Re: [TLS] draft-sullivan-tls-exported-authenticator-00

Ilari Liusvaara <ilariliusvaara@welho.com> Tue, 01 November 2016 18:57 UTC

Return-Path: <ilariliusvaara@welho.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C0DDB1298AD for <tls@ietfa.amsl.com>; Tue, 1 Nov 2016 11:57:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.397
X-Spam-Level:
X-Spam-Status: No, score=-3.397 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-1.497] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gfJvt-X9YJE2 for <tls@ietfa.amsl.com>; Tue, 1 Nov 2016 11:57:45 -0700 (PDT)
Received: from welho-filter3.welho.com (welho-filter3.welho.com [83.102.41.25]) by ietfa.amsl.com (Postfix) with ESMTP id 0A5651298B3 for <TLS@ietf.org>; Tue, 1 Nov 2016 11:57:40 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by welho-filter3.welho.com (Postfix) with ESMTP id 12F2B12E3E; Tue, 1 Nov 2016 20:57:39 +0200 (EET)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp2.welho.com ([IPv6:::ffff:83.102.41.85]) by localhost (welho-filter3.welho.com [::ffff:83.102.41.25]) (amavisd-new, port 10024) with ESMTP id Yo4_4UznMecI; Tue, 1 Nov 2016 20:57:38 +0200 (EET)
Received: from LK-Perkele-V2 (87-92-51-204.bb.dnainternet.fi [87.92.51.204]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by welho-smtp2.welho.com (Postfix) with ESMTPSA id B98A321C; Tue, 1 Nov 2016 20:57:38 +0200 (EET)
Date: Tue, 1 Nov 2016 20:57:36 +0200
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: William Whyte <wwhyte@securityinnovation.com>
Message-ID: <20161101185736.GA25587@LK-Perkele-V2.elisa-laajakaista.fi>
References: <CAOjisRyWyON1FXghU09GTJYmvKpjgztFr_9wL=U6yV0-9DkcgA@mail.gmail.com> <CACz1E9qngj_726exoA4p57h63UaQB_JUokbaZ=fk1M2TF-JpXw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <CACz1E9qngj_726exoA4p57h63UaQB_JUokbaZ=fk1M2TF-JpXw@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Q9cKj_VI8ri7uzOuNyargLvMJog>
Cc: "tls@ietf.org" <TLS@ietf.org>
Subject: Re: [TLS] draft-sullivan-tls-exported-authenticator-00
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Nov 2016 18:57:48 -0000

On Tue, Nov 01, 2016 at 04:41:44AM -0400, William Whyte wrote:
> I'm confused by the line "These messages are not encrypted", because on a
> plain reading it could mean that the authenticator is sent outside the
> encrypted TLS session. That would be bad because it would mean that clients
> that wanted to authenticate themselves but to the server only wouldn't be
> able to use this mechanism. I assume that's not the intent? If that isn't
> the intent, suggest rephrasing as "These messages are not encrypted, other
> than the encryption provided on transmission by the TLS session".

What I think it means that the authenticator is not encrypted before
handing it to the application for transport (most probably ultimately
ending inside the TLS connection itself, which does encrypt it on the
wire).


Also, the message emitted is formatted as follows, right?

- Byte 0x0B (CERTIFICATE code)
- 3-byte length of Certificate message
- Standard TLS 1.3 Certificate message payload
- Byte 0x0F (CERTIFICATE_VERIFY code)
- 3-byte length of CertificateVerify message
- Standard TLS 1.3 CertificateVerify message payload
- Byte 0x14 (FINISHED code)
- 3-byte length of Finished message
- Standard TLS 1.3 Finished message payload




-Ilari