Re: [TLS] Distinguishing between external/resumption PSKs

Rob Sayre <sayrer@gmail.com> Fri, 20 September 2019 19:08 UTC

Return-Path: <sayrer@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 520D61208CC for <tls@ietfa.amsl.com>; Fri, 20 Sep 2019 12:08:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lcG9AfWXpENH for <tls@ietfa.amsl.com>; Fri, 20 Sep 2019 12:08:52 -0700 (PDT)
Received: from mail-io1-xd32.google.com (mail-io1-xd32.google.com [IPv6:2607:f8b0:4864:20::d32]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 51EB61208BF for <tls@ietf.org>; Fri, 20 Sep 2019 12:08:52 -0700 (PDT)
Received: by mail-io1-xd32.google.com with SMTP id h144so18566725iof.7 for <tls@ietf.org>; Fri, 20 Sep 2019 12:08:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=neFznwuKbq/tjqw9LadUHp8zzAJHEfm2scTLAqSr5Fc=; b=FABmSntZBguGMaSINUjPQByz9LgTb+BZg3CJZ3hn5wmDrAFa8sQpYsWba1as1DAse8 qmma3Ea9mmkq10TYMnoGCODA71uOPmzz16ZCQ+t3JXMnGBZ9CEpn7cd4A4youq4pGayR VRqnAdz11ETAleQG9rAobHZ3hlovJKvJyhNfxyAGDan7wD2xPClixwo1h0/WzXboDCs6 /dYr5DsnCwOqakhOm6Xmo8cU+o22Js73c6xgsMu8sRwTsQCIIJQMgY0VvEj0nlHyYyVb Ei/XivohajcKSPH5TjrM5Ikfauu8o+QluUIrmw4HDevXjOqiSF0Ugb19zTWcpBa9IdRQ /GNQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=neFznwuKbq/tjqw9LadUHp8zzAJHEfm2scTLAqSr5Fc=; b=rdrdzvYwEojfnJuiyMylFG4nzetPjO0exeXntFe3nR+FNHjbclMTgdZpy5AJHNjTBU DWVkMMS6xkVvpc5fjgZZ3Q8pIoRquYbV2Yp7D3mZX954KaGNdIR6U6zaFsz6fNvEXihu 75hSsYmPirGZN0EAFRmZyZjCsCB2QNJq9Iw0L11M96FhKTC4H19FE1H4ADnGu6UhksaV 4gknT0KmXSbcvZW/xcTVAafbcC/l5uoatrD0tuz53DPgyIGk3wJWJLzaqOP3E3veSrA5 pUGtpB5P5z3JdOz0EajhzRYmCO38PYSwNoSxzPx+l8lnSB005L/qirpX+NxEHjIwvT8S WO8w==
X-Gm-Message-State: APjAAAWSKeUGfLIg3/mLfuQ6GihdYYmtX3xDVCkleHboJkhs1xUwhLvC IeccJkaklf23CG52ovT1lpY9xdw+DFWpl6t1mus=
X-Google-Smtp-Source: APXvYqx/KKALqLoeSss+ZlD1FNx0t9dP7D+LLZO29j66gSakdJ3mjTvfLDaw+arj0d7IuRwuG56CdIg2lRFYjtQWY7U=
X-Received: by 2002:a6b:2c07:: with SMTP id s7mr7292980ios.254.1569006531489; Fri, 20 Sep 2019 12:08:51 -0700 (PDT)
MIME-Version: 1.0
References: <CY4PR1101MB227834A5DF828F000C6D1144DB890@CY4PR1101MB2278.namprd11.prod.outlook.com> <CACykbs2qp0EDa3pGfFpQY6rgruJD1f-6mZ_B5KF8kBkrXD9caw@mail.gmail.com> <CY4PR1101MB227871FEF520A88CF65BADF6DB890@CY4PR1101MB2278.namprd11.prod.outlook.com> <CACykbs3aQxM3kxa3khOYbj8naXfcaPmSOKY01nAsuAyfEWYkzg@mail.gmail.com> <CAL02cgT73q0iOj=7fMsneQwjAFFDnSYM92MhV0adSfU2qOCurQ@mail.gmail.com> <CACykbs2=e9LvnvvU=zOWuzqeU4aYXOA3SPWBwQGyPcW6QjrSkA@mail.gmail.com> <CAL02cgSuFGNd26TS8bNbjhh+YEYVbAH5TQBneeLNyouZemAZXw@mail.gmail.com> <DDFDB072-63F6-4B52-9F64-56772910515D@huitema.net> <20190919183539.GB5002@localhost> <CAL02cgRdeP6noogLiVXzthKGMNGq7gyFhPKqHGQCsrACg9Cs5A@mail.gmail.com> <20190919214851.GC5002@localhost> <CADh2w8T+zxaJ8+Wju-NbCq+Sh-qF3mkda3SY2izPh8Zk-Sq6Eg@mail.gmail.com>
In-Reply-To: <CADh2w8T+zxaJ8+Wju-NbCq+Sh-qF3mkda3SY2izPh8Zk-Sq6Eg@mail.gmail.com>
From: Rob Sayre <sayrer@gmail.com>
Date: Fri, 20 Sep 2019 12:08:40 -0700
Message-ID: <CAChr6SzumcEHRjxLg0CL500ytXU5=eEo5WORXmV1BNApyfeSBA@mail.gmail.com>
To: Nikos Mavrogiannopoulos <nmav@redhat.com>
Cc: Nico Williams <nico@cryptonector.com>, "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000f5b9f3059300ccf3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Pw6hXXbw1yYtvRIBMKEZXOg-f5s>
Subject: Re: [TLS] Distinguishing between external/resumption PSKs
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Sep 2019 19:08:54 -0000

On Fri, Sep 20, 2019 at 4:32 AM Nikos Mavrogiannopoulos <nmav@redhat.com>;
wrote:

> On Thu, Sep 19, 2019 at 11:49 PM Nico Williams <nico@cryptonector.com>;
> wrote:
> >
> > On Thu, Sep 19, 2019 at 04:57:17PM -0400, Richard Barnes wrote:
> > > I don't think anyone's asking for these cases to be differentiable on
> the
> > > wire.  The question is whether the *server* can differentiate, in
> > > particular, the application running on the server.
> >
> > And the answer to that one is "yes", because the server has control over
> > the PSK IDs.
>
> You are making a lot of implicit assumptions for that. Consider a
> "server" consisting of multiple front end implementations all
> connected to a DB back-end. Does that "server" has control over PSK
> IDs?
>

While Nico's assertion isn't always practical, I think it fits a pretty
common pattern: a TLS-terminator / edge server validates that the server
issued the credential, without hitting the backing credentials database.
These servers often perform similar checks on HTTP Cookie headers. Then, as
the traffic is passed to the application, the credential is actually
checked against the database.

thanks,
Rob