IETF Logo Mail Archive

Re: [TLS] Consensus on PR 169 - relax certificate list requirements

Viktor Dukhovni <ietf-dane@dukhovni.org> Thu, 27 August 2015 17:29 UTC

Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 27F2D1B2BF1 for <tls@ietfa.amsl.com>; Thu, 27 Aug 2015 10:29:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1bjnJlCKI_rS for <tls@ietfa.amsl.com>; Thu, 27 Aug 2015 10:29:48 -0700 (PDT)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EF4001B2A59 for <tls@ietf.org>; Thu, 27 Aug 2015 10:29:47 -0700 (PDT)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id 0A328284D23; Thu, 27 Aug 2015 17:29:47 +0000 (UTC)
Date: Thu, 27 Aug 2015 17:29:47 +0000
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: tls@ietf.org
Message-ID: <20150827172946.GR9021@mournblade.imrryr.org>
References: <CAOgPGoAPCXkzc=01_+FPSJcxV8vEQmBUYNGYaWMdKpSGU0M0Lg@mail.gmail.com> <201508261742.01242.davemgarrett@gmail.com> <029b01d0e0ec$f6706890$e35139b0$@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <029b01d0e0ec$f6706890$e35139b0$@gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/dO8EIwRCmPjMX63ws_jAQPQVets>
Subject: Re: [TLS] Consensus on PR 169 - relax certificate list requirements
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tls@ietf.org
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Aug 2015 17:29:49 -0000

On Thu, Aug 27, 2015 at 01:22:33PM -0400, Santosh Chokhani wrote:

> To me it seems that both of these wordings could be interpreted by someone
> that if you do not have a trust anchor and you get it in the TLS handshake,
> you can use it and trust it.
> 
> That sounds dangerous.

Beyond a general "there's no such thing as fool-proof", I don't
see how such an interpretation might be arrived at.

Trust-anchors are both frequently sent and frequently not sent in
the TLS handshake.  The new text just says that it may be acceptable
to omit them, but sometimes clients need the trust-anchor certificate
to be sent, because they verify it by fingerprint or similar, and
don't have a (complete) local copy.

The text is fine.

-- 
	Viktor.

v2.23.0 | Report a Bug | By Email