Re: [TLS] draft-ietf-tls-exported-authenticator questions
Martin Thomson <martin.thomson@gmail.com> Sat, 22 July 2017 08:13 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 543B8131C4F for <tls@ietfa.amsl.com>; Sat, 22 Jul 2017 01:13:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0clyNyvRqULu for <tls@ietfa.amsl.com>; Sat, 22 Jul 2017 01:13:53 -0700 (PDT)
Received: from mail-io0-x22e.google.com (mail-io0-x22e.google.com [IPv6:2607:f8b0:4001:c06::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1A8B612783A for <tls@ietf.org>; Sat, 22 Jul 2017 01:13:53 -0700 (PDT)
Received: by mail-io0-x22e.google.com with SMTP id q2so29189945ioe.3 for <tls@ietf.org>; Sat, 22 Jul 2017 01:13:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=cKhr1sZoIxRtcohBtGMuZqWLvhPmJfJWg921JSk5e6o=; b=QkmU2OXy/Ny0GUn8kTbW+hTUt+2e8qeT74ePfdRgaI25MDSt4dch/ohEa+y3oY5qdS WEl++S74H7imVQYwoeVU6ahn5TpeBYYHnscbPXqBkSB+0ijPU35kzUH1pMHBMRGEUmd8 JqQCUOYCv96VToTXbRCIIxKlZyjYO/67iTfiHUKiOOU8r9IQJN2Yo6DfVSYZ7Umt1tDT oT5bpOso9YGDugfSzqnO5F/ticj9erD7JHPoknRu1khWHuHE2/KukHnHHeU7p5FGGuXc ZVPG90fdGRaJX4pcgpLeT1q9Z9EDrxMHr8Ci5t5xeY/Lzy2fc+uSZCjz3zQ95Qepuu77 Y+3w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=cKhr1sZoIxRtcohBtGMuZqWLvhPmJfJWg921JSk5e6o=; b=KQxUzAZMYUiB3nXwUESc56PXYyXdN6NyZFJv15SxeYx0OlsuMa2PfIzy4XYfho4TiL 1BuT3dqTi3RxrsjvoHM4cZxG1k08tuVghld8Abqys+z34pY9ojDBS1IeZH1F+MleJehL pytREYxGJq5zwPfK8bWRcRnOl+Ayv8I88AAwg8goT1qld+Ux0KNImMx9wJeZZMQyHUh8 /vAHvy/BPetXeiAMzvCxzS7AM7M4wHwd6NFeTtheh8Ge9l1Y5CyrgYQzszV27oSMfIkV 4ttnJWZs2UrqjXn3+a5lTj7riXqf7os+ekTMEpC2sHcIkhapCXTsrUALhb1bfkmtcK/X qD0Q==
X-Gm-Message-State: AIVw113oOSrNB1PdjAePZUxmRlMVFiiqNYYUjl17lHrJ06VMQo5/jpcU 9rOYZh8vZpsVxckjLA6mA0cqohfFuA==
X-Received: by 10.107.179.135 with SMTP id c129mr10681763iof.74.1500711232427; Sat, 22 Jul 2017 01:13:52 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.107.164.26 with HTTP; Sat, 22 Jul 2017 01:13:51 -0700 (PDT)
In-Reply-To: <CACsn0cncDR+_w45=iUO1an94KrUE-SkSofuyd7g3Vn7OY2FZ8Q@mail.gmail.com>
References: <D6717B12-60FE-4E08-812E-4C5FB1B908F6@sn3rd.com> <20170720070217.xvwmrd3ootvjr2fu@LK-Perkele-VII> <bfe006b2-681c-e766-4df6-2adf503b4a73@akamai.com> <CACsn0c=LP33E+1B5ZhAFGMq7aSW=LjdTTmu0j8oekcrxkvYwuw@mail.gmail.com> <20170722053454.5tvj52zpknbq2bqr@LK-Perkele-VII> <CACsn0cncDR+_w45=iUO1an94KrUE-SkSofuyd7g3Vn7OY2FZ8Q@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Sat, 22 Jul 2017 10:13:51 +0200
Message-ID: <CABkgnnXa9N2QEt83NxBBo0X6HwBx1RrWm+VgwCay4kMHrX1o4A@mail.gmail.com>
To: Watson Ladd <watsonbladd@gmail.com>
Cc: Ilari Liusvaara <ilariliusvaara@welho.com>, "tls@ietf.org" <tls@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/bv2mxjAU9KWjIeYsAWk33KxOJ3k>
Subject: Re: [TLS] draft-ietf-tls-exported-authenticator questions
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 22 Jul 2017 08:13:54 -0000
On 22 July 2017 at 07:42, Watson Ladd <watsonbladd@gmail.com> wrote: >> If crc is repeated within a connection, then the old certificate >> message can be replayed. >> >> If crc is guessed, then reply can be pregenerated anytime during >> connection. >> >> However, neither seems crticial, but might be of magnitude to note. > > Yes, if we want freshness then we need a challenge-response protocol. > I don't recall if the H2 draft does. It cannot. The question is whether freshness regarding the request is necessary, or whether it is just freshness with respect to connection that we need. That is, was the response generated for this connection, or was it generated in response to a specific request. I think that a binding to the connection is sufficient. In terms of use cases, the current design is a much better fit. It allows for spontaneous assertions of identity rather than requiring a request/response exchange. If we need request/response - which I don't think we do - then that should be integral to this mechanism. I don't want to rely on the using protocol doing the right thing.
- [TLS] GH repo location for draft-ietf-tls-exporte… Sean Turner
- [TLS] draft-ietf-tls-exported-authenticator quest… Ilari Liusvaara
- Re: [TLS] draft-ietf-tls-exported-authenticator q… Watson Ladd
- Re: [TLS] draft-ietf-tls-exported-authenticator q… Benjamin Kaduk
- Re: [TLS] draft-ietf-tls-exported-authenticator q… Watson Ladd
- Re: [TLS] draft-ietf-tls-exported-authenticator q… Ilari Liusvaara
- Re: [TLS] draft-ietf-tls-exported-authenticator q… Watson Ladd
- Re: [TLS] draft-ietf-tls-exported-authenticator q… Martin Thomson