Re: [TLS] [sasl] [CHANNEL-BINDING] Updates to draft-altman-tls-channel-bindings (PLEASE REVIEW)
Larry Zhu <larry.zhu@microsoft.com> Thu, 18 March 2010 18:14 UTC
Return-Path: <larry.zhu@microsoft.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E4EB33A681B; Thu, 18 Mar 2010 11:14:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.469
X-Spam-Level:
X-Spam-Status: No, score=-9.469 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3GnWI+Gm6JHb; Thu, 18 Mar 2010 11:14:07 -0700 (PDT)
Received: from smtp.microsoft.com (maila.microsoft.com [131.107.115.212]) by core3.amsl.com (Postfix) with ESMTP id 85C203A6B8E; Thu, 18 Mar 2010 11:13:34 -0700 (PDT)
Received: from TK5EX14HUBC101.redmond.corp.microsoft.com (157.54.7.153) by TK5-EXGWY-E801.partners.extranet.microsoft.com (10.251.56.50) with Microsoft SMTP Server (TLS) id 8.2.176.0; Thu, 18 Mar 2010 11:13:46 -0700
Received: from TK5EX14MLTW652.wingroup.windeploy.ntdev.microsoft.com (157.54.71.68) by TK5EX14HUBC101.redmond.corp.microsoft.com (157.54.7.153) with Microsoft SMTP Server (TLS) id 14.0.639.21; Thu, 18 Mar 2010 11:13:45 -0700
Received: from TK5EX14MBXW603.wingroup.windeploy.ntdev.microsoft.com ([169.254.3.141]) by TK5EX14MLTW652.wingroup.windeploy.ntdev.microsoft.com ([157.54.71.68]) with mapi; Thu, 18 Mar 2010 11:13:44 -0700
From: Larry Zhu <larry.zhu@microsoft.com>
To: Simon Josefsson <simon@josefsson.org>, Dave Cridland <dave@cridland.net>
Thread-Topic: [sasl] [CHANNEL-BINDING] Updates to draft-altman-tls-channel-bindings (PLEASE REVIEW)
Thread-Index: AQHKxq7t/vXMiR7Kp0yDnzuPbplZNpH3/s+Q
Date: Thu, 18 Mar 2010 18:13:43 +0000
Message-ID: <4B17DE30119FF1429798D9F5D94BDE8C0EB4DBDF@TK5EX14MBXW603.wingroup.windeploy.ntdev.microsoft.com>
References: <20100317231522.GA18167@Sun.COM> <808FD6E27AD4884E94820BC333B2DB775848524D7A@NOK-EUMSG-01.mgdnok.nokia.com> <2462.1268919913.457533@puncture> <877hp98xjn.fsf@mocca.josefsson.org>
In-Reply-To: <877hp98xjn.fsf@mocca.josefsson.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "channel-binding@ietf.org" <channel-binding@ietf.org>, "tls@ietf.org" <tls@ietf.org>, SASL Working Group <sasl@ietf.org>
Subject: Re: [TLS] [sasl] [CHANNEL-BINDING] Updates to draft-altman-tls-channel-bindings (PLEASE REVIEW)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Mar 2010 18:14:09 -0000
It seems that we can leave tls-unique as is, and add a new registry, let's say, called "tls-dynamic" or similar, to use the updated definition. Unless some one finds a case where interop can be an issue, it is probably a better way to go. --Larry -----Original Message----- From: sasl-bounces@ietf.org [mailto:sasl-bounces@ietf.org] On Behalf Of Simon Josefsson Sent: Thursday, March 18, 2010 8:22 AM To: Dave Cridland Cc: channel-binding@ietf.org; SASL Working Group; tls@ietf.org Subject: Re: [sasl] [CHANNEL-BINDING] Updates to draft-altman-tls-channel-bindings (PLEASE REVIEW) Dave Cridland <dave@cridland.net> writes: > On Thu Mar 18 11:49:11 2010, Pasi.Eronen@nokia.com wrote: >> >> A question for SASL: both GS2 and SCRAM are currently in >> RFC Editor AUTH48, and they have a normative reference >> to the IANA registration page for 'tls-unique'. >> >> Since it appears we're about to change that registration >> quite radically, what's the impact on GS2/SCRAM? Have GS2 >> and/or SCRAM implementors implemented the 'tls-unique' >> binding? >> >> > This SCRAM implementor did, yes. And I followed the > specification. Aren't I naïve? I've done testing with the IANA registered tls-unique too. GnuTLS added APIs for this two major/stable release cycles ago (2008-10) which is now widely deployed. It may be that the APIs are flexible enough to be able to implement the new semantics, although I suppose applications would need to be modified. I haven't analyzed the details yet... What kind of software has Microsoft deployed already that use tls-unique? I thought GS2 and SCRAM were the most ready protocols that used it, and they are still not final. Changing the IANA specification for tls-unique long after it has been registered and published seems bad to me. Bad enough to make me think that it is a mistake for GS2/SCRAM to reference the IANA specification normatively -- if the IANA registry is not immutable, interop is not possible. There is always the option of making GS2/SCRAM reference 'tls-unique2' and specify that clearly and stable once and for all. Then we can let 'tls-unique' be the interop mess that it appears to be right now. /Simon > >> And should we publish the RFCs at this time, if we know one >> of the normative references is, well, unstable (likely to >> change in non-backward-compatible way soon)? >> >> Best regards, >> Pasi >> >> > -----Original Message----- >> > From: sasl-bounces@ietf.org [mailto:sasl-bounces@ietf.org] On >> Behalf Of >> > ext Nicolas Williams >> > Sent: 18 March, 2010 01:15 >> > To: channel-binding@ietf.org; sasl@ietf.org; tls@ietf.org >> > Subject: [sasl] Updates to draft-altman-tls-channel-bindings >> (PLEASE >> > REVIEW) >> > >> > Now that TLS re-negotiation security (RFC5746) is done we need to >> > finish >> > draft-altman-tls-channel-bindings. >> > >> > It's become clear that MSFT implemented and deployed something >> slightly >> > different than the 'tls-unique' binding description that had been >> > registered. They seem to be the only implementors to date; their >> > implementation is secure, therefore I propose that we simply >> modify the >> > description of 'tls-unique' and be done. >> > >> > The differences are: >> > >> > - it's not always the client's Finished message, but the _first_ >> > Finished message in the relevant handshake (in a session >> resumption >> > handshake the server sends its Finished message first); >> > > > This is quite annoying. It's harder for me (personally) to implement, > given the APIs I'm working with. Moreover, since it changes with a > (relatively) unusual feature of TLS, I suspect people will get this > wrong - most uses of TLS in, for example, XMPP or IMAP do not appear > to use session resumption much. > > >> > - the Finished message is taken from the latest/inner-most TLS >> > handshake, rather than the outer-most one >> > > > This unnerves me. I'd prefer to use only the first negotiation from > each side, since that effectively means that both ends know which one > that was. Moreover, in principle a negotiation could occur during the > SASL exchange, which would then invalidate the channel binding. > > Dave. > -- > Dave Cridland - mailto:dave@cridland.net - xmpp:dwd@dave.cridland.net > - acap://acap.dave.cridland.net/byowner/user/dwd/bookmarks/ > - http://dave.cridland.net/ > Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade > _______________________________________________ > CHANNEL-BINDING mailing list > CHANNEL-BINDING@ietf.org > https://www.ietf.org/mailman/listinfo/channel-binding _______________________________________________ sasl mailing list sasl@ietf.org https://www.ietf.org/mailman/listinfo/sasl
- [TLS] Updates to draft-altman-tls-channel-binding… Nicolas Williams
- Re: [TLS] [sasl] Updates to draft-altman-tls-chan… Pasi.Eronen
- Re: [TLS] [sasl] Updates to draft-altman-tls-chan… Dave Cridland
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to dra… Simon Josefsson
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to dra… Nicolas Williams
- Re: [TLS] [sasl] [CHANNEL-BINDING] Updates to dra… Larry Zhu
- Re: [TLS] [sasl] [CHANNEL-BINDING] Updates to dra… Nicolas Williams
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to dra… Nicolas Williams
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to dra… Nicolas Williams
- Re: [TLS] [sasl] [CHANNEL-BINDING] Updates to dra… Alexey Melnikov
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to dra… Alexey Melnikov
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to dra… Simon Josefsson
- Re: [TLS] [CHANNEL-BINDING] Updates to draft-altm… Simon Josefsson
- Re: [TLS] [CHANNEL-BINDING] Updates to draft-altm… Nicolas Williams
- Re: [TLS] [CHANNEL-BINDING] Updates to Martin Rex
- [TLS] Updates to draft-altman-tls-channel-binding… Nicolas Williams
- Re: [TLS] [CHANNEL-BINDING] Updates to draft-altm… Alexey Melnikov
- Re: [TLS] [sasl] Updates to draft-altman-tls-chan… Nicolas Williams
- Re: [TLS] [sasl] Updates to draft-altman-tls-chan… Nicolas Williams
- Re: [TLS] [sasl] Updates to draft-altman-tls-chan… Larry Zhu
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to dra… Nicolas Williams
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to dra… Nicolas Williams
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to dra… Larry Zhu
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to dra… Simon Josefsson
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to dra… Nicolas Williams
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to dra… Nicolas Williams
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to dra… Simon Josefsson
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to dra… Larry Zhu
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to dra… Nicolas Williams
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to Martin Rex
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to Simon Josefsson
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to dra… Nicolas Williams
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to Martin Rex
- Re: [TLS] [CHANNEL-BINDING] [sasl] Updates to Larry Zhu
- [TLS] Avoiding CB sync problem via server-side so… Nicolas Williams
- Re: [TLS] [sasl] Updates to draft-altman-tls-chan… Eliot Lear
- Re: [TLS] [sasl] Updates to draft-altman-tls-chan… Nicolas Williams
- Re: [TLS] [sasl] Updates to draft-altman-tls-chan… Sean Turner