey.net> wrote:

> At IETF 119 we had discussion that static DH certificates lead to static
> key exchange which is undesirable.  Although the current draft deprecates
> static DH ciphersuites, it seems that RFC 5246 allows the client to provide
> a certificate with a static DH keypair to provide static parameters in
> (EC)DHE in TLS 1.2 (I don't know of any implementations that do this).
>
> Should the draft deprecate these ClientCertificateTypes and mark the
> entries (rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, ecdsa_fixed_ecdh) as
> 'D' discouraged?
>
> Please respond with any comments on this proposal by April 30,2024.
>
> Thanks,
>
> Sean, Deirdre and Joe
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

v2.23.0 | Report a Bug | By Email