IETF Logo Mail Archive

Re: [TLS] draft-ietf-tls-cert-abridge Update

"Kampanakis, Panos" <kpanos@amazon.com> Thu, 07 March 2024 03:30 UTC

Return-Path: <prvs=7899bd7d5=kpanos@amazon.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E2B8FC14F6E8 for <tls@ietfa.amsl.com>; Wed, 6 Mar 2024 19:30:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.104
X-Spam-Level:
X-Spam-Status: No, score=-7.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, UNPARSEABLE_RELAY=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=amazon.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id syOvVWW4X835 for <tls@ietfa.amsl.com>; Wed, 6 Mar 2024 19:30:34 -0800 (PST)
Received: from smtp-fw-6002.amazon.com (smtp-fw-6002.amazon.com [52.95.49.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BA97EC14F605 for <tls@ietf.org>; Wed, 6 Mar 2024 19:30:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1709782234; x=1741318234; h=from:to:date:message-id:references:in-reply-to: mime-version:subject; bh=ytlR86kyj4rGk7irWWqhLWH4FaNChjZx3SByLg8h4So=; b=RS4wxmEUM1yI+UVt/wO1i6DmD444026HG7EYKKennfgv7F9J9i4lJyxh ZQw3e+4yphVIUnhkekfnBTERswlIQVCQFCNqowJ+ICWCwQyn03APZxX9D 0Nm4WJr6hP2pzahX0uGmAF3U1NSKFuO44tX7RkAyTd+XWm+czzHS/WGlQ Y=;
X-IronPort-AV: E=Sophos;i="6.06,209,1705363200"; d="scan'208,217";a="391546454"
Thread-Topic: [TLS] draft-ietf-tls-cert-abridge Update
Received: from iad12-co-svc-p1-lb1-vlan3.amazon.com (HELO smtpout.prod.us-west-2.prod.farcaster.email.amazon.dev) ([10.43.8.6]) by smtp-border-fw-6002.iad6.amazon.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Mar 2024 03:30:31 +0000
Received: from EX19MTAUWC002.ant.amazon.com [10.0.7.35:30046] by smtpin.naws.us-west-2.prod.farcaster.email.amazon.dev [10.0.56.117:2525] with esmtp (Farcaster) id bd4649ff-d784-4484-960a-b90c835329c8; Thu, 7 Mar 2024 03:30:30 +0000 (UTC)
X-Farcaster-Flow-ID: bd4649ff-d784-4484-960a-b90c835329c8
Received: from EX19D001ANA003.ant.amazon.com (10.37.240.188) by EX19MTAUWC002.ant.amazon.com (10.250.64.143) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Thu, 7 Mar 2024 03:30:30 +0000
Received: from EX19D001ANA001.ant.amazon.com (10.37.240.156) by EX19D001ANA003.ant.amazon.com (10.37.240.188) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1258.28; Thu, 7 Mar 2024 03:30:29 +0000
Received: from EX19D001ANA001.ant.amazon.com ([fe80::4f78:75cd:3117:8055]) by EX19D001ANA001.ant.amazon.com ([fe80::4f78:75cd:3117:8055%5]) with mapi id 15.02.1258.028; Thu, 7 Mar 2024 03:30:29 +0000
From: "Kampanakis, Panos" <kpanos@amazon.com>
To: Dennis Jackson <ietf=40dennis-jackson.uk@dmarc.ietf.org>, "tls@ietf.org" <tls@ietf.org>
Thread-Index: AQHaa9kE6w2Ud2lB7UWyzVgqw+f9Y7Ej1kbwgAPocYCAAMtZYIACJKwAgAD3MyA=
Date: Thu, 07 Mar 2024 03:30:29 +0000
Message-ID: <4d4ce872263447cd863611f27aed8c09@amazon.com>
References: <b022bf36-d26f-4d0d-8ebe-155382ba9dfd@dennis-jackson.uk> <933f2fdb3f8a4fd48b61c07652e189b5@amazon.com> <96ab0812-0777-4106-b031-234dacd4435c@dennis-jackson.uk> <ca149a141fe341f69aa354efbf4394bb@amazon.com> <a325ebda-9eb8-443c-bd31-0c8f145f3b48@dennis-jackson.uk>
In-Reply-To: <a325ebda-9eb8-443c-bd31-0c8f145f3b48@dennis-jackson.uk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.37.240.172]
Content-Type: multipart/alternative; boundary="_000_4d4ce872263447cd863611f27aed8c09amazoncom_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/OuVhNjcTQR_Lv7ZbLKlK_G1GZHo>
Subject: Re: [TLS] draft-ietf-tls-cert-abridge Update
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Mar 2024 03:30:36 -0000

Good point, understood, thanks.

> I was suggesting either have it be a single label for the entire message or putting the label into the TLS1.3 Cert Compression codepoint.

I think the former sounds more reasonable. 2 codepoints for (only CA pass 1 compression) and (Pass1+Pass2) seems to be wasting codepoints.

The problem I am trying to address is cases where 1/ SCTs are not available (like Private PKIs), or 2/ the server is lazy and does not want to create that dictionary, or 3/ the benefit of Pass 2 is not important enough. I understand that you will collect data for 3/ to hopefully prove it, so I will wait for those. But I think 1/ and 2/ are still worth addressing.


From: TLS <tls-bounces@ietf.org> On Behalf Of Dennis Jackson
Sent: Wednesday, March 6, 2024 7:39 AM
To: tls@ietf.org
Subject: RE: [EXTERNAL] [TLS] draft-ietf-tls-cert-abridge Update


CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.



Hi Panos,
On 05/03/2024 04:14, Kampanakis, Panos wrote:
Hi Dennis,

> I can see two different ways to handle it. Either as you suggest, we have it be a runtime decision and we just prefix the compressed form with a byte to indicate whether pass 2 has been used. Alternatively, we can define two codepoints, (pass 1 + pass 2, pass 1).
> I'd like to experiment with both operations and measure what the real world difference is first, then we can make a decision on how to proceed. There's also been more interest in the non-webpki use case than I expected, so that needs to factor in to whichever option we pick.

Maybe these will not matter for the scenario I am considering. Let’s say the client advertised support for draft-ietf-tls-cert-abridge. And the server sent back
- CompressedCertificate which includes the 2 identifiers for the ICA and RootCA from Pass 1.
- uncompressed, traditional CertificateEnty of the end-entity certificate

Or it sent back

- uncompressed, traditional CertificateEnties for the  ICA and RootCA certs
- CompressedCertificate which includes the ZStandard compressed (based on the Pass2 dictionary) end-entity cert

My point is that nothing should prevent the client from being able to handle these two scenarios and normative language should point that out. Any software that can parse certs in compressed form, ought to be able to parse them in regular form if the server did not support Pass1 (CA cers were not available for some reason) or Pass2 (eg. if CT Logs were not available for some reason).

Am I overseeing something?


Yes I think so. TLS1.3 Certificate Compression applies to the entire Certificate Message, not individual CertificateEntries in that message. Those individual entries don't currently carry identifiers about what type they are, their type is negotiated earlier in the EncryptedExtensions extension.

So to handle this as you propose, we'd need to define a type field for each entry to specify whether that particular entry had undergone a particular pass (or both). In my message, I was suggesting either have it be a single label for the entire message or putting the label into the TLS1.3 Cert Compression codepoint.

Best,
Dennis

v2.23.0 | Report a Bug | By Email