Re: [TLS] Eric Rescorla's Discuss on draft-ietf-tls-dnssec-chain-extension-06: (with DISCUSS and COMMENT)

Paul Wouters <paul@nohats.ca> Mon, 05 March 2018 16:03 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7548C12D944; Mon, 5 Mar 2018 08:03:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.009
X-Spam-Level:
X-Spam-Status: No, score=-2.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sXbtNVup19B0; Mon, 5 Mar 2018 08:03:00 -0800 (PST)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A2FD812E898; Mon, 5 Mar 2018 08:02:52 -0800 (PST)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3zw4SB1LpdzCr3; Mon, 5 Mar 2018 17:02:50 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1520265770; bh=zlxL+63CokpEIG+YK1CGyReBYxc7FxhoE05jJNKeO5k=; h=Date:From:To:cc:Subject:In-Reply-To:References; b=EebDh6KZRF5wUAF9zIClp35bAavxm0Xk+bHhDfJekYWHbkqc6TPf0YNBrc/XY8nzU CPhR2b9VWchFF1/ROftnIQ0xIKoffzSmSH+gBbXT0+a1nDPoHOP1rZhhaMhqFzo3Qx lkWzwN5xJ4CzWFtCKKfj0XgJKKqeWApHQLJ/13hM=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id EGsoeJdqpBKi; Mon, 5 Mar 2018 17:02:49 +0100 (CET)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Mon, 5 Mar 2018 17:02:49 +0100 (CET)
Received: by bofh.nohats.ca (Postfix, from userid 1000) id 4D02436671C; Mon, 5 Mar 2018 11:02:48 -0500 (EST)
DKIM-Filter: OpenDKIM Filter v2.11.0 bofh.nohats.ca 4D02436671C
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 4543B44DA271; Mon, 5 Mar 2018 11:02:48 -0500 (EST)
Date: Mon, 05 Mar 2018 11:02:48 -0500
From: Paul Wouters <paul@nohats.ca>
To: Viktor Dukhovni <ietf-dane@dukhovni.org>
cc: TLS WG <tls@ietf.org>, draft-ietf-tls-dnssec-chain-extension@ietf.org, tls-chairs <tls-chairs@ietf.org>, The IESG <iesg@ietf.org>
In-Reply-To: <7135BE6C-CD9E-457C-8CF5-DC5A93B43B06@dukhovni.org>
Message-ID: <alpine.LRH.2.21.1803051101190.28097@bofh.nohats.ca>
References: <CABcZeBOST2X0-MH2hhzpPJaUkbY++udsUV1bMnMhH2V2wQRPmA@mail.gmail.com> <CAHPuVdUs7mUJiqZjFjLDCNmHHGR9AP-g5YaLLbJj-zkDKd=_-w@mail.gmail.com> <alpine.LRH.2.21.1802211425260.7767@bofh.nohats.ca> <CAHPuVdX=_6b5g572-T-9Ccwek-WwL11KdTVwV9oNC9LaO5=0=Q@mail.gmail.com> <alpine.LRH.2.21.1802260913290.9977@bofh.nohats.ca> <70D42B5C-7FF9-49C1-95D4-13FDC611FF96@dukhovni.org> <CAHPuVdU8boBpYO3QutJgawH-54fKD+R9PaaT-5yWE+y2t+BwwA@mail.gmail.com> <CAHPuVdWhEnYxcLUzs-zbnKiN0zj+WO-7_cK2EobS1Gipurk7CQ@mail.gmail.com> <20180227233610.GD8921@localhost> <20180227233854.GE8921@localhost> <20180228200707.GF8921@localhost> <CAHPuVdUOZ1J+us4QfS+AedMvRzTGBRMGHvu5jpOdYr6mENGKXw@mail.gmail.com> <239165FB-38EE-4B32-91E4-92C422901801@dukhovni.org> <08d01955-841b-6744-9f25-8535474dd26d@nlnetlabs.nl> <7135BE6C-CD9E-457C-8CF5-DC5A93B43B06@dukhovni.org>
User-Agent: Alpine 2.21 (LRH 202 2017-01-01)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"; format="flowed"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/NHKS1J_dzTQ1bLK9b1sSnIoag64>
Subject: Re: [TLS] Eric Rescorla's Discuss on draft-ietf-tls-dnssec-chain-extension-06: (with DISCUSS and COMMENT)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Mar 2018 16:03:03 -0000

On Mon, 5 Mar 2018, Viktor Dukhovni wrote:

>> On Mar 5, 2018, at 4:32 AM, Willem Toorop <willem@nlnetlabs.nl> wrote:
>>
>>> Therefore, any long-term caching of a destination's support for the extension
>>> should require server opt-in, and must have a maximum duration.
>>
>> How do you (all) feel about using the expiry date on the RRSIG for the
>> TLSA to be used for this purpose?
>
> I don't think the expiry date is adequate for this purpose.  To reduce
> the scope for replay attacks, my domain has 14 day RRSIG lifetimes, and
> automated re-signing happens as records age, so they are often as close
> as ~4 days away from expiration when re-signed.  And yet, if were to
> deploy a web server that implements this extension, I'd want to commit
> to DANE for a considerably longer time.

There is also the reverse problem of pinning something you don't have
anymore. With TTL, you can tune your commitment and risk.

Also in general, DNS data should not be used beyond its TTL unless the
data itself has some kind of TTL on it (eg a full cert payload or
openpgp key with expiry)

Paul