Re: [TLS] WGLC: draft-ietf-tls-dnssec-chain-extension-04
Viktor Dukhovni <ietf-dane@dukhovni.org> Fri, 07 July 2017 23:05 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 25635129B61 for <tls@ietfa.amsl.com>; Fri, 7 Jul 2017 16:05:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0W0g-oDtvztV for <tls@ietfa.amsl.com>; Fri, 7 Jul 2017 16:05:06 -0700 (PDT)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [108.5.242.66]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 74B721271DF for <tls@ietf.org>; Fri, 7 Jul 2017 16:05:06 -0700 (PDT)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id 7DA1D7A330D; Fri, 7 Jul 2017 23:05:05 +0000 (UTC)
Date: Fri, 07 Jul 2017 23:05:05 +0000
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: tls@ietf.org
Message-ID: <20170707230505.GB1755@mournblade.imrryr.org>
Reply-To: tls@ietf.org
References: <765945B5-B686-45EB-84AE-38731C3006D6@rfc1035.com> <20170705171211.GM5673@mournblade.imrryr.org> <1F943876-91FC-4529-9B44-9F187EDA48B5@rfc1035.com> <CAHPuVdVbLw+vw4pzHNeBJK_gnqWntEfCgqo-DPQcdcmwXRV00A@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAHPuVdVbLw+vw4pzHNeBJK_gnqWntEfCgqo-DPQcdcmwXRV00A@mail.gmail.com>
User-Agent: Mutt/1.7.2 (2016-11-26)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/SEqJQGrPEpBPK6joLN3MwRh-Gxo>
Subject: Re: [TLS] WGLC: draft-ietf-tls-dnssec-chain-extension-04
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jul 2017 23:05:08 -0000
On Fri, Jul 07, 2017 at 11:06:45AM -0400, Shumon Huque wrote: > We've had this discussion numerous times over the life of this draft, and > there was never any consensus for the client caching or not. An > implementation could have the client cache the data, and only validate the > portion of the chain that it needs to, without any wire protocol change. > I'm okay with mentioning that possibility. > > IMO, the real gain from having the client cache data, is that the server > could then potentially send a much smaller DNSSEC chain. But this requires > the client to signal what they've cached, and makes the protocol more > complex. I would prefer to leave that to a future revision of the spec, > after we've gained some operational experience with the current one. Once the client obtains a validated TLSA RRset for the service endpoint, it may (up to the TTLs of the provided records, validated to conform to the max ttl of the RRSIGs and not exceed the RRSIG expiration) simply not omit the extension in subsequent requests, and validate the server certificate per the cached TLSA RRs. This requires no complex protocoll machinery, just caching of the validated TLSA RRset. This is essentially the same as obtaining validated TLSA records via DNS, where they are cached in the client's resolver up to the relevant TTL. Only here the client can choose to cap the TTL to a lower value, and ask the server again sooner. The client cannot as easily cap the maximum cache TTL of its iterative resolver. So, indeed I would not try to engineer partial caching, with the client soliciting a portion of the complete set of validation RRsets. However, simple caching of the given server's validated TLSA RRset for repeat visits is not unreasonable, if the client implementation chooses to do that. Servers may wish to cap their TLSA record TTLs knowing that they may be cached by clients. Clients might also save some CPU by not revalidating previously validated RRsets, but they will not avoid the overhead of receiving the full set of records from the server. -- Viktor.
- [TLS] WGLC: draft-ietf-tls-dnssec-chain-extension… Jim Reid
- Re: [TLS] WGLC: draft-ietf-tls-dnssec-chain-exten… Viktor Dukhovni
- Re: [TLS] WGLC: draft-ietf-tls-dnssec-chain-exten… Shumon Huque
- Re: [TLS] WGLC: draft-ietf-tls-dnssec-chain-exten… Shumon Huque
- Re: [TLS] WGLC: draft-ietf-tls-dnssec-chain-exten… Jim Reid
- Re: [TLS] WGLC: draft-ietf-tls-dnssec-chain-exten… Jim Reid
- Re: [TLS] WGLC: draft-ietf-tls-dnssec-chain-exten… Shumon Huque
- Re: [TLS] WGLC: draft-ietf-tls-dnssec-chain-exten… Jim Reid
- Re: [TLS] WGLC: draft-ietf-tls-dnssec-chain-exten… Shumon Huque
- Re: [TLS] WGLC: draft-ietf-tls-dnssec-chain-exten… Viktor Dukhovni
- Re: [TLS] WGLC: draft-ietf-tls-dnssec-chain-exten… Shumon Huque