IETF Logo Mail Archive

Re: [TLS] New Version Notification for draft-wouters-tls-oob-pubkey-01.txt (fwd)

Eric Rescorla <ekr@rtfm.com> Thu, 17 November 2011 07:48 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C02DF1F0CB7 for <tls@ietfa.amsl.com>; Wed, 16 Nov 2011 23:48:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.943
X-Spam-Level:
X-Spam-Status: No, score=-102.943 tagged_above=-999 required=5 tests=[AWL=0.034, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WqsVKDFfCPDm for <tls@ietfa.amsl.com>; Wed, 16 Nov 2011 23:48:27 -0800 (PST)
Received: from mail-gx0-f172.google.com (mail-gx0-f172.google.com [209.85.161.172]) by ietfa.amsl.com (Postfix) with ESMTP id E5AD41F0C82 for <tls@ietf.org>; Wed, 16 Nov 2011 23:48:26 -0800 (PST)
Received: by ggnr5 with SMTP id r5so809218ggn.31 for <tls@ietf.org>; Wed, 16 Nov 2011 23:48:26 -0800 (PST)
Received: by 10.236.72.132 with SMTP id t4mr7032619yhd.58.1321516106467; Wed, 16 Nov 2011 23:48:26 -0800 (PST)
MIME-Version: 1.0
Received: by 10.146.88.36 with HTTP; Wed, 16 Nov 2011 23:47:45 -0800 (PST)
X-Originating-IP: [74.95.2.173]
In-Reply-To: <alpine.DEB.2.00.1110311914480.17385@mail.xelerance.com>
References: <alpine.DEB.2.00.1110311914480.17385@mail.xelerance.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 16 Nov 2011 23:47:45 -0800
Message-ID: <CABcZeBOqziPWk5Je=Ld+Fa0i-vz+HXKaFTDyswptfKG6dXJkxw@mail.gmail.com>
To: Paul Wouters <paul@xelerance.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: tls@ietf.org
Subject: Re: [TLS] New Version Notification for draft-wouters-tls-oob-pubkey-01.txt (fwd)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Nov 2011 07:48:27 -0000

Extending TLS to support a raw public key seems like a good idea and
I support taking it on.

Extending it to suppress the public key and instead send a hash from server
to the client seems less so; if the server sends the public key, it works
if the client knows either (a) the server public key or (b) a digest of the
public key. Sending a digest only works if the client already knows the
public key, which seems far less likely. If you want to suppress the
server sending the key, a better (and more general) solution is to
resurrect cached-info. This would work with both raw keys and
certificates.

-Ekr


On Mon, Oct 31, 2011 at 4:21 PM, Paul Wouters <paul@xelerance.com> wrote:
>
> This is the new version of the draft incorporating the feedback from Quebec
> City
> and the TLS list since then. It changes the draft from a new TLS extension
> to a
> new Certificate Type for raw keys.
>
> It also merges in the unpublished draft material from Hannes Tschofenig
> and Tero Kivinen <kivinen@iki.fi> whom had also been working on raw RSA
> TLS keys for use with CoAP (eg devices with no real time clock where
> PKIX validation cannot work)
>
> I did not yet change the draft ofrom individual submission to working group
> item,
> as I was waiting for confirmation on the TLW WG list of the last Quebec City
> meeting.
>
> http://tools.ietf.org/html/draft-wouters-tls-oob-pubkey-01
>
> Paul
>
> ---------- Forwarded message ----------
> Date: Mon, 31 Oct 2011 17:44:35
> From: internet-drafts@ietf.org
> Cc: weiler@tislabs.com, hannes.tschofenig@gmx.net, gnu@toad.com,
>    paul@xelerance.com, kivinen@iki.fi
> To: paul@xelerance.com
> Subject: New Version Notification for draft-wouters-tls-oob-pubkey-01.txt
> X-Spam-Flag: NO
>
> A new version of I-D, draft-wouters-tls-oob-pubkey-01.txt has been
> successfully submitted by Paul Wouters and posted to the IETF repository.
>
> Filename:        draft-wouters-tls-oob-pubkey
> Revision:        01
> Title:           TLS out-of-band public key validation
> Creation date:   2011-10-31
> WG ID:           Individual Submission
> Number of pages: 11
>
> Abstract:
>   This document specifies a new TLS certificate type for exchanging raw
>   public keys or their fingerprints in Transport Layer Security (TLS)
>   and Datagram Transport Layer Security (DTLS) for use with out-of-band
>   authentication.  Currently, TLS authentication can only occur via
>   PKIX or OpenPGP certificates.  By specifying a minimum resource for
>   raw public key exchange, implementations can use alternative
>   authentication methods.
>
>   One such method is using DANE Resource Records secured by DNSSEC,
>   Another use case is to provide authentication functionality when used
>   with devices in a constrained environment that use whitelists and
>   blacklists, as is the case with sensors and other embedded devices
>   that are constrained by memory, computational, and communication
>   limitations where the usage of PKIX is not feasible.
>
>   The new certificate type specified can also be used to reduce the
>   latency of a TLS client that is already in possession of a validated
>   public key of the TLS server before it starts a (non-resumed) TLS
>   handshake.
>
>
>
>
> The IETF Secretariat
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

v2.23.0 | Report a Bug | By Email