Re: [TLS] Call for adoption of draft-sullivan-tls-exported-authenticator
Ilari Liusvaara <ilariliusvaara@welho.com> Wed, 19 April 2017 05:47 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E29C131513 for <tls@ietfa.amsl.com>; Tue, 18 Apr 2017 22:47:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ulkOi-Dr9Plh for <tls@ietfa.amsl.com>; Tue, 18 Apr 2017 22:47:56 -0700 (PDT)
Received: from welho-filter4.welho.com (welho-filter4.welho.com [83.102.41.26]) by ietfa.amsl.com (Postfix) with ESMTP id A00F013151D for <tls@ietf.org>; Tue, 18 Apr 2017 22:47:56 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by welho-filter4.welho.com (Postfix) with ESMTP id 95C8C24110; Wed, 19 Apr 2017 08:47:53 +0300 (EEST)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp1.welho.com ([IPv6:::ffff:83.102.41.84]) by localhost (welho-filter4.welho.com [::ffff:83.102.41.26]) (amavisd-new, port 10024) with ESMTP id FpalrVUYqk-Z; Wed, 19 Apr 2017 08:47:53 +0300 (EEST)
Received: from LK-Perkele-V2 (87-92-51-204.bb.dnainternet.fi [87.92.51.204]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by welho-smtp1.welho.com (Postfix) with ESMTPSA id 3D7FFC4; Wed, 19 Apr 2017 08:47:53 +0300 (EEST)
Date: Wed, 19 Apr 2017 08:47:52 +0300
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: Nick Sullivan <nicholas.sullivan@gmail.com>
Cc: "tls@ietf.org" <tls@ietf.org>
Message-ID: <20170419054752.GA13952@LK-Perkele-V2.elisa-laajakaista.fi>
References: <CAOgPGoCvpjoexe0u2bT+P5eO75L2UbAtmCOx_1x+WxWvv8ktPA@mail.gmail.com> <20170414114425.GA3649@LK-Perkele-V2.elisa-laajakaista.fi> <20170415134152.GA7893@LK-Perkele-V2.elisa-laajakaista.fi> <CAOjisRx7rbhdWDgpbmv_sKebVBygqDfVJ4pQD7wsS6SF8Fws8g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <CAOjisRx7rbhdWDgpbmv_sKebVBygqDfVJ4pQD7wsS6SF8Fws8g@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/hZTsEKE4eWiG_QurYchlqIMoFHo>
Subject: Re: [TLS] Call for adoption of draft-sullivan-tls-exported-authenticator
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Apr 2017 05:47:59 -0000
On Tue, Apr 18, 2017 at 10:18:03PM +0000, Nick Sullivan wrote: > On Sat, Apr 15, 2017 at 6:42 AM Ilari Liusvaara <ilariliusvaara@welho.com> > wrote: > > > > How do certificate type extensions (#9, #19 and #20) work with exported > > authenticators? > > > > Where other extensions are either meaningless or are edditional info, > > certificate types actually change the format of the first certificate, > > which the library needs to understand in order to extract the SPKI for > > validating the following CertificateVerify. > > > > I think it would be fair to only support server-generated exported > authenticators with the certificate_type negotiated by the TLS handshake. > If the client sent a list of server_certificate_types in its client hello, > then only authenticators of that type can be used (with the chosen type > included an extension to the certificate message). Similarly, if the > server's EE message contains a single client_certificate_type, that would > be the only type supported by client-generated exported authenticators. I > can add text to this effect ( > https://github.com/grittygrease/tls-exported-authenticator/issues/12). There are two bad problems with this: - The certificate types in TLS 1.3 are a bad hack just for bare minimum support for RPK. Using the thing for client post-handshake auth is completely unworkable. And adding new certificate types is pretty much only workable in special applications[1]. - Relying on TLS capability negotiation is fundamentally problematic. There capabilties may not match. And things get downright unworkable when things like signature algorithms are considered. [1] The recent ITS stuff might be one of these applications. Basically, you can only handle one certificate per type, any more and one gets issues. And one certificate per type impiles that one does not need post-handshake authentication. -Ilari
- [TLS] Call for adoption of draft-sullivan-tls-exp… Joseph Salowey
- Re: [TLS] Call for adoption of draft-sullivan-tls… Ilari Liusvaara
- Re: [TLS] Call for adoption of draft-sullivan-tls… Patrick McManus
- Re: [TLS] Call for adoption of draft-sullivan-tls… Benjamin Kaduk
- Re: [TLS] Call for adoption of draft-sullivan-tls… Andrei Popov
- Re: [TLS] Call for adoption of draft-sullivan-tls… Ilari Liusvaara
- Re: [TLS] Call for adoption of draft-sullivan-tls… Nico Williams
- Re: [TLS] Call for adoption of draft-sullivan-tls… Ilari Liusvaara
- Re: [TLS] Call for adoption of draft-sullivan-tls… Victor Vasiliev
- Re: [TLS] Call for adoption of draft-sullivan-tls… Nick Sullivan
- Re: [TLS] Call for adoption of draft-sullivan-tls… Nick Sullivan
- Re: [TLS] Call for adoption of draft-sullivan-tls… Nick Sullivan
- Re: [TLS] Call for adoption of draft-sullivan-tls… Ilari Liusvaara
- Re: [TLS] Call for adoption of draft-sullivan-tls… Joseph Salowey