IETF Logo Mail Archive

Re: [TLS] I-D Action: draft-ietf-tls-subcerts-10.txt

Joseph Birr-Pixton <jpixton@gmail.com> Sat, 27 March 2021 17:02 UTC

Return-Path: <jpixton@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B2953A2EDD for <tls@ietfa.amsl.com>; Sat, 27 Mar 2021 10:02:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id x2NqNyNLZ8v1 for <tls@ietfa.amsl.com>; Sat, 27 Mar 2021 10:01:59 -0700 (PDT)
Received: from mail-oi1-x22d.google.com (mail-oi1-x22d.google.com [IPv6:2607:f8b0:4864:20::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C71753A2EDA for <tls@ietf.org>; Sat, 27 Mar 2021 10:01:59 -0700 (PDT)
Received: by mail-oi1-x22d.google.com with SMTP id m13so8955387oiw.13 for <tls@ietf.org>; Sat, 27 Mar 2021 10:01:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=w5eAyRfS/1PWgJT6W+cAoTkTbn21SQndbHmNz9GyoEs=; b=dDD00CWBI14d4IcW7P5xjvI5lqZa68FU7WC3z4+aDW3XYjPB2Pq/opMWC0VzGJjNKJ OAW9q9vjcfspPJrWQzE0iyU9R0R3AhIiNSb929ZuUvr+mxiNdaDNit6ayg62QRYWYxVh kLKbbAHTd6m/IgGY0zdFZpYAEPN1706ywdBGlwQFhEoviVGUpatqW5oGjkTror1YvZFm 4y2hhI/zNBwcYE0WAzcnJiEWXYRkODw58wOpnjVk2JEEQa7cPKuOXHo8Wl4hGGREuw2V SsSo8g+1xA3+/dvq9YBUqMEyXRBRgaIE4wF6oVjH17zGu5OUULkcHDWpe5y6MWZStFmK uhaQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=w5eAyRfS/1PWgJT6W+cAoTkTbn21SQndbHmNz9GyoEs=; b=efOlAE7p8HlDchT+BIRQkV7bQqSuBIsaIqG0TXJLc47JqdFW166/ftdVlYOCopSxME 1mxDpuYY9uccoLO6cnW+TcnOQ0WF223NgoY2fpGibXKhydvBgra+zp3ZhHLuz0evoGmG fQMW5+V+E8qUbgtVEkwncI8Z2O0nRKmvS6yiWckH/xPMdgsJWcehojFj0IzwWcP/JpRN dGF2+Hg2PrvjjXcKqMC9VcFQD+ojEBsGuyJ5aks944I0hd34E5vtGuqgmk/XDlCg0x5i u65ftE09p15bSFUbFO0MsXwfU6HkYrM5GTDO0/DXazJng4xwRsjfj+TMVLRvTlRfYxFC sD1g==
X-Gm-Message-State: AOAM531F3wH7mQ8KGlX5t6kotgBe0wRMQqHD8DSJIaYJ6JAycwJvDOwF Tp/uWeCyvDok0TqodRr5UH0hyueLZn/M6c7jbaMW+n4Ju+Q=
X-Google-Smtp-Source: ABdhPJzl/EQ8uVATOUexUQrt9pdHsgMDpNdK3iZCp7tNaYngo4TLoDBN1RjE2uOxsr3rBKzODItEoL7TUjAMGNg1bFw=
X-Received: by 2002:aca:cf95:: with SMTP id f143mr13769587oig.104.1616864517996; Sat, 27 Mar 2021 10:01:57 -0700 (PDT)
MIME-Version: 1.0
References: <161152940146.13632.832237048620145771@ietfa.amsl.com>
In-Reply-To: <161152940146.13632.832237048620145771@ietfa.amsl.com>
From: Joseph Birr-Pixton <jpixton@gmail.com>
Date: Sat, 27 Mar 2021 17:01:22 +0000
Message-ID: <CACaGAp=ny1EG08pg3fZNDa5bAUG0JVYPLuWOwmUQaeA9Wofx3w@mail.gmail.com>
To: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/jFwbzYOXsJC_-wD4bTjft1QfAn8>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-subcerts-10.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Mar 2021 17:02:04 -0000

On Sun, 24 Jan 2021 at 23:03, <internet-drafts@ietf.org> wrote:
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Transport Layer Security WG of the IETF.
>
>         Title           : Delegated Credentials for TLS

I'm a little confused too by the meaning of 4.1.3:

#   1.  Validate that DelegatedCredential.cred.valid_time is no more than
#       7 days.

I read this as saying that a certificate can only be usable for
delegation in the first 7 days after it's notBefore. That follows from
valid_time being an offset in seconds from notBefore, and validation
step 3 covers the "maximum validity period" mentioned elsewhere in the
draft. This sounds a bit odd.

Honestly, I find the name and definition of valid_time a little
unclear. It's neither a "validity time" instant, or a period. Perhaps
"validity_offset"? But it may be simpler to just make it 64 bits and
_make_ it a UTC instant -- with the added benefit that this may result
in fewer implementations doing unsigned 32-bit arithmetic on times in
seconds and breaking ~15 years hence.

I think this draft would also benefit from explicitly drawing out (d)
in this thought process:

a) for performance reasons[1], it seems unlikely that RSA keys are
workable as delegated credentials.
b) a huge amount of the webpki is still built on RSA.
c) given (a) and (b), a common deployment strategy will mean mixed
authentication cryptography in handshake authentication: RSA for the
webpki portion, ECDSA/EdDSA perhaps for delegation.
d) and this is OK (as it is in webpki), and totally allowed, and expected.

Thanks,
Joe

[1] expensive, non-deterministic key generation; large key sizes

v2.23.0 | Report a Bug | By Email