Re: [TLS] Let's remove gmt_unix_time from TLS

Paul Wouters <paul@nohats.ca> Wed, 11 September 2013 16:40 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 05CF411E8192; Wed, 11 Sep 2013 09:40:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wrpSwwPcr80N; Wed, 11 Sep 2013 09:40:43 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [193.110.157.68]) by ietfa.amsl.com (Postfix) with ESMTP id 0F03E11E80FF; Wed, 11 Sep 2013 09:40:42 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3cZpkm6Sj9z9HG; Wed, 11 Sep 2013 12:40:32 -0400 (EDT)
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id bcVp358nAtXF; Wed, 11 Sep 2013 12:40:31 -0400 (EDT)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) by mx.nohats.ca (Postfix) with ESMTP; Wed, 11 Sep 2013 12:40:31 -0400 (EDT)
Received: by bofh.nohats.ca (Postfix, from userid 500) id 32180848E5; Wed, 11 Sep 2013 12:40:31 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id 0A888848E4; Wed, 11 Sep 2013 12:40:31 -0400 (EDT)
Date: Wed, 11 Sep 2013 12:40:31 -0400 (EDT)
From: Paul Wouters <paul@nohats.ca>
To: Russ Housley <housley@vigilsec.com>
In-Reply-To: <49E21B63-C93A-450A-80EE-2050FFCDC0B4@vigilsec.com>
Message-ID: <alpine.LFD.2.10.1309111237040.13632@bofh.nohats.ca>
References: <CAKDKvuw240Ug4xB3zi2w0y7pUvCwSe0nNFZ2XP2vL-tbtKT0tg@mail.gmail.com> <49E21B63-C93A-450A-80EE-2050FFCDC0B4@vigilsec.com>
User-Agent: Alpine 2.10 (LFD 1266 2009-07-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII
Cc: perpass@ietf.org, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Let's remove gmt_unix_time from TLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Sep 2013 16:40:49 -0000

On Wed, 11 Sep 2013, Russ Housley wrote:

> The tlsdate program (with origins in the TOR project) makes use of this value in the nonce portion of the handshake.
>
> I think that the time is an important part of the nonce.  Even if the implementation has a crappy random number generator, the time value does a good job of ensuring that the nonce value is not repeated.  Obviously, the time value does not help with the unpredictability, but the random value is supposed to do that.

Note that tlsdate is a stowaway on board a TLS server. If we can
accomodate, then fine. But we shouldn't go out of our way to support it.

Between making tls less vulnerable to fingerprinting (which helps tor)
and supporting tlsdate, I'd opt for the former.


Paul