Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Issue
Eric Rescorla <ekr@rtfm.com> Wed, 11 July 2012 14:21 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DEFE821F86B9 for <tls@ietfa.amsl.com>; Wed, 11 Jul 2012 07:21:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.787
X-Spam-Level:
X-Spam-Status: No, score=-102.787 tagged_above=-999 required=5 tests=[AWL=0.190, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Tj9wYWuri6KQ for <tls@ietfa.amsl.com>; Wed, 11 Jul 2012 07:21:36 -0700 (PDT)
Received: from mail-vc0-f172.google.com (mail-vc0-f172.google.com [209.85.220.172]) by ietfa.amsl.com (Postfix) with ESMTP id 7DA9221F86A7 for <tls@ietf.org>; Wed, 11 Jul 2012 07:21:36 -0700 (PDT)
Received: by vcqp1 with SMTP id p1so843470vcq.31 for <tls@ietf.org>; Wed, 11 Jul 2012 07:22:06 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-originating-ip:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:x-gm-message-state; bh=knDT4zsNumTp4w6b4mOIVlQ+EARJIhryStKjHtRc/LE=; b=e5rveGQaO1rPFZBwMslgvFmYX2lCjd75UYvN/7fp69jb04e/4STqLFLKC/yqO3fOmT Pf/aBoWg11OOWXF/ixurtaZJKaq47AQSOumfhWn0X9gIeeQotm+wPrKCijrGI5UH8UM1 4fBCZVl9WDqxPaLYKb+AcpnosOoLixYj6VztZYHLvbXncVXuXYssYsGfjYNPXjHUdT2r Uo9XimDUrKxeLbIck9qtZw7QQGZl7/fhAkXkuqNKuGc6ygB3t6UQ2mZIuMJAf6xf1xMc KmstDKqYEGKrXaVyHo0e3VOmU4hO4gScgMM7cGigDUmapbi8/g364I3kuYVZ7ESJN53Q SJMg==
Received: by 10.220.153.198 with SMTP id l6mr23136896vcw.2.1342016526233; Wed, 11 Jul 2012 07:22:06 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.52.35.209 with HTTP; Wed, 11 Jul 2012 07:21:25 -0700 (PDT)
X-Originating-IP: [74.95.2.173]
In-Reply-To: <1CA8C4CB-1FD8-4498-9988-41B6334F58FD@gmx.net>
References: <1CA8C4CB-1FD8-4498-9988-41B6334F58FD@gmx.net>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 11 Jul 2012 07:21:25 -0700
Message-ID: <CABcZeBOUzauWUzosjKB+TphvuJgCoY929zb_NezfypbmJv98gQ@mail.gmail.com>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Content-Type: text/plain; charset="ISO-8859-1"
X-Gm-Message-State: ALoCoQk41kgTKh04t+QLs0VxZDc9pGCEEiOb3kC/Zb/eT6u1/cmXwsI8sqlF4nG3+ruskr1IYURK
Cc: tls@ietf.org
Subject: Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Issue
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Jul 2012 14:21:38 -0000
On Wed, Jul 11, 2012 at 3:56 AM, Hannes Tschofenig <hannes.tschofenig@gmx.net> wrote: > Hi all, > > draft-ietf-tls-oob-pubkey specifies a new TLS certificate type for exchanging raw public keys in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) for use with out-of-band public key validation. > > Here is the latest draft: > http://tools.ietf.org/html/draft-ietf-tls-oob-pubkey-03 > > I would be great to get your feedback on an open issue that concerns the semantic of the exchange. I believe there are three use cases we would like to support with this work. Below, I provide high level message exchanges to explain those: It might help if you desscribe the actual open issue. > I) Server uses Raw Public Keys (client authentication happens at some other layer) > (the DANE use case) > > client_hello, > raw-public-key-indicator="Server, when you send me your raw public key? Is your suggestion that this is indicating ":I would not support X.509? > I support this out-of-band key validation using DANE." -> Wait, who said anything about indicating DANE here? The agreed upon indication was "I would support a public key", nothing about DANE. > <- server_hello, > raw-public-key="OK. The certificate structure below contains my raw public key.", > certificate, // with raw public key inside > server_key_exchange, > server_hello_done > > client_key_exchange, > change_cipher_spec, > finished -> > > <- change_cipher_spec, > finished > > Application Data <-------> Application Data > > > II) Client and Server use Raw Public Keys > (the smart object use case - CORE working group) > > client_hello, > raw-public-key="Server, please send me your raw public key and I will then send you mine. Are you OK processing my raw public key for client authentication?" -> This is not a semantic associated with the client. In TLS the server requests client auth. At most the client could say "I could send you a raw public key for auth if you asked for it" > <- server_hello, > raw-public-key="Below you find my raw public key and please send me your raw public key for client > authentication", > certificate, // raw public key > server_key_exchange, > certificate_request, > server_hello_done > > certificate, // with client's raw public key > client_key_exchange, > certificate_verify, > change_cipher_spec, > finished -> > > <- change_cipher_spec, > finished > > Application Data <-------> Application Data > > > II) Hybrid Scenario > (the OAuth Holder-of-the-Key Use case) > > client_hello, > raw-public-key="I would like to use my raw public key for client authentication with OAuth. I also process X.509 for server-side authentication." -> As above. > <- server_hello, > raw-public-key="Please send me your raw public key. This is in certreq, no? > I use X.509 for server-side authentication", Why would this need an indication? > certificate, // with X.509 cert. > server_key_exchange, > certificate_request, > server_hello_done > > certificate, // with client's raw public key > client_key_exchange, > certificate_verify, > change_cipher_spec, > finished -> > > <- change_cipher_spec, > finished > > Application Data <-------> Application Data > -------- > > QUESTION: Are these all the message exchanges we need? Are there some problems with the exchanges? > > Ciao > Hannes > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] draft-ietf-tls-oob-pubkey: The Open Issue Hannes Tschofenig
- Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Iss… Eric Rescorla
- Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Iss… Nikos Mavrogiannopoulos
- Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Iss… Hannes Tschofenig
- Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Iss… Eric Rescorla
- Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Iss… Hannes Tschofenig
- Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Iss… Robert Cragie
- Re: [TLS] draft-ietf-tls-oob-pubkey: The Open Iss… Nikos Mavrogiannopoulos