IETF Logo Mail Archive

Re: [TLS] Client certificate authentication and draft-ietf-tls-oob-pubkey

"Jim Schaad" <ietf@augustcellars.com> Wed, 11 April 2012 18:52 UTC

Return-Path: <ietf@augustcellars.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C203B21F84B8 for <tls@ietfa.amsl.com>; Wed, 11 Apr 2012 11:52:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Llv+pt0xRXSp for <tls@ietfa.amsl.com>; Wed, 11 Apr 2012 11:52:11 -0700 (PDT)
Received: from smtp1.pacifier.net (smtp1.pacifier.net [64.255.237.171]) by ietfa.amsl.com (Postfix) with ESMTP id 2146221F84AE for <tls@ietf.org>; Wed, 11 Apr 2012 11:52:10 -0700 (PDT)
Received: from Tobias (unknown [50.34.251.66]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: jimsch@nwlink.com) by smtp1.pacifier.net (Postfix) with ESMTPSA id 681D12C9F4; Wed, 11 Apr 2012 11:52:09 -0700 (PDT)
From: Jim Schaad <ietf@augustcellars.com>
To: 'Paul Wouters' <paul@nohats.ca>
References: <173124B6-9480-443E-9FA6-98BBB1A01F5F@vpnc.org> <alpine.LFD.2.02.1204051126330.4059@bofh.nohats.ca> <F53123FA-2A9C-434D-92CF-0B938B072984@vpnc.org> <alpine.LFD.2.02.1204100955050.5054@bofh.nohats.ca> <BB11250E-D827-490A-9C9D-C83028844EF6@vpnc.org> <alpine.LFD.2.02.1204101202270.11272@bofh.nohats.ca> <01c901cd1801$9cff3fa0$d6fdbee0$@augustcellars.com> <alpine.LFD.2.02.1204111401400.24167@bofh.nohats.ca>
In-Reply-To: <alpine.LFD.2.02.1204111401400.24167@bofh.nohats.ca>
Date: Wed, 11 Apr 2012 11:51:01 -0700
Message-ID: <01ee01cd1814$13741680$3a5c4380$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQHXpApgMNflIeoSkabsN3tGQQOqzgJZH9MoAnuMA6sB8B9K2QFNXwaNAthtsHYCv0m/vAJ5o/a5lf/A8TA=
Content-Language: en-us
Cc: tls@ietf.org
Subject: Re: [TLS] Client certificate authentication and draft-ietf-tls-oob-pubkey
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Apr 2012 18:52:15 -0000

> -----Original Message-----
> From: Paul Wouters [mailto:paul@nohats.ca]
> Sent: Wednesday, April 11, 2012 11:10 AM
> To: Jim Schaad
> Cc: tls@ietf.org
> Subject: RE: [TLS] Client certificate authentication and
draft-ietf-tls-oob-
> pubkey
> 
> On Wed, 11 Apr 2012, Jim Schaad wrote:
> 
> >> Oops. I checked draft-wouters-tls-oob-pubkey-00 and it was already
> >> removed there after discussion with EKR in Quebec City.
> >
> > If this is really what you want to do, then I would suggest that the
> > document be expanded so that there exists the possibility to include
> > an identifier and/or a public key in the certificate form defined by
> > the oob document.
> 
> Personall, I strongly prefer not adding more fields to the bare key
certificate
> type, as those people who want to cover client authentication can use full
> PKIX certs already, and TLS client authentication in the wild seems to be
> extremely rare. The only two cases I knew are CAcert and Fedora (and for
> the latter it does not even add security, as I need to identify with
another
> factor anyway (yubikey))
> 
> Is there an actual use case where bare keys would be preferable over full
> PKIX, that also include client auth not based on burned in keys covered by
> server side SPKI lookups?

Please put me onto the very confused list.

In your response to Paul yesterday, you stated that you wanted a TLS
extension which did SNI for the client, this is what I was suggesting you
put into your structure.

I was under the impression that you were arguing that looking up the SPKI at
the server was not going to work and that therefore something else was
needed.

Now you seem to be stating that certificates should be what is used for
client authentication.

None of this is clear from the current document.  And only the case of
looking up SPKI would seem to be even possible from the current document.
If you state that the certificate structure that is going to be used is the
OOB certificate structure then it is going to be the one used by both the
client and the server.  If you sometimes change this it will make for a very
confused server.  This means that whatever types of information you need to
identify the client to the server for authentication needs to be in this
structure definition. 

If you look at what was done in RFC 6091 - they 

1) were very explicit about what the client certificate was and
2) defined a special case for sending an empty PGP certificate slot when the
client did not have one available.

Jim


> 
> Paul

v2.23.0 | Report a Bug | By Email