Re: [TLS] Awkward Handshake: Possible mismatch of client/server view on client authentication in post-handshake mode in Revision 18
Andrei Popov <Andrei.Popov@microsoft.com> Tue, 14 February 2017 18:15 UTC
Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3B3312949F for <tls@ietfa.amsl.com>; Tue, 14 Feb 2017 10:15:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.021
X-Spam-Level:
X-Spam-Status: No, score=-2.021 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SLR_SUkTqyXu for <tls@ietfa.amsl.com>; Tue, 14 Feb 2017 10:15:37 -0800 (PST)
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-by2nam01on0117.outbound.protection.outlook.com [104.47.34.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C726E129689 for <tls@ietf.org>; Tue, 14 Feb 2017 10:15:37 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=uW83guSmEUWaVKef5UZ9NzlPZiYXeRYcL3fbWjt3fLg=; b=iJX2zGkOoGg3NNV1t3P5gGkrug01hEISFs4xcaAFIuscWrZc2GcTGx5wH6BgBSNF05SBysNUZuQKUGW+YL7LNdvt8O8ls2xYTL5VRsjL6Gh3Scl7eKfmbk2E+mv5eJ/GXmCG9FEOUiSCNX3ep5RsiCT9f5lZRmSaHVVzGLmIOHQ=
Received: from CY1PR0301MB0842.namprd03.prod.outlook.com (10.160.163.148) by CY1PR0301MB0843.namprd03.prod.outlook.com (10.160.163.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.888.16; Tue, 14 Feb 2017 18:15:37 +0000
Received: from CY1PR0301MB0842.namprd03.prod.outlook.com ([10.160.163.148]) by CY1PR0301MB0842.namprd03.prod.outlook.com ([10.160.163.148]) with mapi id 15.01.0888.030; Tue, 14 Feb 2017 18:15:37 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: David Wong <davidwong.crypto@gmail.com>, David Benjamin <davidben@chromium.org>
Thread-Topic: [TLS] Awkward Handshake: Possible mismatch of client/server view on client authentication in post-handshake mode in Revision 18
Thread-Index: AQHShfVLh43MYmEytkO14a3ComoThqFooDUAgAAGc4CAAAlfgIAAHR8A
Date: Tue, 14 Feb 2017 18:15:36 +0000
Message-ID: <CY1PR0301MB08426CD005E640B9865D1BC38C580@CY1PR0301MB0842.namprd03.prod.outlook.com>
References: <CABdrxL6qupAu+Ztxw7BU1e-eoy-kfJKRQq+ZZyoKokXHNZEoZQ@mail.gmail.com> <local-bdf4ca0e-d529@nylas-mail.nylas.com> <CAF8qwaBQOfW68BcyG_d6wNsGTT+e6XajEYd0OSjjDekEQOD2mw@mail.gmail.com> <local-a70c902a-5994@nylas-mail.nylas.com>
In-Reply-To: <local-a70c902a-5994@nylas-mail.nylas.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Andrei.Popov@microsoft.com;
x-originating-ip: [2001:4898:80e8:a::1d2]
x-ms-office365-filtering-correlation-id: c9f08c2e-3993-4ef5-449f-08d4550579b1
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(48565401081); SRVR:CY1PR0301MB0843;
x-microsoft-exchange-diagnostics: 1; CY1PR0301MB0843; 7:ECbTlWO+Ur93SAuauHGg2M/PVHEM4B44x7H+d95WPlBpNAqIh9NnATYVd7du5IG9iWd1qu4yjPmGeuZdtXPr3s/a/HsT8FlZZdVn8ZCYXfzyQKofGaH8F+1Rteqoe2YKYqMSVlYu/NWxNdws51IjOwqfauGQRQQTlSUCWAfPn8zIns/JIVgA4zY6WHCx5QBU1gUSKUBrNHbA2pzbqWfeHbrokCAGAo0ixKSEFKk0k5PpQRAjtdQscNplrFgDsbf+uoNX68vNoendMT0czK3atHiiGKjZHOnxzh531VgQqyE6byctNJn/Kpt8HIXu5p861rOeCaOXcPM/ham3T9DdorALGJ4QzK87CWKoAxmLip1M7gncn7h3puk6RZW7PDdGxDDrsBNIr8bn6E0k9DulcSZARvGDCHoD6IWcAbxDIzZeZ0zD8SZL9fzZK4n8LDK7YwZ1GZIRUbQJ39wVjldGWPs3vJZuA3A1uQcMIYgBgw1gph8L8yFO1CrAW8QKtDA6+kHGW+brXOd6P6Eni6W/JvHSTzuBYfcJaXeY2uc2p2I=
x-microsoft-antispam-prvs: <CY1PR0301MB0843118484AD70C005C4BC1D8C580@CY1PR0301MB0843.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040375)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6055026)(61426038)(61427038)(6041248)(20161123562025)(20161123564025)(20161123555025)(20161123558025)(20161123560025)(6072148); SRVR:CY1PR0301MB0843; BCL:0; PCL:0; RULEID:; SRVR:CY1PR0301MB0843;
x-forefront-prvs: 0218A015FA
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(7916002)(39410400002)(39450400003)(39860400002)(39850400002)(39840400002)(24454002)(199003)(377454003)(189002)(74316002)(54906002)(10090500001)(2950100002)(6506006)(106116001)(3660700001)(6306002)(8676002)(77096006)(97736004)(9686003)(54896002)(5005710100001)(68736007)(39060400002)(81003)(50986999)(8990500004)(53936002)(54356999)(76176999)(101416001)(2900100001)(81166006)(6246003)(8936002)(10290500002)(92566002)(81156014)(229853002)(790700001)(93886004)(38730400002)(189998001)(236005)(86362001)(106356001)(3280700002)(99286003)(6436002)(55016002)(33656002)(7696004)(7736002)(5660300001)(2906002)(86612001)(4326007)(105586002)(25786008)(6116002)(122556002)(102836003); DIR:OUT; SFP:1102; SCL:1; SRVR:CY1PR0301MB0843; H:CY1PR0301MB0842.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_CY1PR0301MB08426CD005E640B9865D1BC38C580CY1PR0301MB0842_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Feb 2017 18:15:36.9981 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR0301MB0843
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/cOCTAuNZ9pO7KxKaf5MWLuwsm9g>
Cc: Cas Cremers <cas.cremers@cs.ox.ac.uk>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Awkward Handshake: Possible mismatch of client/server view on client authentication in post-handshake mode in Revision 18
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Feb 2017 18:15:40 -0000
Is it important for the client to know, from the TLS stack itself, whether client authentication succeeded or not? My assumption (perhaps incorrect) has been that it is the server that cares about the client's identity (or identities) in order to make an authorization decision. This thread also seems to consider client authentication a binary state: the client is either authenticated, or not. In practice, the client may assert multiple identities, and the server may grant various levels of access. Also, why should the client care whether session ticket X includes client identity Y? If a client resumes a TLS session with a session ticket that does not include (or point to) a client authenticator needed to satisfy the client's request, the server can initiate client auth (or deny the request). Cheers, Andrei From: TLS [mailto:tls-bounces@ietf.org] On Behalf Of David Wong Sent: Tuesday, February 14, 2017 8:18 AM To: David Benjamin <davidben@chromium.org> Cc: Cas Cremers <cas.cremers@cs.ox.ac.uk>; tls@ietf.org Subject: Re: [TLS] Awkward Handshake: Possible mismatch of client/server view on client authentication in post-handshake mode in Revision 18 On Feb 14 2017, at 4:44 pm, David Benjamin <davidben@chromium.org<mailto:davidben@chromium.org>> wrote: NewSessionTicket always includes in-handshake client auth. The resumption secret can't even be derived without it. Oups, my bad. What about if the client do send a certificate, but the server decides not to accept it, but goes on with the connection (I think nothing in the spec says that the server needs to terminate the connection if the client cert is not good).
- [TLS] Awkward Handshake: Possible mismatch of cli… Cas Cremers
- Re: [TLS] Awkward Handshake: Possible mismatch of… Ilari Liusvaara
- Re: [TLS] Awkward Handshake: Possible mismatch of… Sam Scott
- Re: [TLS] Awkward Handshake: Possible mismatch of… Andrei Popov
- Re: [TLS] Awkward Handshake: Possible mismatch of… Sam Scott
- Re: [TLS] Awkward Handshake: Possible mismatch of… Eric Rescorla
- Re: [TLS] Awkward Handshake: Possible mismatch of… Victor Vasiliev
- Re: [TLS] Awkward Handshake: Possible mismatch of… Eric Rescorla
- Re: [TLS] Awkward Handshake: Possible mismatch of… Sam Scott
- Re: [TLS] Awkward Handshake: Possible mismatch of… Eric Rescorla
- Re: [TLS] Awkward Handshake: Possible mismatch of… Andrei Popov
- Re: [TLS] Awkward Handshake: Possible mismatch of… Sam Scott
- Re: [TLS] Awkward Handshake: Possible mismatch of… Eric Rescorla
- Re: [TLS] Awkward Handshake: Possible mismatch of… Cas Cremers
- Re: [TLS] Awkward Handshake: Possible mismatch of… David Wong
- Re: [TLS] Awkward Handshake: Possible mismatch of… David Benjamin
- Re: [TLS] Awkward Handshake: Possible mismatch of… Ilari Liusvaara
- Re: [TLS] Awkward Handshake: Possible mismatch of… David Wong
- Re: [TLS] Awkward Handshake: Possible mismatch of… Andrei Popov
- Re: [TLS] Awkward Handshake: Possible mismatch of… Martin Thomson
- Re: [TLS] Awkward Handshake: Possible mismatch of… David Wong
- Re: [TLS] Awkward Handshake: Possible mismatch of… Martin Rex
- Re: [TLS] Awkward Handshake: Possible mismatch of… Cas Cremers
- Re: [TLS] Awkward Handshake: Possible mismatch of… Andrei Popov
- Re: [TLS] Awkward Handshake: Possible mismatch of… David Wong
- Re: [TLS] Awkward Handshake: Possible mismatch of… David Benjamin
- Re: [TLS] Awkward Handshake: Possible mismatch of… Andrei Popov
- Re: [TLS] Awkward Handshake: Possible mismatch of… Martin Rex