Re: [TLS] Brief Cross-WG review - draft-ietf-mmusic-comedia-tls
Sam Hartman <hartmans-ietf@mit.edu> Wed, 04 January 2006 20:23 UTC
Received: from localhost.cnri.reston.va.us ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EuFA0-0001iT-Au; Wed, 04 Jan 2006 15:23:04 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EuF9y-0001g4-60; Wed, 04 Jan 2006 15:23:02 -0500
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA20832; Wed, 4 Jan 2006 15:21:46 -0500 (EST)
Received: from carter-zimmerman.suchdamage.org ([69.25.196.178] helo=carter-zimmerman.mit.edu) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EuFFV-0007MA-AJ; Wed, 04 Jan 2006 15:28:46 -0500
Received: by carter-zimmerman.mit.edu (Postfix, from userid 8042) id 60EF1160059; Wed, 4 Jan 2006 15:22:59 -0500 (EST)
To: Jonathan Lennox <lennox@cs.columbia.edu>
Subject: Re: [TLS] Brief Cross-WG review - draft-ietf-mmusic-comedia-tls
References: <200601021643.LAA18903@ietf.org> <86psna8lsd.fsf@raman.networkresonance.com> <17337.52920.343464.422053@metro-north.cs.columbia.edu>
From: Sam Hartman <hartmans-ietf@mit.edu>
Date: Wed, 04 Jan 2006 15:22:59 -0500
In-Reply-To: <17337.52920.343464.422053@metro-north.cs.columbia.edu> (Jonathan Lennox's message of "Mon, 2 Jan 2006 20:09:12 -0500")
Message-ID: <tslr77nspy4.fsf@cz.mit.edu>
User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b19722fc8d3865b147c75ae2495625f2
Cc: tls@ietf.org, mmusic@ietf.org, jon.peterson@neustar.biz
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Sender: tls-bounces@lists.ietf.org
Errors-To: tls-bounces@lists.ietf.org
Especially in the case where a fingerprint is present I think that the requirements for identity matching would introduce usability problems with no security benefit. So I strongly argue for relaxing the identity checking in the case where a fingerprint is available in an integrity protected SDP exchange. In the case where the cert is being matched against a trust anchor through the process described in RFC 3280, the identity constraints given in this document (or similar constraints) are absolutely essential. In the case where you are doing ssh-style leap of faith you do need to decide what identity you are binding the leap of faith entry to in your cache. In that case the identity requirements may be helpful but are not strict security requirements. If you are going to support ssh-style leap of faith you do need to be careful not to make rekeying/changing a cert harder than it needs to be. In particular, the user should not get a warning because there is a leap of faith cache entry with a different certificate in it and a valid fingerprint is presented in an integrity protected SDP session. I'm not sure updating the cache entry would be good in that case, but presenting a warning to the user because the cert changed would definitely be a bad idea because it would discourage rekeying. Now you do need to present the warning in the case where the SDP session is not integrity protected. --Sam P.S. If I was too terse I can expand. _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] Brief Cross-WG review - draft-ietf-mmusic-c… Allison Mankin
- Re: [TLS] Brief Cross-WG review - draft-ietf-mmus… Eric Rescorla
- Re: [TLS] Brief Cross-WG review - draft-ietf-mmus… Eric Rescorla
- Re: [TLS] Brief Cross-WG review - draft-ietf-mmus… Eric Rescorla
- Re: [TLS] Brief Cross-WG review - draft-ietf-mmus… Allison Mankin
- Re: [TLS] Brief Cross-WG review - draft-ietf-mmus… Eric Rescorla
- Re: [TLS] Brief Cross-WG review - draft-ietf-mmus… Sam Hartman