IETF Logo Mail Archive

Re: [TLS] Security concerns around co-locating TLS and non-secure on same port (WGLC: draft-ietf-tsvwg-iana-ports-08)

Matt DeMoss <demoss.matt@gmail.com> Thu, 10 February 2011 03:35 UTC

Return-Path: <demoss.matt@gmail.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D770A3A681A; Wed, 9 Feb 2011 19:35:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.038
X-Spam-Level:
X-Spam-Status: No, score=-1.038 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_34=0.6, RCVD_IN_BL_SPAMCOP_NET=1.96, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4FIqncw6V2zk; Wed, 9 Feb 2011 19:35:49 -0800 (PST)
Received: from mail-fx0-f44.google.com (mail-fx0-f44.google.com [209.85.161.44]) by core3.amsl.com (Postfix) with ESMTP id 8B2FB3A680C; Wed, 9 Feb 2011 19:35:48 -0800 (PST)
Received: by fxm9 with SMTP id 9so1023294fxm.31 for <multiple recipients>; Wed, 09 Feb 2011 19:35:59 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=MlAPwYKSyklW3vhixBNic+syWZ2m22ql6WBme7VJxsM=; b=NvMQQvqvS8ZOiMxZnarlkFH1D74k01sD6vPZBpeRBGJDXaWIbw3PQ8VJU1TABt+OWf hnIX1oUgeCzocgV/O0vLDxSNrTDnk0mE9cCDEU80WVq4OvSipPW8LyhMQ36BqgDdGfmg c5FXR6eg6pmnZaMsdmoHiRMgTz0A50SYjGY1k=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=kAtJYV9VPJyV2PP2hgEvqmd2t48YfybqXytevqu8xMz5v7OIApGClSGW3wW3ajYmR0 gvT852xckqv++IaiTlTJx7qLVPZRVsq/f+Wx6fYkzaRFtxNEme43FhJK5whqmfZZL/4R 9ma5Kk1r1jnPkKqQ96aqIybyBKaA335oogLVY=
MIME-Version: 1.0
Received: by 10.223.93.139 with SMTP id v11mr7347101fam.132.1297308959118; Wed, 09 Feb 2011 19:35:59 -0800 (PST)
Received: by 10.223.37.218 with HTTP; Wed, 9 Feb 2011 19:35:59 -0800 (PST)
In-Reply-To: <D8B3FDB7A62612A570324BEB@nifty-silver.us.oracle.com>
References: <4CD76B1B.5030308@ericsson.com> <D8B3FDB7A62612A570324BEB@nifty-silver.us.oracle.com>
Date: Wed, 09 Feb 2011 22:35:59 -0500
Message-ID: <AANLkTi=PnpSijg8t-N3z-_Y=NzXvfZCK-nEG=x=nyCcA@mail.gmail.com>
From: Matt DeMoss <demoss.matt@gmail.com>
To: Chris Newman <chris.newman@oracle.com>
Content-Type: multipart/alternative; boundary="20cf3054a541ac1662049be54709"
Cc: tls@ietf.org, tsvwg <tsvwg@ietf.org>
Subject: Re: [TLS] Security concerns around co-locating TLS and non-secure on same port (WGLC: draft-ietf-tsvwg-iana-ports-08)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Feb 2011 03:35:50 -0000

>
>
> I can not deny that separate-port for SSL is simpler to implement on the
> server side (having done both). Since the odds of security bugs increases
> with the amount of code, I must conclude that separate-port SSL is more
> secure for _implementers_ and _implementations_ for that reason alone.
>
 [...]

> As an aside, there is no interoperable specification for use of TLS client
> certificate authentication with the "pops" protocol (does it start in
> not-authenticated state and require an AUTH EXTERNAL, or does it start in
> authenticated state -- no way to distinguish the two cases). However, use of
> TLS client certificate authentication with POP+STLS according to written
> rules in RFC 2595 does interoperate.
>
>
I think the argument for protecting complex code paths from exposure is much
stronger in the case of required client certificate authentication where
unauthorized users may be able to exercise fewer paths.

There are also some cases where it seems like you get client-cert-auth 'for
free' as a side effect of sitting on top of a TLS implementation that
supports client auth. MS Outlook seems to like this with LDAPS: I doubt it
was a conscious choice on their part to include that mode of authentication.

The separate port model also makes it easier to terminate the TLS tunnel at
a simple load balancing or TLS accelerating device that knows nothing of the
underlying protocol.

v2.23.0 | Report a Bug | By Email