Re: [TLS] Ideas for TLS 1.3: Server key continuity and certificate reporting
Trevor Perrin <trevp@trevp.net> Fri, 10 January 2014 21:18 UTC
Return-Path: <trevp@trevp.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 730C51AE175 for <tls@ietfa.amsl.com>; Fri, 10 Jan 2014 13:18:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b-tmS6VDN_gW for <tls@ietfa.amsl.com>; Fri, 10 Jan 2014 13:18:20 -0800 (PST)
Received: from mail-wg0-f49.google.com (mail-wg0-f49.google.com [74.125.82.49]) by ietfa.amsl.com (Postfix) with ESMTP id EDD791AE12A for <tls@ietf.org>; Fri, 10 Jan 2014 13:18:19 -0800 (PST)
Received: by mail-wg0-f49.google.com with SMTP id a1so2368021wgh.16 for <tls@ietf.org>; Fri, 10 Jan 2014 13:18:09 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=hoeXzWy192/HeFGnuF3qoKRH0V1mxdL5//lGsWUrYc4=; b=FL0e5zGrhEkooCFNilujU6rh6laKD/ZuJXKLB2khlWKSLQhA4mNNwI1QJZG/yEGEPc P/zH3W97OwwwVyQj33L7YtyUD1iJe/8cRVHHTatGVjaXaswpuShyldmGEEah4al6JXUw o2J7e5SiWyiiCWaaRKsheQexIVV5GkGm2RUEKTioCHJthig9bH2uBjTQ1Hm5YInBex0N AjtsGtNzKXYFI6rIMdUbReT3tARVOesrLq4L/UlSgtEtrXcSao5VI7nkfb9I6ei1Hd1y W1lK1SH+IdhunFHaCy4RXIsa+FI62yvnAXSXtnnuiH/jjpWrHrmCydvpJYKhlw4yL4Zr mPvA==
X-Gm-Message-State: ALoCoQlCZ1BwyTkYic00RTKAcPHf40cR13ghB9VQXKzDW4DZIhtnwIXrOR4FAJPOtiF5Qzs0KmjT
MIME-Version: 1.0
X-Received: by 10.194.78.210 with SMTP id d18mr10698645wjx.27.1389388689433; Fri, 10 Jan 2014 13:18:09 -0800 (PST)
Received: by 10.216.214.134 with HTTP; Fri, 10 Jan 2014 13:18:09 -0800 (PST)
X-Originating-IP: [199.83.223.81]
In-Reply-To: <1389385719.13026.20.camel@lapkaie>
References: <1389371947.30279.56.camel@lapkaie> <1DEAF365-97D4-493B-83C1-270AA9CD5670@vpnc.org> <1389385719.13026.20.camel@lapkaie>
Date: Fri, 10 Jan 2014 13:18:09 -0800
Message-ID: <CAGZ8ZG3ZQh=P7xp6NwnPtyPC-g_0tbzqXr4P3qD0kJ-krEHxKQ@mail.gmail.com>
From: Trevor Perrin <trevp@trevp.net>
To: Kai Engert <kaie@kuix.de>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Ideas for TLS 1.3: Server key continuity and certificate reporting
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Jan 2014 21:18:22 -0000
Hi Kai, Have you seen TACK? It does something similar but with self-managed signing keys, and has good procedures (IMO) for handling key and cert changes and pin lifetimes. http://tools.ietf.org/html/draft-perrin-tls-tack-02 http://tack.io/ Paul is correct there's more discussion about pinning on websec. But I agree with you this approach should be applied to SMTP, IMAP, etc. I'll also note that the bottleneck for ideas like this isn't IETF acceptance, but rather browser willingness to spend effort on experimental proposals (there are sites interested). Most browser experimentation in this area is going into CT at the moment, it seems to me. Trevor On Fri, Jan 10, 2014 at 12:28 PM, Kai Engert <kaie@kuix.de> wrote: > On Fr, 2014-01-10 at 12:12 -0800, Paul Hoffman wrote: >> These ideas (and the followups from Alyssa) are interesting, but I >> suspect that they belong in the websec WG instead of here, unless you >> truly mean them to apply to every application that uses TLS. I don't >> see how they would work, for instance, with SMTP servers that do TLS. > > I'm motiviated to find ways to makes these ideas work with any TLS > connection, completely independent of the encapsulated application > protocol. > > I think a SMTP/TLS client could equally cache the previous cert and > potentially report it to the TLS server on a subsequent connection. > > Where do you see differences that would cause it not to work with > protocols other than http? > > Regards > Kai > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] Ideas for TLS 1.3: Server key continuity an… Kai Engert
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Alyssa Rowan
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Kai Engert
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Kai Engert
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Paul Hoffman
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Kai Engert
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Trevor Perrin
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Daniel Kahn Gillmor
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Kai Engert
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Ralph Holz
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Paul Hoffman
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Watson Ladd
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Paul Hoffman
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Trevor Perrin
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Paul Hoffman
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Kai Engert
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Kai Engert
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Kai Engert
- Re: [TLS] Ideas for TLS 1.3: Server key continuit… Ryan Sleevi