[TLS] Deprecating Static DH certificates in the obsolete key exchange document
Joseph Salowey <joe@salowey.net> Mon, 15 April 2024 18:14 UTC
Return-Path: <joe@salowey.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 41036C14F681 for <tls@ietfa.amsl.com>; Mon, 15 Apr 2024 11:14:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=salowey-net.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BSY5bc4_e6k9 for <tls@ietfa.amsl.com>; Mon, 15 Apr 2024 11:14:23 -0700 (PDT)
Received: from mail-lj1-x22e.google.com (mail-lj1-x22e.google.com [IPv6:2a00:1450:4864:20::22e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B4A5DC14F601 for <tls@ietf.org>; Mon, 15 Apr 2024 11:14:23 -0700 (PDT)
Received: by mail-lj1-x22e.google.com with SMTP id 38308e7fff4ca-2d9fe2b37acso44372321fa.2 for <tls@ietf.org>; Mon, 15 Apr 2024 11:14:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=salowey-net.20230601.gappssmtp.com; s=20230601; t=1713204861; x=1713809661; darn=ietf.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=P6Lh/urf4jO+URHU+MBTPEu/FKBq9c9nD7K4KQ6vwhc=; b=sxEV7a9XO+chGylUlVopooROXpBRd+jmd7+ZYQzSNjn7a/9qv5HxBEqKm5sywqOxtE xuMU9UkMGUw/Wm/GZqM29/807e2ydVmWJOY4AqiXWqkeCWBKbnOKJjjImdl8NSCUfAhf OCTMtcrY9ZPEj0cwV7vz7JVMKGHC3IdL4seYOjlIDXxqapNzphOuhqQhgpVn0Pxgb9x0 2fOe+QgIbC+ttDDsquqwbIOgEeiax35gWm2iQAQ6+11H25CPQCjmtDOYui/C3oosbAls zOG2q0jMQEiMUHtM5pzwlzFf4tLVgHVP8dU0yzrubloUKlGrBZ9Q7UqqkC8dsRVQscnZ ZSaQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1713204861; x=1713809661; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=P6Lh/urf4jO+URHU+MBTPEu/FKBq9c9nD7K4KQ6vwhc=; b=FzgMv6m+1AUgoxVmE5MtmU9Ly+qHg+IpdzKh+qx9J7Cf0EBhMH1s5ohszZtVKNGJJB sop6jqW3u5zSyZOG2VFIIz5znIazGvGFOwT/7tXt7Q3D/i0kDfimm6ygYLjEC8l6lxLB Dh3GFOcsw6BvIhYlNdCxmqTCljV1aDERBEwYkcB9wRAR7qb2vletZWXwNOxQDZld9Zgs kDBmiNEffKrSvU6gbM/EmHX1OSxKNizaKPjE0YXZm/svzzAbMNVpTftI2ajvykrS3Cho vCmot4ZTjvKyK26Vp5s5u3Tte36izuRkMScBC9Dk2KrdLCM4k7FepoYXzklSUXUMGxXj azgg==
X-Gm-Message-State: AOJu0YyXII0Zbb6vJDuL+beJrYrGKjnu74icdiDZV35fbk3T32AJzs72 HKR+Idc6YM/uqheYvMed+GnzXBHOznVhvjpcB6Du6K6gF2t3Z4U2XACSv2jZ308svccP94nTIB2 7ioRlxJE7PItfRlGHlYqvkxHu6nsHxlR2hpBlBwa3tmr6iH/iYNU=
X-Google-Smtp-Source: AGHT+IFlxqWtMuN/GuLKdUnuKxGHmlybJlb5ehtjMRiR5evi8uTa/vExtUYYdJNgmHH1ET2Ej+gDEQAxdkLvPaGP/ZM=
X-Received: by 2002:a2e:300b:0:b0:2d7:7c0:b077 with SMTP id w11-20020a2e300b000000b002d707c0b077mr6562140ljw.43.1713204860003; Mon, 15 Apr 2024 11:14:20 -0700 (PDT)
MIME-Version: 1.0
From: Joseph Salowey <joe@salowey.net>
Date: Mon, 15 Apr 2024 11:14:08 -0700
Message-ID: <CAOgPGoBBq-SBb4N1b0VCyUxMytbgRCoGWOQug-XJAKSYh6Ezag@mail.gmail.com>
To: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000001bcef90616269773"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/QR4o-JF4pq4KoyaYN2PWT1ChXYU>
Subject: [TLS] Deprecating Static DH certificates in the obsolete key exchange document
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Apr 2024 18:14:24 -0000
At IETF 119 we had discussion that static DH certificates lead to static key exchange which is undesirable. Although the current draft deprecates static DH ciphersuites, it seems that RFC 5246 allows the client to provide a certificate with a static DH keypair to provide static parameters in (EC)DHE in TLS 1.2 (I don't know of any implementations that do this). Should the draft deprecate these ClientCertificateTypes and mark the entries (rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, ecdsa_fixed_ecdh) as 'D' discouraged? Please respond with any comments on this proposal by April 30,2024. Thanks, Sean, Deirdre and Joe
- Re: [TLS] Deprecating Static DH certificates in t… Martin Thomson
- [TLS] Deprecating Static DH certificates in the o… Joseph Salowey
- Re: [TLS] Deprecating Static DH certificates in t… Eric Rescorla
- Re: [TLS] Deprecating Static DH certificates in t… Salz, Rich
- Re: [TLS] Deprecating Static DH certificates in t… Filippo Valsorda
- Re: [TLS] Deprecating Static DH certificates in t… Peter Gutmann
- Re: [TLS] Deprecating Static DH certificates in t… Nimrod Aviram
- Re: [TLS] Deprecating Static DH certificates in t… Loganaden Velvindron
- Re: [TLS] Deprecating Static DH certificates in t… Peter Gutmann
- Re: [TLS] Deprecating Static DH certificates in t… Viktor Dukhovni
- Re: [TLS] [EXT] Re: Deprecating Static DH certifi… Blumenthal, Uri - 0553 - MITLL
- Re: [TLS] [EXT] Re: Deprecating Static DH certifi… Rob Sayre
- Re: [TLS] [EXT] Deprecating Static DH certificate… Hubert Kario
- Re: [TLS] [EXT] Re: Deprecating Static DH certifi… Filippo Valsorda
- Re: [TLS] [EXT] Re: Deprecating Static DH certifi… Peter Gutmann
- Re: [TLS] [EXT] Re: Deprecating Static DH certifi… David Benjamin
- Re: [TLS] [EXT] Re: Deprecating Static DH certifi… David Benjamin
- Re: [TLS] [EXT] Re: Deprecating Static DH certifi… Rob Sayre