Re: [TLS] Adoption call for TLS Flag - Request mTLS

Dennis Jackson <ietf@dennis-jackson.uk> Thu, 04 April 2024 18:03 UTC

Return-Path: <ietf@dennis-jackson.uk>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B723AC1CAF46 for <tls@ietfa.amsl.com>; Thu, 4 Apr 2024 11:03:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=dennis-jackson.uk
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q142yA5tRuGc for <tls@ietfa.amsl.com>; Thu, 4 Apr 2024 11:03:25 -0700 (PDT)
Received: from mout-p-101.mailbox.org (mout-p-101.mailbox.org [IPv6:2001:67c:2050:0:465::101]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B02F0C18DB98 for <tls@ietf.org>; Thu, 4 Apr 2024 11:03:22 -0700 (PDT)
Received: from smtp202.mailbox.org (smtp202.mailbox.org [IPv6:2001:67c:2050:b231:465::202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-101.mailbox.org (Postfix) with ESMTPS id 4V9Txc5J2vz9sWf for <tls@ietf.org>; Thu, 4 Apr 2024 20:03:16 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dennis-jackson.uk; s=MBO0001; t=1712253796; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=fqDp+YWrFjd48VDK6ytfv/TLteMbPrFs++EiBjhnwbo=; b=VundgH09YsCdVSw5NFWnnaVD+jm+gX7XF8VidqBNTIjm75gHLQgk4iR0A4352YSM/WXYsV CAmp0Cwup082/McZgcMQJYLTiUv4TksdSRyiZ4gYXR3RYXlF7k+8KIVp3zbsPOHdqKTAmx rBk1rEH+aqW/mfPGC7c4kxlVlF8jpBPFJ/DzGJ5cPDYJY6hVqAWlmKJkpEurnPedv0Nwqq CxGs/Rxm01VCuJHENPZydeH7/cjSzPnzVo8GAol3BUFqMAdDyBWxREL1G/3mMpD/wrHKHT EiBetwQQyv6TL3ium/fCSMh2SKIVtyuxP+rYpHzhgHbubCnTl1uJ+/inxaOlaw==
Content-Type: multipart/alternative; boundary="------------19fzuuheeuwQziSxhAafeTN0"
Message-ID: <83c91070-e289-49e2-a856-12cb596eaacb@dennis-jackson.uk>
Date: Thu, 04 Apr 2024 19:03:15 +0100
MIME-Version: 1.0
To: tls@ietf.org
References: <8957179A-14D2-4947-B196-B68988B0E3CA@sn3rd.com> <1c42a223-8abc-472a-bb8d-a7827f5b0f06@iki.fi> <CAG2Zi20=Azki7Qp2rgi+ixdCojTr8kbrP6wBiYX2J7Xy94b4Jg@mail.gmail.com> <CACykbs3V7huBGqUnh5=qcoqHftvdNTsk+Yyc0uJkcOPqZk5bMQ@mail.gmail.com> <3a32b9f5-ebe9-4e8e-9672-860324aaa8ac@dennis-jackson.uk> <CACykbs3esuif1jqfJkTYaQ_ahH_PRS6zg9UgMXTXX0uBj1M9Kw@mail.gmail.com>
Content-Language: en-US
From: Dennis Jackson <ietf@dennis-jackson.uk>
In-Reply-To: <CACykbs3esuif1jqfJkTYaQ_ahH_PRS6zg9UgMXTXX0uBj1M9Kw@mail.gmail.com>
X-Rspamd-Queue-Id: 4V9Txc5J2vz9sWf
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/ZBAlGMgkpnKnN7YbLdB6-wme--A>
Subject: Re: [TLS] Adoption call for TLS Flag - Request mTLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Apr 2024 18:03:29 -0000

Ah, I wonder what the motivation was for it being a MUST rather than a 
SHOULD.

That still leaves open sending a private use value - which would allow 
you to de-conflict with others uses.


On 04/04/2024 17:11, Jonathan Hoyland wrote:
> Hi Dennis,
>
> RFC 7250 Section 4.1 says:
> If the client has no remaining certificate types to send in
>     the client hello, other than the default X.509 type, it MUST omit the
>     client_certificate_type extension in the client hello.
> That seems to explicitly exclude sending the single entry 0 to me.
> Regards,
> Jonathan
>
>
> On Thu, 4 Apr 2024, 16:43 Dennis Jackson, 
> <ietf=40dennis-jackson.uk@dmarc.ietf.org> wrote:
>
>     Hi Jonathan,
>
>     My reading of RFC 7250 is the same as Mohits. Although the RFC
>     talks about raw public keys and a new codepoint for them, it is
>     building on RFC 6091 which defined a similar extension and the
>     X509 codepoint.
>
>     It seems fine for you to send the client_certificate_type
>     extension with the single entry 0 (X509). You also have the option
>     of using a value assigned for private use (224 and up) for your
>     specific use case of indicating a search engine crawler willing to
>     provide a client cert.
>
>     Best,
>     Dennis
>
>     On 04/04/2024 11:17, Jonathan Hoyland wrote:
>>     Hi all,
>>
>>     Thanks for the feedback here.
>>
>>     With respect to RFC 7250, as I mentioned earlier on list, there
>>     seen to be two issues. First it changes the semantics of the
>>     extension slightly, and second the RFC explicitly excludes x.509
>>     certs.
>>
>>     IIUC the semantics of the extension are "I have a weird client
>>     cert", not "I have a client cert".
>>
>>     With respect to whether this needs to be a working group item,
>>     I'm not particularly averse to this being an independent document
>>     if that's where the WG thinks it should go.
>>     In my opinion, however, there are two things that it would be
>>     good to get input from the TLS WG on.
>>
>>     One, this is a change from all previous versions of TLS in which
>>     the client cannot induce auth, does enabling this break anyone's
>>     assumptions?
>>
>>     Two, I'd like a low flag number because it saves bytes on the
>>     wire, but there is a discussion to be had as to how common this
>>     flag will be versus other flags.
>>     (Non-attack) Bot traffic is very common, but it's not the
>>     majority of traffic by any means.
>>
>>     Regards,
>>
>>     Jonathan
>>
>>
>>
>>     On Thu, 4 Apr 2024, 01:17 Christopher Patton,
>>     <cpatton=40cloudflare.com@dmarc.ietf.org> wrote:
>>
>>         It would be great to here from Jonathan (the author) if RFC
>>         7250 is already sufficient for this use case.
>>
>>         On Tue, Apr 2, 2024 at 10:23 PM Mohit Sethi <mohit@iki.fi> wrote:
>>
>>             Please see my earlier comment regarding this draft:
>>             https://mailarchive.ietf.org/arch/msg/tls/g3tImSVXO8AEmPH1UlwRB1c1TLs/
>>
>>             In summary: the functionality of this draft is already
>>             achievable by
>>             using the client_certificate_type extension defined in
>>             RFC 7250:
>>             https://datatracker.ietf.org/doc/html/rfc7250 with
>>             certificate type
>>             value = 0:
>>             https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#tls-extensiontype-values-3.
>>
>>             The table in section 4.2 of RFC8446 even mentions that
>>             the extension can
>>             be included in the ClientHello:
>>             https://datatracker.ietf.org/doc/html/rfc8446#section-4.2,
>>             thereby
>>             ensuring that the server sends a CertificateRequest
>>             message in response
>>             to the ClientHello received.
>>
>>             OpenSSL already implements this extension since it was
>>             needed for
>>             support raw public keys (RPKs).
>>
>>             As stated earlier: if it is indeed the case that the
>>             client_certificate_type extension is suitable for the
>>             use-case, then
>>             perhaps it is preferable to not have a separate flag.
>>             Otherwise, it
>>             would make the state machine at the server more
>>             complicated (for
>>             example: handling a ClientHello with both the mTLS flag
>>             and the
>>             client_certificate_type extension.
>>
>>             Therefore, like Ekr, I am mildly negative on adopting
>>             this document but
>>             for different reasons.
>>
>>             --Mohit
>>
>>             On 4/3/24 00:52, Sean Turner wrote:
>>             > At the IETF 119 TLS session there was some interest in
>>             the mTLS Flag I-D
>>             (https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-jhoyla-req-mtls-flag%2F&data=05%7C02%7Cmohit.sethi%40aalto.fi%7C42877de6d3d64135e49e08dc534a463b%7Cae1a772440414462a6dc538cb199707e%7C1%7C0%7C638476825681199391%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=ERzWFcuBlAfobNyGCcgKDhCl9wex9LOQ%2F3yPYC7idfU%3D&reserved=0
>>             <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fdraft-jhoyla-req-mtls-flag%2F&data=05%7C02%7Cmohit.sethi%40aalto.fi%7C42877de6d3d64135e49e08dc534a463b%7Cae1a772440414462a6dc538cb199707e%7C1%7C0%7C638476825681199391%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=ERzWFcuBlAfobNyGCcgKDhCl9wex9LOQ%2F3yPYC7idfU%3D&reserved=0>);
>>             also, see previous list discussions at [0]. This message
>>             is to judge consensus on whether there is sufficient
>>             support to adopt this I-D.  If you support adoption and
>>             are willing to review and contribute text, please send a
>>             message to the list.  If you do not support adoption of
>>             this I-D, please send a message to the list and indicate
>>             why.  This call will close on 16 April 2024.
>>             >
>>             > Thanks,
>>             > Deirdre, Joe, and Sean
>>             >
>>             > [0]
>>             https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmailarchive.ietf.org%2Farch%2Fmsg%2Ftls%2F9e2S95H9YgtHp5HhqdlNqmQP0_w%2F&data=05%7C02%7Cmohit.sethi%40aalto.fi%7C42877de6d3d64135e49e08dc534a463b%7Cae1a772440414462a6dc538cb199707e%7C1%7C0%7C638476825681208049%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=eEU6ZPJ5cmfqLHQuM3UYXrFKCJuKaaJVc8Ssk5erRjk%3D&reserved=0
>>             <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmailarchive.ietf.org%2Farch%2Fmsg%2Ftls%2F9e2S95H9YgtHp5HhqdlNqmQP0_w%2F&data=05%7C02%7Cmohit.sethi%40aalto.fi%7C42877de6d3d64135e49e08dc534a463b%7Cae1a772440414462a6dc538cb199707e%7C1%7C0%7C638476825681208049%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=eEU6ZPJ5cmfqLHQuM3UYXrFKCJuKaaJVc8Ssk5erRjk%3D&reserved=0>
>>             > _______________________________________________
>>             > TLS mailing list
>>             > TLS@ietf.org
>>             >
>>             https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Ftls&data=05%7C02%7Cmohit.sethi%40aalto.fi%7C42877de6d3d64135e49e08dc534a463b%7Cae1a772440414462a6dc538cb199707e%7C1%7C0%7C638476825681214744%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=%2B9CGIKB31GI9RMQG62I1rTnbHaDPfSynvlmwrkPn%2FpQ%3D&reserved=0
>>             <https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Ftls&data=05%7C02%7Cmohit.sethi%40aalto.fi%7C42877de6d3d64135e49e08dc534a463b%7Cae1a772440414462a6dc538cb199707e%7C1%7C0%7C638476825681214744%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=%2B9CGIKB31GI9RMQG62I1rTnbHaDPfSynvlmwrkPn%2FpQ%3D&reserved=0>
>>
>>             _______________________________________________
>>             TLS mailing list
>>             TLS@ietf.org
>>             https://www.ietf.org/mailman/listinfo/tls
>>
>>         _______________________________________________
>>         TLS mailing list
>>         TLS@ietf.org
>>         https://www.ietf.org/mailman/listinfo/tls
>>
>>
>>     _______________________________________________
>>     TLS mailing list
>>     TLS@ietf.org
>>     https://www.ietf.org/mailman/listinfo/tls
>     _______________________________________________
>     TLS mailing list
>     TLS@ietf.org
>     https://www.ietf.org/mailman/listinfo/tls
>
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls