Re: [TLS] [Fwd: WWW-Authenticate challenge for client-certificates]

Joe Orton <jorton@redhat.com> Thu, 21 January 2010 16:58 UTC

Return-Path: <jorton@redhat.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C056E3A6A38 for <tls@core3.amsl.com>; Thu, 21 Jan 2010 08:58:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.599
X-Spam-Level:
X-Spam-Status: No, score=-106.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lRtrOog-Pf1u for <tls@core3.amsl.com>; Thu, 21 Jan 2010 08:58:52 -0800 (PST)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by core3.amsl.com (Postfix) with ESMTP id 169793A6818 for <tls@ietf.org>; Thu, 21 Jan 2010 08:58:52 -0800 (PST)
Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id o0LGwlRi017463 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 21 Jan 2010 11:58:47 -0500
Received: from turnip.manyfish.co.uk (vpn-10-203.rdu.redhat.com [10.11.10.203]) by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id o0LGwjQ5019650 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 21 Jan 2010 11:58:46 -0500
Received: from jorton by turnip.manyfish.co.uk with local (Exim 4.69) (envelope-from <jorton@redhat.com>) id 1NY0Mm-0000lX-H3; Thu, 21 Jan 2010 16:58:44 +0000
Date: Thu, 21 Jan 2010 16:58:44 +0000
From: Joe Orton <jorton@redhat.com>
To: Bruno Harbulot <Bruno.Harbulot@manchester.ac.uk>
Message-ID: <20100121165844.GA2878@redhat.com>
Mail-Followup-To: Bruno Harbulot <Bruno.Harbulot@manchester.ac.uk>, tls@ietf.org
References: <4B55C476.1070302@manchester.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <4B55C476.1070302@manchester.ac.uk>
User-Agent: Mutt/1.5.20 (2009-08-17)
Organization: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SL4 1TE, United Kingdom. Registered in UK and Wales under Company Registration No. 03798903 Directors: Michael Cunningham (USA), Brendan Lane (Ireland), Matt Parson (USA), Charlie Peters (USA)
X-Scanned-By: MIMEDefang 2.67 on 10.5.11.12
Cc: tls@ietf.org
Subject: Re: [TLS] [Fwd: WWW-Authenticate challenge for client-certificates]
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jan 2010 16:58:52 -0000

On Tue, Jan 19, 2010 at 02:40:54PM +0000, Bruno Harbulot wrote:
...
> This leads to a couple of problems:
> - The HTTP application is unable to inform the client it would rather
> have another certificate than the one that is presented. Whether-or-not
> to accept the certificate is done by the trust management mechanism of
> the TLS layer, and it is difficult for the HTTP application to deal
> with. Often, once the certificate has been negotiated, browsers usually
> keep the TLS connection open and changing certificate can often only be
> done by closing the browser or letting the connection time out.
> - If a certificate is mandatory, the 'require' mode leads to a handshake
> error code on the client side, resulting in an abrupt error message,
> which is confusing for most users.

I don't see how either of these problems are a consequence of protocol 
design, merely server implementation or configuration.

It is simple to configure mod_ssl to avoid the second problem - you make 
client certificates requested but optional ("SSLVerifyClient optional"), 
and then use an HTTP authorization-level check to present an HTTP 403 
error if in fact the TLS layer did not receive a client cert (using 
"SSLRequire").  The 403 error page can be customized as usual.

You could do something similar for the first problem though the 
configuration might be a little awkward.

Regards, Joe