Re: [TLS] Commentary on the client authentication presentation slides

Andrei Popov <> Fri, 24 July 2015 06:42 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 7F98F1A8AEE for <>; Thu, 23 Jul 2015 23:42:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id P4qgk7A24muv for <>; Thu, 23 Jul 2015 23:42:37 -0700 (PDT)
Received: from ( [IPv6:2a01:111:f400:fc10::765]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E5AD21B2F65 for <>; Thu, 23 Jul 2015 23:42:35 -0700 (PDT)
Received: from ( by ( with Microsoft SMTP Server (TLS) id; Fri, 24 Jul 2015 06:42:19 +0000
Received: from ([]) by ([]) with mapi id 15.01.0225.018; Fri, 24 Jul 2015 06:42:19 +0000
From: Andrei Popov <>
To: Ilari Liusvaara <>
Thread-Topic: [TLS] Commentary on the client authentication presentation slides
Thread-Index: AQHQwvXiSxNxWYXIoUOvWC1ZP+t1vJ3qDNvQgAAiSACAAAH3wA==
Date: Fri, 24 Jul 2015 06:42:19 +0000
Message-ID: <>
References: <20150720141036.GA32204@LK-Perkele-VII> <> <20150724063236.GA8759@LK-Perkele-VII>
In-Reply-To: <20150724063236.GA8759@LK-Perkele-VII>
Accept-Language: en-US
Content-Language: en-US
authentication-results:; dkim=none (message not signed) header.d=none;
x-originating-ip: []
x-microsoft-exchange-diagnostics: 1; BLUPR03MB1396; 5:y0ZSuQ+24mZb/9AkDLyY7B7TN0RPdnfZkTBwQ0yeX2fD5RiZuAxxheTFVIoGQiMV0h8pm5aQRLUcifajegRf2Q4rAetaFCgfsMGp5xFiPSfzCkIOJY08xhbvt66l1gPxsbgWD/qwNn2FMkI2GWwMlw==; 24:G9mEWV+fTuKFxP1PCfzISWyOtMhjmsw92SIsyAHfkMaQEaHynBXMGYyKV+C35ENmbwyweunZ/nqPUXgz4O/DVdaGI7mNCxaL4rtpEI2828w=; 20:UDmep9kYRqY0QKO5u49Kdq+WdPboYdvK3DkCi+OZAq9jULBT4wVTL/6ijTgNbBTuDXTilntjdyNnH42juHnm3A==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BLUPR03MB1396;
blupr03mb1396: X-MS-Exchange-Organization-RulesExecuted
x-microsoft-antispam-prvs: <>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401001)(5005006)(3002001); SRVR:BLUPR03MB1396; BCL:0; PCL:0; RULEID:; SRVR:BLUPR03MB1396;
x-forefront-prvs: 0647963F84
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(377454003)(24454002)(13464003)(19580405001)(46102003)(2950100001)(76576001)(87936001)(110136002)(2656002)(5001960100002)(40100003)(74316001)(2900100001)(50986999)(86362001)(122556002)(19580395003)(92566002)(10090500001)(33656002)(62966003)(5002640100001)(54356999)(77156002)(77096005)(106116001)(76176999)(5003600100002)(99286002)(102836002)(189998001)(66066001); DIR:OUT; SFP:1102; SCL:1; SRVR:BLUPR03MB1396;; FPR:; SPF:None; MLV:sfv; LANG:en;
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jul 2015 06:42:19.6130 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR03MB1396
Archived-At: <>
Cc: "" <>
Subject: Re: [TLS] Commentary on the client authentication presentation slides
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 24 Jul 2015 06:42:38 -0000

Sound good to me; if the group agrees to remove certificate_types, I'll make this change in the PR.

-----Original Message-----
From: Ilari Liusvaara [] 
Sent: Friday, July 24, 2015 8:33 AM
To: Andrei Popov
Subject: Re: [TLS] Commentary on the client authentication presentation slides

On Fri, Jul 24, 2015 at 05:01:37AM +0000, Andrei Popov wrote:
> > - The certificate_types field in CertificateRequest is pretty much  
> > useless, since all supported algorithms are of signature type.
> If the signature_algorithms extension officially becomes MTI, then 
> perhaps we can discus getting rid of certificate_types in the 
> CertificateRequest. Except we may want to use this field when we 
> introduce new certificate types (e.g. something like IEEE1609 certs).

Don't confuse signature_algorithms extension and supported_signature_algorithms field of CertificateRequest. Those two carry similar tasks in opposite directions, except that ssa is REQUIRED with signature certs.

There are seemingly no defaults for SSA, so it has to be non-empty for signature certs to work at all.

And all present types of TLS 1.3 key exchange can only use signature certs.

As for IEEE1609 certs, those are negotiated via certificate format negotiation, which is entierely separate mechanism (described in RFC 7250), not involving CertificateRequest message at all.