Re: [TLS] Draft TLS Extension for Path Validation
Robert Moskowitz <rgm-sec@htt-consult.com> Thu, 26 May 2022 23:53 UTC
Return-Path: <rgm-sec@htt-consult.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7BD2CC1595E3 for <tls@ietfa.amsl.com>; Thu, 26 May 2022 16:53:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.755
X-Spam-Level:
X-Spam-Status: No, score=-8.755 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, NICE_REPLY_A=-1.857, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZB-2q4DlSQHK for <tls@ietfa.amsl.com>; Thu, 26 May 2022 16:53:35 -0700 (PDT)
Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC496C159526 for <tls@ietf.org>; Thu, 26 May 2022 16:53:35 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id C14B66279D for <tls@ietf.org>; Thu, 26 May 2022 19:52:48 -0400 (EDT)
X-Virus-Scanned: amavisd-new at htt-consult.com
Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id wtG-dQWyJt8M for <tls@ietf.org>; Thu, 26 May 2022 19:52:39 -0400 (EDT)
Received: from [192.168.160.11] (unknown [192.168.160.11]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id AB30B62780 for <tls@ietf.org>; Thu, 26 May 2022 19:52:36 -0400 (EDT)
Content-Type: multipart/alternative; boundary="------------MAjX8kRL1Jgjy4xC4T2TfxYg"
Message-ID: <3852275a-f319-352a-98b4-9ff1c3ae5de9@htt-consult.com>
Date: Thu, 26 May 2022 19:53:18 -0400
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.9.0
Content-Language: en-US
To: tls@ietf.org
References: <2790C640-0841-43BC-94CA-0890ECEA672A@conceptsbeyond.com> <Yo50IQhyJM/VABlL@LK-Perkele-VII2.locald> <3107A6D9-BF01-48D7-9626-4E6C00A4E1A6@conceptsbeyond.com> <CA+n4P2oNax-=SBharnuxuY99C6RTgOQyi3tABEbZgkRnAVybew@mail.gmail.com>
From: Robert Moskowitz <rgm-sec@htt-consult.com>
In-Reply-To: <CA+n4P2oNax-=SBharnuxuY99C6RTgOQyi3tABEbZgkRnAVybew@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/LTIz9CByoZKdK5IAvL2Rtw4vfMY>
Subject: Re: [TLS] Draft TLS Extension for Path Validation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 May 2022 23:53:39 -0000
This is the Aviation use case I mentioned in earlier mails. I will be submitting a BOF request tomorrow, performa. Of course it is for the ADs to decide if this is a standalone BOF or a 20min slot in SECDISPATCH. How much time people want to discuss it is in large measure related to the discussion we engender here. Thank you for your attention. And thank you for reviewing and making this a solid design that we can get deployed for avaiation Air-to-ground and any similar use case. Bob On 5/26/22 19:43, Ashley Kopman wrote: > > The use case for the D(TLS) Path Validation extension in civil > aviation has been submitted > https://www.ietf.org/archive/id/draft-segers-tls-cert-val-ext-use-case-00.txt there > is also referenced slide deck available > http://conceptsbeyond.com/resources/SCVPValidationRequest_UseCase_CB.pdf > > Thank you, > Ashley Kopman > >> On May 26, 2022, at 8:36 AM, Ashley Kopman >> <akopman@conceptsbeyond.com> wrote: >> >> Ilari, >> >> Thank you for your feedback. >> >> You are correct in assuming that this was designed after the OCSP >> status_request extension. It is a valid point that the extension can >> likely be omitted from the server hello. The intent was to >> communicate to the client that the server supports the extension and >> will respond with the path validation information. However, since it >> is allowed for the server to respond with the extension and then not >> supply the path validation, it is not very useful overhead. I will >> remove the extension from the server hello. >> >> You are also correct that sending the certificate chain becomes >> unnecessary. It was my intent to communicate that, but looking back >> at the draft, I don’t think I made it clear. I will add it. >> >> Thank you, >> >> Ashley >> >> >>> On May 25, 2022, at 2:23 PM, Ilari Liusvaara >>> <ilariliusvaara@welho.com> wrote: >>> >>> On Wed, May 25, 2022 at 12:40:13PM -0400, Ashley Kopman wrote: >>>> Hi TLS, >>>> >>>> I have just submitted a draft TLS Extension for Path Validation >>>> https://www.ietf.org/archive/id/draft-segers-tls-cert-validation-ext-00.txt >>>> <https://www.ietf.org/archive/id/draft-segers-tls-cert-validation-ext-00.txt> >>>> >>>> The proposal is for a Path Validation Extension to provide a new >>>> protocol for TLS/DTLS allowing inclusion of certificate path >>>> validation information in the TLS/DTLS handshake. Specifically, it >>>> covers the use of Server-based Certificate Validation Protocol >>>> (SCVP) for path validation. >>> >>> Looking at how this is integrated to (D)TLS: >>> >>> >>> For (D)TLS 1.2, the server extension does not seem to be technically >>> necressary, and omitting it could simplify things. Yes, this design >>> is the same as one used for OCSP stapling (status_request), but I >>> found the server hello extension in OCSP to be seemingly unnecressary >>> extra complexity. >>> >>> For (D)TLS 1.3, why there are seemingly two server extensions, one in >>> server hello, which is usually only used for low-level crypto stuff, >>> which this is not, and another in certificate message (which makes >>> sense for certificate-related thing. >>> >>> >>> And this is maybe a stupid question, but I didn't find an answer by >>> quickly looking at the draft nor the SCVP RFC, does the server need to >>> send the certificate chain to the client if it sends the SCVP response, >>> or just the end-entity certificate? Omitting the chain could save >>> quite a bit of handshake size. >>> >>> >>> >>> -Ilari >> > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] Draft TLS Extension for Path Validation Ashley Kopman
- Re: [TLS] Draft TLS Extension for Path Validation Robert Moskowitz
- Re: [TLS] Draft TLS Extension for Path Validation Ilari Liusvaara
- Re: [TLS] Draft TLS Extension for Path Validation Peter Gutmann
- Re: [TLS] Draft TLS Extension for Path Validation Robert Moskowitz
- Re: [TLS] Draft TLS Extension for Path Validation Robert Moskowitz
- Re: [TLS] Draft TLS Extension for Path Validation Ashley Kopman
- Re: [TLS] Draft TLS Extension for Path Validation Salz, Rich
- Re: [TLS] Draft TLS Extension for Path Validation Ashley Kopman
- Re: [TLS] Draft TLS Extension for Path Validation Robert Moskowitz
- Re: [TLS] Draft TLS Extension for Path Validation Eric Rescorla
- Re: [TLS] Draft TLS Extension for Path Validation Ashley Kopman
- Re: [TLS] Draft TLS Extension for Path Validation Ira McDonald
- Re: [TLS] Draft TLS Extension for Path Validation Ashley Kopman