Re: [TLS] Client certificate authentication and
Martin Rex <mrex@sap.com> Wed, 11 April 2012 21:25 UTC
Return-Path: <mrex@sap.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8644D21F84AF for <tls@ietfa.amsl.com>; Wed, 11 Apr 2012 14:25:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.053
X-Spam-Level:
X-Spam-Status: No, score=-10.053 tagged_above=-999 required=5 tests=[AWL=0.196, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id alhGT0mOlny7 for <tls@ietfa.amsl.com>; Wed, 11 Apr 2012 14:25:33 -0700 (PDT)
Received: from smtpde02.sap-ag.de (smtpde02.sap-ag.de [155.56.68.140]) by ietfa.amsl.com (Postfix) with ESMTP id AFB9C21F849C for <tls@ietf.org>; Wed, 11 Apr 2012 14:25:29 -0700 (PDT)
Received: from mail.sap.corp by smtpde02.sap-ag.de (26) with ESMTP id q3BLPKn7018938 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 11 Apr 2012 23:25:25 +0200 (MEST)
From: Martin Rex <mrex@sap.com>
Message-Id: <201204112125.q3BLPJ9D023675@fs4113.wdf.sap.corp>
To: paul@nohats.ca
Date: Wed, 11 Apr 2012 23:25:19 +0200
In-Reply-To: <alpine.LFD.2.02.1204111401400.24167@bofh.nohats.ca> from "Paul Wouters" at Apr 11, 12 02:10:16 pm
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-SAP: out
Cc: ietf@augustcellars.com, tls@ietf.org
Subject: Re: [TLS] Client certificate authentication and
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: mrex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Apr 2012 21:25:33 -0000
Paul Wouters wrote: > >Jim Schaad wrote: >> >>> Oops. I checked draft-wouters-tls-oob-pubkey-00 and it was already >>> removed there after discussion with EKR in Quebec City. >> >> If this is really what you want to do, then I would suggest that the >> document be expanded so that there exists the possibility to include an >> identifier and/or a public key in the certificate form defined by the oob >> document. > > Personall, I strongly prefer not adding more fields to the bare key > certificate type, That's OK and I don't see a need for that. > > as those people who want to cover client authentication can use > full PKIX certs already, and TLS client authentication in the wild seems > to be extremely rare. I really dislike this answer. What is wrong with plain public keys? It works just fine with SSH. You complained so badly about not wanting to parse X.509 in your client, that I am somewhat appalled to see you suggesting X.509 for client authentication. In our company we've been using SSL client certs for all Intranet systems to which many of our employees need access (Portal, Wikis, Employee self-services scenarios) since 1999, and we've even managed to use it occasionally for stuff that was outsourced (over the internet), because it is so much easier (and more secure) to configure SSL client certs on a WebServer than to newly assign 50.000 passwords each time. If you look around, in many places people can create user accounts with arbitrarily chosen user names, so it really does not matter what name you tag to the key (to make it easier distinguishable for humans), if you tag the keys _at_all_. If you look at the proposal for "Origin-Bound Certificates", they also come with *NO* name that identifies the user, so the concept of recognizing a peer by its public key is really _not_ unusal. > > The only two cases I knew are CAcert and Fedora > (and for the latter it does not even add security, as I need to identify > with another factor anyway (yubikey)) > > Is there an actual use case where bare keys would be preferable over > full PKIX, that also include client auth not based on burned in keys > covered by server side SPKI lookups? Why SPKI lookups? Just have the server map public keys into authorizations, -Martin
- [TLS] Client certificate authentication and draft… Paul Hoffman
- Re: [TLS] Client certificate authentication and d… Paul Wouters
- Re: [TLS] Client certificate authentication and d… Paul Hoffman
- Re: [TLS] Client certificate authentication and d… Paul Wouters
- Re: [TLS] Client certificate authentication and d… Paul Hoffman
- Re: [TLS] Client certificate authentication and d… Paul Wouters
- Re: [TLS] Client certificate authentication and d… Paul Hoffman
- Re: [TLS] Client certificate authentication and d… Daniel Kahn Gillmor
- Re: [TLS] Client certificate authentication and d… Paul Wouters
- Re: [TLS] Client certificate authentication and d… Paul Wouters
- Re: [TLS] Client certificate authentication and d… Daniel Kahn Gillmor
- Re: [TLS] Client certificate authentication and d… Bill Frantz
- Re: [TLS] Client certificate authentication and d… Eric Rescorla
- Re: [TLS] Client certificate authentication and Martin Rex
- Re: [TLS] Client certificate authentication and d… Jim Schaad
- Re: [TLS] Client certificate authentication and d… Paul Wouters
- Re: [TLS] Client certificate authentication and d… Jim Schaad
- Re: [TLS] Client certificate authentication and Martin Rex
- Re: [TLS] Client certificate authentication and d… Joe Salowey