[TLS] draft-shore-tks-dnssec-chains-extension

Paul Wouters <paul@nohats.ca> Wed, 22 July 2015 11:45 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 083891B2D49 for <tls@ietfa.amsl.com>; Wed, 22 Jul 2015 04:45:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id i09RkL62ysmE for <tls@ietfa.amsl.com>; Wed, 22 Jul 2015 04:45:22 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6DE0A1B2C40 for <tls@ietf.org>; Wed, 22 Jul 2015 04:45:22 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 3mbw2l5yMYzD5f for <tls@ietf.org>; Wed, 22 Jul 2015 13:45:19 +0200 (CEST)
Authentication-Results: mx.nohats.ca; dkim=pass (1024-bit key) header.d=nohats.ca header.i=@nohats.ca header.b=onuuIETG
X-OPENPGPKEY: Message passed unmodified
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id r33SiT1h7CS9 for <tls@ietf.org>; Wed, 22 Jul 2015 13:45:19 +0200 (CEST)
Received: from bofh.nohats.ca (206-248-139-105.dsl.teksavvy.com []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS for <tls@ietf.org>; Wed, 22 Jul 2015 13:45:18 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca []) by bofh.nohats.ca (Postfix) with ESMTP id A810C80042 for <tls@ietf.org>; Wed, 22 Jul 2015 07:45:17 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1437565517; bh=9GXeWoTvESzQV0TvzPex+JhLu4BhXNm9ZBeobKB+57w=; h=Date:From:To:Subject; b=onuuIETGY4lqvKhOOzGxItkoUzWKUNmc09VWen8Entv57yWhg9rjVX8nwBQBQD268 ffUP9jebfoTiXy3yrafO4uVEzBUPG3A3Vg+mEEzD1Us0d8lOeejfKT2SDW7nZSyL/7 txwvgJ6w/kP6grQprOD4oZDIKUjMQUZacmm6J2ag=
Received: from localhost (paul@localhost) by bofh.nohats.ca (8.15.1/8.15.1/Submit) with ESMTP id t6MBjHLA003933 for <tls@ietf.org>; Wed, 22 Jul 2015 07:45:17 -0400
X-Authentication-Warning: bofh.nohats.ca: paul owned process doing -bs
Date: Wed, 22 Jul 2015 07:45:17 -0400
From: Paul Wouters <paul@nohats.ca>
To: "<tls@ietf.org>" <tls@ietf.org>
Message-ID: <alpine.LFD.2.11.1507220736290.2328@bofh.nohats.ca>
User-Agent: Alpine 2.11 (LFD 23 2013-08-11)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format="flowed"; charset="US-ASCII"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/hr2JiND4jGXEhUxfRZ6aci4dTMk>
Subject: [TLS] draft-shore-tks-dnssec-chains-extension
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2015 11:45:28 -0000

I do like the dnssec-chain-extension.

I think the server should stick to one chain, from the root to itself,
so it does not have to deal with variable chain blobs per client.
That will allow server code to stick to something like hourly
regenerating the blob for use with all clients.

I do strongly prefer the binary blob to be in raw dns format. That
will make parsing easier with existing code, and over time we will
not run into issues where dns libraries support newer algorithms
but this specific dnssec parsing code isn't updated.

The DNS answer packet format can contain many DNS records in the
Additional Section, without requiring any new DNS data format (and note
edns-query-chain also does not specify a new format). I would be fine
with stating the order of the additional records should be top down,
to make validation easier, although probably the TLSA record and RRSIG
itself should appear in the DNS Answer Section.

As for ekr's question on why not stuff this inside X.509, that would not
be compatible with tls raw pulic keys that only contain a SBKI, and drag
back into the protocol more ASN.1 parsing and containers.