Re: [TLS] TLS renegotiation issue

Nicolas Williams <Nicolas.Williams@sun.com> Fri, 06 November 2009 00:11 UTC

Return-Path: <Nicolas.Williams@sun.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5F69A3A67F3 for <tls@core3.amsl.com>; Thu, 5 Nov 2009 16:11:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.014
X-Spam-Level:
X-Spam-Status: No, score=-6.014 tagged_above=-999 required=5 tests=[AWL=0.032, BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KSGs0MHrSQwa for <tls@core3.amsl.com>; Thu, 5 Nov 2009 16:11:16 -0800 (PST)
Received: from sca-ea-mail-2.sun.com (sca-ea-mail-2.Sun.COM [192.18.43.25]) by core3.amsl.com (Postfix) with ESMTP id 7358D3A6A03 for <tls@ietf.org>; Thu, 5 Nov 2009 16:11:14 -0800 (PST)
Received: from dm-central-02.central.sun.com ([129.147.62.5]) by sca-ea-mail-2.sun.com (8.13.7+Sun/8.12.9) with ESMTP id nA60BXUb028362 for <tls@ietf.org>; Fri, 6 Nov 2009 00:11:33 GMT
Received: from binky.Central.Sun.COM (binky.Central.Sun.COM [129.153.128.104]) by dm-central-02.central.sun.com (8.13.8+Sun/8.13.8/ENSMAIL, v2.2) with ESMTP id nA60BX6F017798 for <tls@ietf.org>; Thu, 5 Nov 2009 17:11:33 -0700 (MST)
Received: from binky.Central.Sun.COM (localhost [127.0.0.1]) by binky.Central.Sun.COM (8.14.3+Sun/8.14.3) with ESMTP id nA6003rU009759; Thu, 5 Nov 2009 18:00:03 -0600 (CST)
Received: (from nw141292@localhost) by binky.Central.Sun.COM (8.14.3+Sun/8.14.3/Submit) id nA6002kg009758; Thu, 5 Nov 2009 18:00:02 -0600 (CST)
X-Authentication-Warning: binky.Central.Sun.COM: nw141292 set sender to Nicolas.Williams@sun.com using -f
Date: Thu, 5 Nov 2009 18:00:02 -0600
From: Nicolas Williams <Nicolas.Williams@sun.com>
To: Martin Rex <mrex@sap.com>
Message-ID: <20091106000002.GQ1105@Sun.COM>
References: <20091105230343.GO1105@Sun.COM> <200911052351.nA5Npxai022736@fs4113.wdf.sap.corp>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200911052351.nA5Npxai022736@fs4113.wdf.sap.corp>
User-Agent: Mutt/1.5.7i
Cc: ekr@rtfm.com, tls@ietf.org
Subject: Re: [TLS] TLS renegotiation issue
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Nov 2009 00:11:17 -0000

On Fri, Nov 06, 2009 at 12:51:59AM +0100, Martin Rex wrote:
> Nicolas Williams wrote:
> > 
> > On Thu, Nov 05, 2009 at 10:16:11AM -0800, Eric Rescorla wrote:
> > > I now have a draft extension up at:
> > > 
> > > https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
> > > https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.xml
> > > 
> > > Comments welcome.
> > 
> > More comments:
> > 
> >  - Consider an implementation like Windows' SSPI-based implementation.
> >    Or, for that matter, the old GGF (Global Grid Forum) GSS-API
> >    interface to TLS.
> 
> This strikes me as really odd!

What's odd?

> Btw. does GGF really require renegotiation?  What is so impossible
> about asking for a client cert in the initial TLS handshake?

Did I say that?  No.  Please don't read into what I wrote.

But note that with a GGF GSS-API-based implementation of TLS you _can_
do re-negotiation!  It's simple really.  And it shows that there's no
link between the inner and outer connections (here, security contexts),
except that the outer one protects the inner's hanshake (here, security
context token exchange).  (Well, also, the app needs to know if the
server sent a ChangeCipherSpec message, so that it can switch to using
the inner security context for all subsequent wrap tokens.)

Nico
--