Re: [TLS] TLS 1.3 Authentication using ETSI TS 103 097 and IEEE 1609.2 certificates
Ilari Liusvaara <ilariliusvaara@welho.com> Mon, 27 August 2018 16:34 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 24E47130E1B for <tls@ietfa.amsl.com>; Mon, 27 Aug 2018 09:34:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lqu0y_DDqfYp for <tls@ietfa.amsl.com>; Mon, 27 Aug 2018 09:34:10 -0700 (PDT)
Received: from welho-filter3.welho.com (welho-filter3.welho.com [83.102.41.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE7BE130E06 for <tls@ietf.org>; Mon, 27 Aug 2018 09:34:10 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by welho-filter3.welho.com (Postfix) with ESMTP id 1A78FB903; Mon, 27 Aug 2018 19:34:08 +0300 (EEST)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp2.welho.com ([IPv6:::ffff:83.102.41.85]) by localhost (welho-filter3.welho.com [::ffff:83.102.41.25]) (amavisd-new, port 10024) with ESMTP id Ez3RJDpGa_Q5; Mon, 27 Aug 2018 19:34:07 +0300 (EEST)
Received: from LK-Perkele-VII (87-92-19-27.bb.dnainternet.fi [87.92.19.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by welho-smtp2.welho.com (Postfix) with ESMTPSA id 89E7E72; Mon, 27 Aug 2018 19:34:05 +0300 (EEST)
Date: Mon, 27 Aug 2018 19:34:05 +0300
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: Mounira Msahli <mounira.msahli@telecom-paristech.fr>
Cc: tls <tls@ietf.org>
Message-ID: <20180827163405.GA19628@LK-Perkele-VII>
References: <1231917830.3727154.1535119783361.JavaMail.zimbra@enst.fr> <20180824155038.GA2743@LK-Perkele-VII> <1417403886.3796035.1535132676840.JavaMail.zimbra@enst.fr> <3804815.tkeyhOaURY@pintsize.usersys.redhat.com> <997722663.579236.1535386875575.JavaMail.zimbra@enst.fr>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <997722663.579236.1535386875575.JavaMail.zimbra@enst.fr>
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/K2SHOOfq-lPIUaX6JMiwuUXbTlA>
Subject: Re: [TLS] TLS 1.3 Authentication using ETSI TS 103 097 and IEEE 1609.2 certificates
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Aug 2018 16:34:13 -0000
On Mon, Aug 27, 2018 at 06:21:15PM +0200, Mounira Msahli wrote: > Hi Hubert, > > I can do the exercise but the result will be two sections totally > decorrelated: one for TLS 1.3 and one for TLS 1.2. Two drafts in > one document. The certificate message might be bit annoying as it has different format in TLS 1.2 and 1.3. But most textual discussion probably can be shared between the versions. > - The handshake phase in TLS 1.2 is different from handshake/TLS1.3 One could abbrevate the handshake traces to just show the relevant parts (which could also cut some clutter)? I think the relevant messages always occur in the same order (clienthello, serverhello/ encryptedextensions, certificate, certificate). > - The certificate type is different. One uses cert_type and the > other uses extension defined in [RFC7250]. cert_type is deprecated. One should use the RFC7250 extensions even in TLS 1.2. The TLS 1.3 certificate format negotiation works the same as in TLS 1.2, with exception of extensions being in different message. -Ilari
- [TLS] TLS 1.3 Authentication using ETSI TS 103 09… Mounira Msahli
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… William Whyte
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Ilari Liusvaara
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Mounira Msahli
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Mounira Msahli
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Wang Haiguang
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Mounira Msahli
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Wang Haiguang
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… William Whyte
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Hubert Kario
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Mounira Msahli
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Ilari Liusvaara
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Watson Ladd
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Mounira Msahli
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Mounira Msahli
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Hubert Kario
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Mounira Msahli
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Mounira Msahli
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Ilari Liusvaara
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Russ Housley
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… William Whyte
- Re: [TLS] TLS 1.3 Authentication using ETSI TS 10… Mounira Msahli
- [TLS] Updating the draft: TLS Authentication usin… Mounira Msahli
- [TLS] Updating the draft: TLS Authentication usin… Mounira Msahli