IETF Logo Mail Archive

[TLS] Re: Transparent TLS Client Auth (t2CA)

Phillip Hallam-Baker <phill@hallambaker.com> Thu, 22 May 2025 17:28 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 3D16E2BEE5E5 for <tls@mail2.ietf.org>; Thu, 22 May 2025 10:28:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.893
X-Spam-Level:
X-Spam-Status: No, score=-1.893 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RUJSGJcHtwFn for <tls@mail2.ietf.org>; Thu, 22 May 2025 10:28:14 -0700 (PDT)
Received: from mail-qv1-f47.google.com (mail-qv1-f47.google.com [209.85.219.47]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 513CE2BEE5DC for <tls@ietf.org>; Thu, 22 May 2025 10:28:14 -0700 (PDT)
Received: by mail-qv1-f47.google.com with SMTP id 6a1803df08f44-6f8cf00d96fso54105406d6.0 for <tls@ietf.org>; Thu, 22 May 2025 10:28:14 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1747934894; x=1748539694; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=sfzX0Q2CfSItpSLFT5m24UaoyzK12XExv0iZ5RCITXc=; b=tQlszQoKKIccNbJzb1Bu+5l48mLmKR6qog5ZwxjxHOo/tqJyjdiH1YmrkI45n3Ww9F 42v6gvHUQY6u3f7UBON/k+SFY7ckAw7p7raHe/3tme2SG9P6kzJApPGVBVBDtPgphyte eRc0m+3nADerDx0wfzDFjPeR5FEpOV3EHvBYLURUpcHqihJfQv/Mc7IEq+WSGXoLatCR 1S7OPfR3qCkXsjpiQ4+gL7RsuvECk3RHT7CRZnL1v2EFsXR3wbmoRU7sXnSc6eqT94bF x94ibIoGXOgaZRrP3/ARV4aRuzgqI8+0/sOvJuVGuK9TgjW60mYIMWaqG1oZ50J7ITZu ajpw==
X-Gm-Message-State: AOJu0YxRB2DJgLUNcOV6xEAhXiwg2LXN44qwAmEByx8M0tolcvgZt4gN 6DbpPlGMi0gJnxAzcsKKMRy/lI/4dx2oZWevu7dCPsDMuw8Bj5x2AzJ2cMXQdyIhcKDowOLpChT hSbPgdAb4jOsQ0qmaGVh+gV2Tf1E5yoqbxQ==
X-Gm-Gg: ASbGnctp7Fzf4Hx3guePvBwDwzCzl+cSssQ8MT2U8y1IteaPgPvas5KAzriLqPv3cPP t41Vn++dOzMn1JASrQTI5HvjTubrbZEH7rqCaex70McM6OHM7bOnUky+bU15bc98eI+ZFGtM5V0 Qk9i17zFSGAZlZthcs5jTixf9Z0VKQY8rzg4nOlRicwS1lxLCa/pn4SskBTFsrB9uLY9nG47lUm Pt0aw==
X-Google-Smtp-Source: AGHT+IHRNnM5MPze6DzvonuVYmyv9JogKqxQrGww2yPVna/oY6GlYWm8wc0cOSMCygQRXhEpcyxxfX0rqiss/p4eabY=
X-Received: by 2002:a05:6214:509d:b0:6f8:b4aa:2a56 with SMTP id 6a1803df08f44-6fa93a333d8mr372216d6.10.1747934893501; Thu, 22 May 2025 10:28:13 -0700 (PDT)
MIME-Version: 1.0
References: <CAMm+LwgUckd7M4J1wop9srwxaFkfenmibLJ1=-dJb-pfEkXxLg@mail.gmail.com> <CABcZeBMkNs=Uhe5Wv49P8OquN8rn0z_p4cXgB51gS879RFxBZA@mail.gmail.com> <CAMm+LwgszwpdfB5k0ETEfg2cYyestZtq0y5pS7=Y7kzdyoBPbw@mail.gmail.com> <CABcZeBPgxDhqroAUO+fW4Sp6qvSHugd2pym5C2_+jNcQUXaqxw@mail.gmail.com>
In-Reply-To: <CABcZeBPgxDhqroAUO+fW4Sp6qvSHugd2pym5C2_+jNcQUXaqxw@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Thu, 22 May 2025 13:28:01 -0400
X-Gm-Features: AX0GCFuBZTU36PHBpuz9wCWKs6jXDUNAr6yZcD3uYeSQSzdmlPgAAfY4fXVAcQk
Message-ID: <CAMm+LwgMgsTyHgkenDU0XsBeRAk3kOb7cfpFhZNpNpOr8sam9Q@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Content-Type: multipart/alternative; boundary="0000000000006af32b0635bccedc"
Message-ID-Hash: 2IUBJPUVZPUKS6DY5P4EJESOZZ5HUMCB
X-Message-ID-Hash: 2IUBJPUVZPUKS6DY5P4EJESOZZ5HUMCB
X-MailFrom: hallam@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: tls <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Transparent TLS Client Auth (t2CA)
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/TQSGk3vZCBh_ebnkzZs_BrgNzKA>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

On Thu, May 22, 2025 at 1:04 PM Eric Rescorla <ekr@rtfm.com> wrote:

>
>
> On Thu, May 22, 2025 at 9:56 AM Phillip Hallam-Baker <
> phill@hallambaker.com> wrote:
>
>>
>>
>> On Thu, May 22, 2025 at 11:50 AM Eric Rescorla <ekr@rtfm.com> wrote:
>>
>>> A few observations here.
>>>
>>> I generally agree that a signature-based scheme has superior privacy
>>> properties to something like OAuth, though the details really matter
>>> here. For example, if the system requires having a TXT record at the
>>> leaf node (e.g., ekr.<something>.gmail.com) then the end result is
>>> similar because the DNS server will get a query from the relying party
>>> for your specific identity, allowing the server to track you [0]
>>>
>>
>> The idea here is that you have your own personal DNS name that is yours
>> and only you use for authentication. It is a different approach but one
>> that has some surprising effects.
>>
>> A traditional Internet account is a delegation to a service. so
>> ekr@example.com. To resolve that name, a client first locates the auth
>> server for rtfm.com and then sends it a query.
>>
>> In the Blue Sky model, your account has its own DNS name and can be
>> queried independently of any account discovery service: @ekr.example.com
>> .
>>
>
> Yes, I understand this, but as a practical matter, people don't have their
> own DNS names, and I don't think it's likely they are going to get them.
> Rather, they are likely to have them subordinated under some provider,
> exactly as they do now, in which case it will be `alice@gmail.com` which
> maps to `alice.gmail.com`, hence the privacy point I am making.
>

I accept that most people are going to go for a free DNS handle issued by a
handle provider. But a system in which users have the option of exit has
completely different dynamics to one where they are locked in by switching
costs.

I don't have any real control over or visibility into how my IdPs manage my
private data today. More importantly for me, neither does my significant
other who complains to me incessantly about privacy abuses.






>
>
>>
>> * Allowing the site to control the timing of the authentication
>>>   (e.g., offering you connect unauthenticated and then upgrading).
>>> * Allowing the site to offer multiple authentication options.
>>> * Allowing the site to control the look and feel of the interaction.
>>>
>>
>> I don't want the site to be doing any of that. I want there to be a
>> single consistent authentication experience across everything. Without
>> consistency, users have no idea what they are doing and the scheme is
>> vulnerable to social engineering attacks.
>>
>
> What matters here is not what you want but rather what the site wants, and
> in my experience they want these properties.
> So, again, I ask: which major players in the current ecosystem are
> interested in this.
>
> -Ekr
>

The target 'site' in this case is the HTTPS server built into my next IoT
thermostat after the current one is disabled because of malicious
obsolescence.

v2.40.4 | Report a Bug | By Email | System Status