Re: [TLS] draft-sullivan-tls-exported-authenticator-00

William Whyte <wwhyte@securityinnovation.com> Tue, 01 November 2016 20:17 UTC

Return-Path: <wwhyte@securityinnovation.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 941D21299DF for <tls@ietfa.amsl.com>; Tue, 1 Nov 2016 13:17:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=securityinnovation.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j8sJS3Y2W7yg for <tls@ietfa.amsl.com>; Tue, 1 Nov 2016 13:17:25 -0700 (PDT)
Received: from mail-vk0-x22f.google.com (mail-vk0-x22f.google.com [IPv6:2607:f8b0:400c:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 25CA01299E0 for <tls@ietf.org>; Tue, 1 Nov 2016 13:17:25 -0700 (PDT)
Received: by mail-vk0-x22f.google.com with SMTP id p9so37220102vkd.3 for <tls@ietf.org>; Tue, 01 Nov 2016 13:17:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=securityinnovation.com; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=eiMXEzNVZdgK6rD/bhjJUNvPz1I0gf1pR7beqbbJhGA=; b=EB/AKxM5VXZCxkvoSmezQz+fMmVZD5aATB8OjPrpxWncpwXeqbfq3402oU1YuT4M03 zZN4k6cyDgNV4QhGznM9Z5BNDKV8njPCm/A5vdRC3CJviRZjrH/4+sfiWPloVVSp6msx ksnWuLO5FZbzdZGQ8XQKyu+MeOYj/XllIEj5g=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=eiMXEzNVZdgK6rD/bhjJUNvPz1I0gf1pR7beqbbJhGA=; b=BYo0D0AmDA8y+TpPomcrrDd4BVBP9EdfPmnTS7XcScEL6gJSwJ0Kn8mUUTZxKaPN5N l4ss8h/PWukp4rjx+i3R3B0/MDTKpqqxAeKL7Bs0EHSDIyxDBywfrYsV0z7caTVI8q7W Cvz283Zg5xM/RhatQMU9agzLlE9UtBqmCbzClkEcPsX6grr2ElvcoqKIA8uWC9NxAHqW TelrF7vxUzHuUX9ebD1bia7hmRcVNUKlWk2bGcteE95RYPJzYNJ+3P5rGBH/TiAy6/vi Q5oxyb/E3IuvWo/4peodeToC9eEghxk+lGWOEsqJ+wJ3LADU8BKXtdkpv+i2qnXgU/9u QSbw==
X-Gm-Message-State: ABUngvcnehoI06hbQ4cFp1A9OssmA/PJ22yvhuMx58YNDpqCRVuWE5MJ5JUcEmArn3nQAamjkPLxejwW7VFRI38f
X-Received: by 10.31.76.134 with SMTP id z128mr29765812vka.59.1478031444095; Tue, 01 Nov 2016 13:17:24 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.176.80.122 with HTTP; Tue, 1 Nov 2016 13:17:13 -0700 (PDT)
Received: by 10.176.80.122 with HTTP; Tue, 1 Nov 2016 13:17:13 -0700 (PDT)
In-Reply-To: <20161101185736.GA25587@LK-Perkele-V2.elisa-laajakaista.fi>
References: <CAOjisRyWyON1FXghU09GTJYmvKpjgztFr_9wL=U6yV0-9DkcgA@mail.gmail.com> <CACz1E9qngj_726exoA4p57h63UaQB_JUokbaZ=fk1M2TF-JpXw@mail.gmail.com> <20161101185736.GA25587@LK-Perkele-V2.elisa-laajakaista.fi>
From: William Whyte <wwhyte@securityinnovation.com>
Date: Tue, 1 Nov 2016 16:17:13 -0400
Message-ID: <CACz1E9qVz=THNMLKtpkK2J85q4MtdsC1Rq0vmJ2UMr9kyuu5+A@mail.gmail.com>
To: Ilari Liusvaara <ilariliusvaara@welho.com>
Content-Type: multipart/alternative; boundary=001a114dad503148a705404303b0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/UQjyhsb0eHf5vK3SmxFWuIeFXo4>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] draft-sullivan-tls-exported-authenticator-00
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Nov 2016 20:17:26 -0000

That makes sense, but it'd be good to clarify the text. Thanks!

William

-- sent from my phone

On Nov 1, 2016 11:57 AM, "Ilari Liusvaara" <ilariliusvaara@welho.com> wrote:

> On Tue, Nov 01, 2016 at 04:41:44AM -0400, William Whyte wrote:
> > I'm confused by the line "These messages are not encrypted", because on a
> > plain reading it could mean that the authenticator is sent outside the
> > encrypted TLS session. That would be bad because it would mean that
> clients
> > that wanted to authenticate themselves but to the server only wouldn't be
> > able to use this mechanism. I assume that's not the intent? If that isn't
> > the intent, suggest rephrasing as "These messages are not encrypted,
> other
> > than the encryption provided on transmission by the TLS session".
>
> What I think it means that the authenticator is not encrypted before
> handing it to the application for transport (most probably ultimately
> ending inside the TLS connection itself, which does encrypt it on the
> wire).
>
>
> Also, the message emitted is formatted as follows, right?
>
> - Byte 0x0B (CERTIFICATE code)
> - 3-byte length of Certificate message
> - Standard TLS 1.3 Certificate message payload
> - Byte 0x0F (CERTIFICATE_VERIFY code)
> - 3-byte length of CertificateVerify message
> - Standard TLS 1.3 CertificateVerify message payload
> - Byte 0x14 (FINISHED code)
> - 3-byte length of Finished message
> - Standard TLS 1.3 Finished message payload
>
>
>
>
> -Ilari
>