IETF Logo Mail Archive

Re: [TLS] Consensus Call on Removing GMT from the Handshake

Robert Ransom <rransom.8774@gmail.com> Mon, 16 June 2014 08:28 UTC

Return-Path: <rransom.8774@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4BFD31B2B9F for <tls@ietfa.amsl.com>; Mon, 16 Jun 2014 01:28:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.75
X-Spam-Level:
X-Spam-Status: No, score=-1.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v-iSPE27gcXG for <tls@ietfa.amsl.com>; Mon, 16 Jun 2014 01:28:30 -0700 (PDT)
Received: from mail-qa0-x229.google.com (mail-qa0-x229.google.com [IPv6:2607:f8b0:400d:c00::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D58E31B2B9E for <tls@ietf.org>; Mon, 16 Jun 2014 01:28:29 -0700 (PDT)
Received: by mail-qa0-f41.google.com with SMTP id cm18so7022978qab.14 for <tls@ietf.org>; Mon, 16 Jun 2014 01:28:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=4Uwp7Qj2TIQrQEP1Sk3PLfu5vCpeTmG0PeL+seKGL1M=; b=ALp8M7QobSE4c5+mmHxIg1LhtYPd+90HxF9ZlS/FKhwZ4kXgpcWk3QkdoHcXpB/Jql GEz5tKUPudy6ISThazY7sQmDR56avrRU9bVwBRxGAldKhCfPbKfuht+n8cjzGJM0LrxQ 04P9eyBfu5hMkpaIjVC8Lbe5Fh5149qWOOkdAYCPUDzQzJ1DgXvOuD4dldP7f3zdTZn7 9KpNMYxEovP+aFdzubCeb+9I26W+XnsOzWoJDtSxgPiBhSxffKGvSCJWPHEwJHG2qbmL elMY35IPKtWV/qdZzNwdxLMWIL7lKviBA0YQNKBVX8rnNMAwgfK8XBqnknBT5QgzHbld qS+g==
MIME-Version: 1.0
X-Received: by 10.224.111.196 with SMTP id t4mr23920062qap.63.1402907308947; Mon, 16 Jun 2014 01:28:28 -0700 (PDT)
Received: by 10.140.98.233 with HTTP; Mon, 16 Jun 2014 01:28:28 -0700 (PDT)
In-Reply-To: <44dfb2038035a40e77c717052f7627ee.squirrel@www.trepanning.net>
References: <FA6199E3-0994-43FC-89BA-9F236F8567A0@cisco.com> <CAFggDF1CRwfvvj2HBD=6x4-+Q514XqKuLu-o3Zxy89BzLuShQQ@mail.gmail.com> <914e7a8836ad1efd761f7d867c5cb881.squirrel@www.trepanning.net> <CACsn0cnBoK5hJkOs79t2+9kP2JUP0_Xm0K+XuD1XCWV_H=JjsQ@mail.gmail.com> <44dfb2038035a40e77c717052f7627ee.squirrel@www.trepanning.net>
Date: Mon, 16 Jun 2014 01:28:28 -0700
Message-ID: <CABqy+soqdaOP0M-O-t_tBuwq4nTpARyL7FafpuLx5ghTA_8G2Q@mail.gmail.com>
From: Robert Ransom <rransom.8774@gmail.com>
To: Dan Harkins <dharkins@lounge.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/X4_vdhHlgjJv0bJKX-ThJQnwZyo
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Consensus Call on Removing GMT from the Handshake
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Jun 2014 08:28:31 -0000

On 6/16/14, Dan Harkins <dharkins@lounge.org> wrote:
>
> On Sun, June 15, 2014 6:52 pm, Watson Ladd wrote:
>> On Sun, Jun 15, 2014 at 9:52 PM, Dan Harkins <dharkins@lounge.org> wrote:
>>>
>>> On Sat, June 14, 2014 6:31 am, Jacob Appelbaum wrote:
>>>> On 6/13/14, Joseph Salowey (jsalowey) <jsalowey@cisco.com> wrote:
>>>>> There appears to be significant support for the removal of GMT from
>>>>> the
>>>>> client
>>>>> and server random values in TLS. The chairs would like to ask two
>>>>> questions:
>>>>>
>>>>> - Should we remove the GMT values from the client and server values in
>>>>> TLS
>>>>> 1.3?
>>>>>
>>>>
>>>> I would request that the language in 1.3 be MUST for clients to avoid
>>>> client fingerprinting by a passive or active adversary. For servers, I
>>>> would request that they servers SHOULD make it random. I would also
>>>> request that for 1.3 that it isn't a requirement (MUST) to make it
>>>> random.
>>>
>>>   I see no value in retaining the GMT value in the server random. Making
>>> it optional requires some justification. Care to share it?
>>
>> Tails currently uses the gmt time from servers to figure out what time
>> it is. Making it optional lets them ween off.
>
>   I don't know what "Tails" is but deciding what time it is based on the
> value of a field that you have no guarantee that you'll find in a received
> packet sounds like a really bad idea. And since this is a consensus call
> for removing the GMT value from random in a new version of TLS then
> "Tails" can figure out some other way to determine time when it
> negotiates this new version.There is no weening possible or needed.

‘Tails’ (<https://tails.boum.org/>) is a live CD which, roughly,
routes all of a user's traffic through Tor.  I don't remember whether
it still uses ‘tlsdate’ (they put considerable effort into switching
to learning the system time from Tor's directory documents), but it
used a small set of servers for tlsdate and it did enough sanity
checking on tlsdate's results that it wouldn't have been confused by
random values in that protocol field.

The more important (widely deployed) use of tlsdate is in Google's
ChromeOS, which is probably why Adam Langley wants to not immediately
turn off that timestamp field on Google's servers.  Since Google
controls both the client software and the servers used for tlsdate in
ChromeOS, their use of tlsdate should be completely safe.


Robert Ransom

v2.23.0 | Report a Bug | By Email