Re: [TLS] Empty CertificateRequest.supported_signature_algorithms in TLS 1.2
Eric Rescorla <ekr@rtfm.com> Wed, 21 November 2018 22:01 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 34F2F12D7F8
for <tls@ietfa.amsl.com>; Wed, 21 Nov 2018 14:01:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.358
X-Spam-Level:
X-Spam-Status: No, score=-3.358 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-1.459, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001]
autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key)
header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id vdioP-hNeKSE for <tls@ietfa.amsl.com>;
Wed, 21 Nov 2018 14:01:35 -0800 (PST)
Received: from mail-lj1-x231.google.com (mail-lj1-x231.google.com
[IPv6:2a00:1450:4864:20::231])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 8A77E12D4E9
for <tls@ietf.org>; Wed, 21 Nov 2018 14:01:34 -0800 (PST)
Received: by mail-lj1-x231.google.com with SMTP id s5-v6so6174728ljd.12
for <tls@ietf.org>; Wed, 21 Nov 2018 14:01:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=rtfm-com.20150623.gappssmtp.com; s=20150623;
h=mime-version:references:in-reply-to:from:date:message-id:subject:to
:cc; bh=zjm0KrO3Qar00HorRBSPrg8CAX57kqeg8Rnac52YCXQ=;
b=GEG8oVnt6PIqiJPt28TI2/JzdRnOyc2kZ2hUgu28N9HUuXJOWW7zMxDwRgsR9ycVkb
0oGjbgBYh50HWHaH079ThUWkU6jazVypIerkvCORRBRJ2lLE2rZiFTQXI+d1Et5QPZCk
VMEMuMzHMGJ1Oo/ae4jyihp6+94xTkTAmu19gwAhQVjPxMtzMjEFDq1Uh14wDO1CAX3O
liNg73rYZ8NG7Hf62nUtSlx1yq5d7+p/8O/I0o+iY5h7fV8JpThP4yQVcXqn49pB0wM5
uJMuRUpUauaa0UfqUsv/BuKBYPwyYz4dNIapYs29kfxKErl3zkbxlV0cPv3Xaie6exto
Rjzg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:references:in-reply-to:from:date
:message-id:subject:to:cc;
bh=zjm0KrO3Qar00HorRBSPrg8CAX57kqeg8Rnac52YCXQ=;
b=gCFe690j3LaeSsQ3OT/FdgIwRIka/dOctD3mM2uP6CIXt5m71EK8qK3KNBkuNH/FhW
694H+d8sLkg9P3m0/JO0Ik9jiczC+QE/JMi6dF8FvowoifqaFtqXFZVH4JFNftjjcz/V
7ReMx/ZNU4th5W4VLvhR3gINI8qpezAHm+G8pQ4VRkIhAusBj0blLMZN657QedOWiarN
YXwTO7792weVLpRyCoze1noiXTD2y5xIkUhx6KmdBkaC9RSpNxRlAoz9y/IcNPlu/+f+
aMF13elHV0X+pA/RUeJNOirQWmcstNE2cR8jHvXSIW+RZ6HTyW+5DbhMue2uS2H7bmak
+bQA==
X-Gm-Message-State: AA+aEWbR2ynW0A+kk1FK9l9RTTU/Ean4l8mAJpIXizlcUt5+lTA25ptv
bENnsFh4ggHopjZOVvA6pLRoErQYVvw8WCOIVdRdKA==
X-Google-Smtp-Source: AFSGD/Vm5hgB72LW4LBMJF1RhXgjqRUHS3lOtKxZT/x2TVSdRcoAwhVOvm1Hnuxaqo0TUPpJ49LQ2boVeUMcKd89kl4=
X-Received: by 2002:a2e:9a84:: with SMTP id p4-v6mr5084538lji.73.1542837692677;
Wed, 21 Nov 2018 14:01:32 -0800 (PST)
MIME-Version: 1.0
References: <CABkgnnUxd_cbh-kASTTyPbGvk1fg2cUfUWwNa4cvB2DV8kMRSw@mail.gmail.com>
In-Reply-To: <CABkgnnUxd_cbh-kASTTyPbGvk1fg2cUfUWwNa4cvB2DV8kMRSw@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 21 Nov 2018 14:00:55 -0800
Message-ID: <CABcZeBOPUUFdhD9w+cdMjK7W6FCFqjdvpbae0HCg-G_0heHX+A@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000009e7fbc057b33e416"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/m7mc3L-_RBVVFM-3a1HvndFC560>
Subject: Re: [TLS] Empty CertificateRequest.supported_signature_algorithms
in TLS 1.2
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working
group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>,
<mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>,
<mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Nov 2018 22:01:37 -0000
On Wed, Nov 21, 2018 at 1:50 PM Martin Thomson <martin.thomson@gmail.com>; wrote: > In attempting to fix a bug related to this, a question came up about > what the semantics of an empty value is here. Some implementations > seem to infer that empty means {*,SHA1}, which effectively assumes > that an empty value is equivalent to an absent signature_algorithms > extension (Section 7.4.1.4.1) > > The text on CertificateRequest is less clear about what to do. That's > understandable because it doesn't have to deal with the value being > absent because it's not optional. All we have to go on is this from > Section 7.4.8: > > The hash and signature algorithms used in the signature MUST be > one of those present in the supported_signature_algorithms field > of the CertificateRequest message. > > We think that treating an empty supported_signature_algorithms field > as an error is the best response and plan to implement that change. > We'll send a fatal alert if we receive one. > Yes, I believe this is the right approach. -Ekr > This is consistent with our handling of the signature_algorithms > extension, where we treat an empty list as a failure. > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [TLS] Empty CertificateRequest.supported_signat... Martin Thomson
- Re: [TLS] Empty CertificateRequest.supported_si... Viktor Dukhovni
- Re: [TLS] Empty CertificateRequest.supported_si... Eric Rescorla
- Re: [TLS] Empty CertificateRequest.supported_si... David Benjamin
- Re: [TLS] Empty CertificateRequest.supported_si... Martin Thomson