IETF Logo Mail Archive

Re: [TLS] Eric Rescorla's Discuss on draft-ietf-tls-dnssec-chain-extension-06: (with DISCUSS and COMMENT)

Shumon Huque <shuque@gmail.com> Sun, 18 March 2018 10:11 UTC

Return-Path: <shuque@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2020F12778E; Sun, 18 Mar 2018 03:11:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Nyl7aCf5itQ7; Sun, 18 Mar 2018 03:11:23 -0700 (PDT)
Received: from mail-io0-x232.google.com (mail-io0-x232.google.com [IPv6:2607:f8b0:4001:c06::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A748612DA6C; Sun, 18 Mar 2018 03:11:18 -0700 (PDT)
Received: by mail-io0-x232.google.com with SMTP id e79so9119280ioi.7; Sun, 18 Mar 2018 03:11:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=8MFhnM7eVkUQhcsmP+4/Am6B3aagzH+UzMeQImbezbs=; b=oNN99MBv72rWGqS6oiTBN0xRpIeGz7WuAaIlF7+jiyeKmv1P/iSGe05BytmoHBmtUV veEajUABdNyvXOPGoK1lpDbSOTWhaibyVnCbuWyFuoPqzLWAOR3ioexb7FeCmhAVfpLR PQ1oaQ6MmdmqKlM/NeAjXOOOSunOKGKF0LEp8LlGh3D5qCvEuFCPKYvcJ3P1D6Wemcnh njjZP1TV5j+vfdzvsjplZkB2zlexoIzOALrSIp+b/xnMXyIxKnBX+n7L09dO0H7vWm0Q tABcOgrHnor3mEBYbA+K5+iJtqHBq7JqS4GcOmiJbXvzdoE2AY+KPAWuuS3wHGLGqPin v06A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=8MFhnM7eVkUQhcsmP+4/Am6B3aagzH+UzMeQImbezbs=; b=Rn6SqlWj6BEiEEPq31bwqpbC9iwpEPOo0LaHh9VZYRm2OV01FiRxL2FPIg61BlWTnP syKcXtfyIgxMdWlNsxI4+d/2dqZVgdJ3v9agldzDFy0rVyXPknfTkurW65Jcek7rXqCU 4T6zioQst5wdtspROrZHz5toQhJlHEXyKvNDJKQg/c7Njyh/kQX/H2lsCtJTF2Lg00mz 0MEvBZxSqhSqDmVN6MwGguANDSUZYKFhcEIh0gkJWdf4Pmd6RvYJsaVEqek0jtT2b9zQ cbIJm9KOmqtjGvxQiHAXLyRf65nYTsL5EEJdS4+Y48EQAfUL/TP4uVziXSiRJnbf2/dj 5lLA==
X-Gm-Message-State: AElRT7HpTv+p4EWKgGve3R4GdJ/qckAHXI0mzq03QiY83D/ylQdq4ApJ lg81bCAJnxbzsj63I78QKXVcz0iT5WiwLD6659s=
X-Google-Smtp-Source: AG47ELubZjtRGGjgupfQ3ikq2ryfjr3YWVlOopcx/LOjWe1Ti7zKnHQDDEx3R2rI2W8TX1M1wpbb8yld4OYMXORXan0=
X-Received: by 10.107.137.98 with SMTP id l95mr8130853iod.179.1521367877988; Sun, 18 Mar 2018 03:11:17 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.79.203.9 with HTTP; Sun, 18 Mar 2018 03:11:17 -0700 (PDT)
In-Reply-To: <CAHbuEH7WTEH-CmjUqe5p2q=C2fot3UOx5t-wtAiQimJvDu=5tQ@mail.gmail.com>
References: <151801408058.4807.6327251050641650375.idtracker@ietfa.amsl.com> <CAHPuVdUgZLUf5M8ir=610mvERwQzPhbhGGOyW5s552JtP8d05g@mail.gmail.com> <CABcZeBOST2X0-MH2hhzpPJaUkbY++udsUV1bMnMhH2V2wQRPmA@mail.gmail.com> <CAHPuVdUs7mUJiqZjFjLDCNmHHGR9AP-g5YaLLbJj-zkDKd=_-w@mail.gmail.com> <alpine.LRH.2.21.1802211425260.7767@bofh.nohats.ca> <CAHPuVdX=_6b5g572-T-9Ccwek-WwL11KdTVwV9oNC9LaO5=0=Q@mail.gmail.com> <alpine.LRH.2.21.1802260913290.9977@bofh.nohats.ca> <bb6753af-2050-451c-32ae-c49426a885d8@nlnetlabs.nl> <alpine.LRH.2.21.1803121421420.23254@bofh.nohats.ca> <CAHbuEH7WTEH-CmjUqe5p2q=C2fot3UOx5t-wtAiQimJvDu=5tQ@mail.gmail.com>
From: Shumon Huque <shuque@gmail.com>
Date: Sun, 18 Mar 2018 10:11:17 +0000
Message-ID: <CAHPuVdW-BC9yFh6NtCPfrPtys_NYaUXnpnShMJfgzynjBsrhZg@mail.gmail.com>
To: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Cc: Paul Wouters <paul@nohats.ca>, Willem Toorop <willem@nlnetlabs.nl>, TLS WG <tls@ietf.org>, Eric Rescorla <ekr@rtfm.com>, draft-ietf-tls-dnssec-chain-extension@ietf.org, The IESG <iesg@ietf.org>, tls-chairs <tls-chairs@ietf.org>
Content-Type: multipart/alternative; boundary="001a113f3a7ef0b7aa0567ad0f77"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/m8MJFScM3IaJWu1EDdm-EbNNv8w>
Subject: Re: [TLS] Eric Rescorla's Discuss on draft-ietf-tls-dnssec-chain-extension-06: (with DISCUSS and COMMENT)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Mar 2018 10:11:26 -0000

Hi Kathleen,

Sorry for the delay. We'll have an updated draft addressing the IESG
discuss/comments shortly after the I-D submission window opens early
this week.

The one other sticking point is the issue that Viktor has raised about
extending
the protocol to provide pinning to prevent downgrade to PKIX. That has not
been resolved on list yet, so I assume will be discussed at Wednesday's TLS
session.

Shumon.

On Mon, Mar 12, 2018 at 7:22 PM, Kathleen Moriarty <
kathleen.moriarty.ietf@gmail.com> wrote:

> Hello,
>
> Can you please provide updated text that addresses EKR's discuss while
> this additional discussion continues?  I'd like to see if it's
> possible to get this wrapped up before the plenary in London.
> Eliminating discuss points and resolving this additional issue are
> required for that.  If this does not get wrapped up before then, it is
> likely the draft will have to go on another IESG telechat with Ben as
> AD, which is fine if that's needed, but better to avoid.
>
> Thank you,
> Kathleen
>
> On Mon, Mar 12, 2018 at 2:29 PM, Paul Wouters <paul@nohats.ca> wrote:
> > On Mon, 5 Mar 2018, Willem Toorop wrote:
> >
> >> No Paul, the division in sections is irrelevant for a verifier.  The
> >> only bit of information in a DNS message that is used by a verifier is
> >> the question.  From the question, validation starts and the relevant
> >> records are followed and verified.  But the question section is also not
> >> needed as the question can be derived from the name and port of the
> >> service, i.e. <port>._tcp.<name>. TLSA
> >>
> >> The order described in the draft is both an optimization to reduce the
> >> number of times a verifier has to go over the RRs, and it makes the
> >> content easier to read (and understand) for humans too.
> >>
> >> Also, for non existence answers, DNSSEC validators (and thus also a
> >> verifier for the chain extension) simply ignore the DNS message header.
> >> Proof of non-existence can and must be derived from the set of RRs in
> >> the message body/sections too.
> >
> >
> > Willem (and Shumon and Viktor) have convinced me the DNS Header and
> > Sections are not needed.
> >
> >> The extension already supports Denial of Existence proof b.t.w., because
> >> it is also needed for wildcard expansions (which are supported).
> >
> >
> > The issue here is the requirement of the TLS server to send these
> > records in the absence of any TLS record. This allows the clients to
> > detect a rogue webserver cert that is valid in webPKI but not valid
> > based on DANE. Without this commitment, the TLS extension does not
> > really work, as it can be omitted by an attacker.
> >
> > Paul
> >
>
>
>
> --
>
> Best regards,
> Kathleen
>

v2.23.0 | Report a Bug | By Email