Re: [TLS] SNI and tickets and resumption

Viktor Dukhovni <ietf-dane@dukhovni.org> Mon, 11 August 2014 20:11 UTC

Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 87FE81A0002 for <tls@ietfa.amsl.com>; Mon, 11 Aug 2014 13:11:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OaVeqSA8_u6M for <tls@ietfa.amsl.com>; Mon, 11 Aug 2014 13:11:51 -0700 (PDT)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D18E81A0004 for <tls@ietf.org>; Mon, 11 Aug 2014 13:11:51 -0700 (PDT)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id 80ED52AB2BD; Mon, 11 Aug 2014 20:11:49 +0000 (UTC)
Date: Mon, 11 Aug 2014 20:11:49 +0000
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: tls@ietf.org
Message-ID: <20140811201149.GX14392@mournblade.imrryr.org>
References: <53E8467B.2090609@delignat-lavaud.fr> <20140811183159.145C81AE02@ld9781.wdf.sap.corp>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20140811183159.145C81AE02@ld9781.wdf.sap.corp>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/hEQ_XjNP3modboIyjP138gbJXrA
Subject: Re: [TLS] SNI and tickets and resumption
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tls@ietf.org
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Aug 2014 20:11:53 -0000

On Mon, Aug 11, 2014 at 08:31:59PM +0200, Martin Rex wrote:

> Normally, I would assume that the client-side session cache is organized/
> indexed by the information that is used for server endpoint identification,
> and a client should not be proposing session resumption of a cached session
> that would fail server endpoint identification.

Exactly!  This is, for example, how the Postfix client session
cache is keyed.  With DANE, the session lookup key even covers the
current peer TLSA RRset, so that when TLSA RRs change, the client
negotiates a new session.  If the client proposes a session with
an SNI name it would not accept for the certificate chain of the
cached session, that's the client's fault.

-- 
	Viktor.