Re: [TLS] Working group last call for draft-ietf-tls-subcerts-07

Martin Thomson <mt@lowentropy.net> Mon, 01 June 2020 05:57 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3065D3A0D25 for <tls@ietfa.amsl.com>; Sun, 31 May 2020 22:57:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=dWt49iQM; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=lCfp/TGz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZMawhEhUOvPz for <tls@ietfa.amsl.com>; Sun, 31 May 2020 22:57:40 -0700 (PDT)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9CFD23A0D24 for <tls@ietf.org>; Sun, 31 May 2020 22:57:40 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id E982B5C00A1 for <tls@ietf.org>; Mon, 1 Jun 2020 01:57:39 -0400 (EDT)
Received: from imap2 ([10.202.2.52]) by compute2.internal (MEProxy); Mon, 01 Jun 2020 01:57:39 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type; s=fm2; bh=pBkz1MRfBMTjsBiyrIjVPz54rh2f1vH zGJCC50o2ask=; b=dWt49iQM4Zp4Bj4N2n7lVPyZnwV1XbfQZc34CjbmgqKSnIp mORjnMjnNBzRXMCKHLddhvaTSKEemQMPyvER0u0CggDVrP51X8EW6LMupCLusLD5 Yni9ZG6fGKroaXSt66JKs+SIADVcAnJTGHoEXh9EqSc6vLVrxwXZB56QQgHxqzw5 PWfsC1YDKi7cxgeMjkov18IPHou9HRY0rHnjGacxxICH+dpOIePi78z+lmkWjoYs VBAqy0HVnUh6SlyE4DQOW/FQzHD0pEYrQJfqfqDqhKXL2dXNmu/FPPUYDt6l37R9 bJSKOC2BLJuldJdbrA7E2GoEqWoB1NE037/mnrw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=pBkz1M RfBMTjsBiyrIjVPz54rh2f1vHzGJCC50o2ask=; b=lCfp/TGzzPVIIzj1TT05rM qxClBlbOenBbD7dlKoBFZ+PODaucjtRiHYSugte0MzorJTSe8VAfnBgcJ6WDoYg7 JGW6PcsDMh2gFRws69bCopzgkyOfDTXJrpfdozT9HHLN11yGC+27W6dzaX4e659L Vrf1C3k1ccnW66Ya88DB9qNsyx9g5w9dHk55XwoEJFvesvAAHz0LqTl9Iot+jIgR DU/ahJsBZ7tLpSLJupzWKuQz2GK0M3RPnl9bRw4WrmvdaCi+lDnYASahYl6G4uoR qu5riKlkD+gzwTESXen2iGM/bboZ9Rpfyi2F7uZ+heF1pdbwol4lvjdQ5hPqRDxg ==
X-ME-Sender: <xms:05jUXu2C3vTTo9xF2K0YZSURg7Ix_GBFrCEhUW7yQPcVbP9hQEcf6g>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedrudefgedgleeiucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtsehttd ertderredtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhho figvnhhtrhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpefhiedttdeviefhjeejgf evfeeuudfggfekveekheeugeegleevkeevkedthfeuieenucffohhmrghinhepihgvthhf rdhorhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomh epmhhtsehlohifvghnthhrohhphidrnhgvth
X-ME-Proxy: <xmx:05jUXhHJ0KybpGs7tjiK7NJDgSfkLQwqT2tXTqkpVAK58vCsxZJg1Q> <xmx:05jUXm46lzpnrV7saplkOa7v--bFQW9wmb0J0xPzIRCxS0AuKJsA0A> <xmx:05jUXv0gLlfFrsFZZh_bNPeBD9HEsmegPayeT_hd44gUlXsgAmVzuA> <xmx:05jUXpG-9jnA52nGYeazyM0MqAOUDNCml4lGFWgRgRcC2ZiMlQ4SXw>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 9485FE00CD; Mon, 1 Jun 2020 01:57:39 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-dev0-519-g0f677ba-fm-20200601.001-g0f677ba6
Mime-Version: 1.0
Message-Id: <9bf80b6a-1c15-4d81-ab44-2539d3ece8d1@www.fastmail.com>
In-Reply-To: <CAOgPGoDuwbrWO=rfVAvzBcWzQQQb02dbN8C3pvHAkq5=fys_nw@mail.gmail.com>
References: <CAOgPGoDqtCmkBZYoGT5BaMJN8wgSBFKR00VSUXB9Qu8rDT3S_g@mail.gmail.com> <CAOgPGoDuwbrWO=rfVAvzBcWzQQQb02dbN8C3pvHAkq5=fys_nw@mail.gmail.com>
Date: Mon, 01 Jun 2020 15:57:19 +1000
From: "Martin Thomson" <mt@lowentropy.net>
To: tls@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/XWPdbaYsQrC8JGoZNXTwdgHePio>
Subject: Re: [TLS] Working group last call for draft-ietf-tls-subcerts-07
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jun 2020 05:57:42 -0000

I've reviewed it, it's mostly fine.

I wonder how much more needs to be said about expiration dates and allowance for clock skew.  We haven't had any trouble with the mechanism proposed here (to my knowledge), but we've had plenty of trouble with ESNI deployment.  Maybe the design here is sufficiently superior that it is less susceptible to problems, but it's not clear that this is indeed the case.

Our implementation follows the spec when it comes to the validity period, but we can't really prevent skew from causing credentials to be rejected.  What this does is that it creates a fixed notBefore equivalent for the DC that is relative to the notAfter.  This effectively means that servers need to set valid_time values that aren't too far in the future based on their tolerance for client clock skew.  For a 7-day credential, you might get 5 good days of use.

A little bit of a nod in this direction might go a long way to avoiding deployment problems.

The security considerations don't cover the potential for misissuance creating a credential that is as long-lived as the certificate, but they probably should.

Nits:
The authors seem to use title case and sentence case interchangeably for titles.

On Mon, Jun 1, 2020, at 14:52, Joseph Salowey wrote:
> Reminder: the last call expires this week. 
> 
> On Mon, May 18, 2020 at 12:56 PM Joseph Salowey <joe@salowey.net> wrote:
> > This is the Working Group Last Call for "Delegated Credentials for TLS" available at https://datatracker.ietf.org/doc/draft-ietf-tls-subcerts/. Please review the document and respond to the list with any comments by June 2, 2020. 
> > 
> > Cheers,
> > 
> > Chris, Joe & Sean
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>