[TLS] Drafts for batch signing and PKCS#1 v1.5
David Benjamin <davidben@chromium.org> Tue, 30 July 2019 00:16 UTC
Return-Path: <davidben@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 53F0212002E for <tls@ietfa.amsl.com>; Mon, 29 Jul 2019 17:16:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.25
X-Spam-Level:
X-Spam-Status: No, score=-9.25 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=chromium.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eqQ2JoorX6w3 for <tls@ietfa.amsl.com>; Mon, 29 Jul 2019 17:16:01 -0700 (PDT)
Received: from mail-qt1-x831.google.com (mail-qt1-x831.google.com [IPv6:2607:f8b0:4864:20::831]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 733AF120129 for <tls@ietf.org>; Mon, 29 Jul 2019 17:16:01 -0700 (PDT)
Received: by mail-qt1-x831.google.com with SMTP id a15so61298623qtn.7 for <tls@ietf.org>; Mon, 29 Jul 2019 17:16:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:from:date:message-id:subject:to; bh=d0/LhZgTi17o+WzSh7Ctd2zaZDTsMzHiUYI4s4wUZFc=; b=GI1AtIQZKvMeAsTSk1Zvjg0n/jL19e+nGiLQ3LGfziYDwFKX2j7hDg2E1dDIFc7d8h fdKv1kma+mDAtKniiNAUh3So79glybRjQCLor/fcRm1J+9l8CEC9xDEXR8IZ5HvoTuMr KTHdyLndH71RgyIp0D/W2bp2/d67TorziaWpo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=d0/LhZgTi17o+WzSh7Ctd2zaZDTsMzHiUYI4s4wUZFc=; b=kjKdi8fEJnj6IV/WD4xnywOehRJvpo7AQQGDpgL+koJ76C9C6+YwAsq3cFzJgLnJjG 9I+sS8wLL55I2BF2Q3LZ1ayDPhYh06cIR14S/GhBhLLTav1V31vg2QdktWN84+p/XKST oldn3TWUDKCKuHwgaPajIX9b/LYWuV6NrgsMp6kitGh3/bX3R9DJsZMzec/rRh1Kybe1 nuyQuS70P1CVNorCN//iFrhubrVg91nKUyTn3ikeZDDiUslSc6PW5XNA64HJEtdYxtlJ IGax3SFhV/20XNcJhS37NiLzDAKagHx2wwn9/x0VFsqO1wuZbWiIZ/DCYUpZ18psLr5i umjQ==
X-Gm-Message-State: APjAAAXIJrqeaO6hHOFnYfnrVOJNqBVfDAx+54vPRbo1jrO7xwhand7l e5MPqvtUq3yqdYN8GbZlZpJOaNi8np4NOBstOY7Ddd9t+g==
X-Google-Smtp-Source: APXvYqykl3+hJOS/i/T+0WaxqytrsodsbwLw3cyd0v/lLP87nrCuRtORalOYasxw08kEUW5Zqz8vrDqnzF598WbOi3Y=
X-Received: by 2002:ac8:2bf1:: with SMTP id n46mr78446737qtn.372.1564445760203; Mon, 29 Jul 2019 17:16:00 -0700 (PDT)
MIME-Version: 1.0
From: David Benjamin <davidben@chromium.org>
Date: Mon, 29 Jul 2019 20:15:44 -0400
Message-ID: <CAF8qwaDxRhGXc522Rf4C-8OcGM4Mm08Xca4KNNpHcT=4Va89aA@mail.gmail.com>
To: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000cf007f058edae916"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Q-X91ewgr35B_15Oo35TYG64sDI>
Subject: [TLS] Drafts for batch signing and PKCS#1 v1.5
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jul 2019 00:16:03 -0000
Hi all, I’ve just uploaded a pair of drafts relating to signatures in TLS 1.3. https://tools.ietf.org/html/draft-davidben-tls13-pkcs1-00 https://tools.ietf.org/html/draft-davidben-tls-batch-signing-00 The first introduces optional legacy codepoints for PKCS#1 v1.5 signatures with client certificates. This is unfortunate, but I think we should do it. On the Chrome side, we’ve encountered some headaches with the TLS 1.3 PSS requirement which are unique to client certificates. The document describes the motivations in detail. The second describes a batch signing mechanism for TLS using Merkle trees. It allows TLS clients and servers to better handle signing load. I think it could be beneficial for a number of DoS and remote key scenarios. Thoughts? David
- [TLS] Drafts for batch signing and PKCS#1 v1.5 David Benjamin
- Re: [TLS] Drafts for batch signing and PKCS#1 v1.5 David Benjamin
- Re: [TLS] Drafts for batch signing and PKCS#1 v1.5 Ben Schwartz
- Re: [TLS] Drafts for batch signing and PKCS#1 v1.5 Martin Thomson
- Re: [TLS] Drafts for batch signing and PKCS#1 v1.5 David Benjamin
- Re: [TLS] Drafts for batch signing and PKCS#1 v1.5 Andrey Jivsov
- Re: [TLS] Drafts for batch signing and PKCS#1 v1.5 Ilari Liusvaara
- Re: [TLS] Drafts for batch signing and PKCS#1 v1.5 Thom Wiggers
- Re: [TLS] Drafts for batch signing and PKCS#1 v1.5 Ben Schwartz
- Re: [TLS] Drafts for batch signing and PKCS#1 v1.5 David Benjamin
- Re: [TLS] Drafts for batch signing and PKCS#1 v1.5 David Benjamin
- Re: [TLS] Drafts for batch signing and PKCS#1 v1.5 David Benjamin
- Re: [TLS] Drafts for batch signing and PKCS#1 v1.5 Ben Schwartz
- Re: [TLS] Drafts for batch signing and PKCS#1 v1.5 David Benjamin