Re: [TLS] OCSP must staple

Yoav Nir <ynir.ietf@gmail.com> Thu, 12 June 2014 21:48 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C7841A0276 for <tls@ietfa.amsl.com>; Thu, 12 Jun 2014 14:48:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7T-PvxXl6csD for <tls@ietfa.amsl.com>; Thu, 12 Jun 2014 14:48:49 -0700 (PDT)
Received: from mail-wi0-x231.google.com (mail-wi0-x231.google.com [IPv6:2a00:1450:400c:c05::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 669B11A0282 for <tls@ietf.org>; Thu, 12 Jun 2014 14:48:48 -0700 (PDT)
Received: by mail-wi0-f177.google.com with SMTP id r20so2367283wiv.10 for <tls@ietf.org>; Thu, 12 Jun 2014 14:48:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=zzGvwPINri2d3NNJCMn3z8QZYvbArDWHcEe9DPJZjBo=; b=ZCtOwVd21wRx0Z+eMn38N7975Z2FPaHTm6bH60NZuE/xHNWbIzMXUVrAabdZ3vfUWw 5FHezA/NkDdCsuXj9EMV4Ks6fY1VddBF3I5DZor0IjE2uD1EeIg+yFyA60MDKt9ViPqm Gr/Y5Nhkq13m/zYBl1mmcVT6EXm4aDntrmlSDi6tKDdAm9cuTKD37Eu3RtLI+dB3BfLY 5WN8YWp6gLeKESw17kZeWYukV0jKbk/QCO4D7nkkh2O6vLRvnJRy8ccsTdAXsRSrDf5L YLCcxfuMDS+bVexRY85DEBnQLDMMTyRiZM27ZqExm4Kb/v/ehP5a7twjjh1qX1IKRfGe +9rg==
X-Received: by 10.180.14.65 with SMTP id n1mr3018727wic.4.1402609726776; Thu, 12 Jun 2014 14:48:46 -0700 (PDT)
Received: from [192.168.1.101] (bzq-84-109-50-18.red.bezeqint.net. [84.109.50.18]) by mx.google.com with ESMTPSA id l45sm7318333eep.25.2014.06.12.14.48.45 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 12 Jun 2014 14:48:46 -0700 (PDT)
Content-Type: text/plain; charset=windows-1252
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.2\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <20140612183938.GA8147@roeckx.be>
Date: Fri, 13 Jun 2014 00:48:42 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <66BD07EC-1CCC-49DC-99F5-02102230157D@gmail.com>
References: <097101cf7aa7$17f960a0$47ec21e0$@digicert.com> <4AA8E7B7-A19D-4E65-AF18-C4D02A513652@ieca.com> <538EF79B.3000506@cs.tcd.ie> <CAMm+LwgTnva9jJgVfkaOZ1qP0Rk3w-mFfepnubosgtrCEARv=g@mail.gmail.com> <539069CC.5010304@cs.tcd.ie> <5390B1D6.5010105@nthpermutation.com> <CAFewVt6Pr8yjV8EbYLp1HQJfYMgq2LJMt4uQqZWKChR6p12Wtg@mail.gmail.com> <5390CA45.1050504@nthpermutation.com> <CAFewVt6qfqHW2Df=aXhmo-Fucvn_PUzM8NVQV-aYiH9Ttfhjmw@mail.gmail.com> <9E3DB9FD-2691-4CED-90A9-A024D7A4F4BA@gmail.com> <20140612183938.GA8147@roeckx.be>
To: Kurt Roeckx <kurt@roeckx.be>
X-Mailer: Apple Mail (2.1878.2)
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/n4kdaapaWusFAm7ebq1pOMv4RHs
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] OCSP must staple
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Jun 2014 21:48:53 -0000

On Jun 12, 2014, at 9:39 PM, Kurt Roeckx <kurt@roeckx.be> wrote:

> On Thu, Jun 12, 2014 at 12:02:40PM +0300, Yoav Nir wrote:
>> Hi, Brian
>> 
>> Interesting stuff. Also good to hear that it's easy to implement, although mileages vary.
>> 
>> Regarding TLS proxies, I can give my perspective, as I work for one vendor. 
>> 
>> <hat type="vendor" status="on">
>> Our fake certificates contain the DNs and alternate names from the original certificate. We don't copy over any extensions that we don't understand. The same is also true of TLS - we don't copy extensions we don't know. That is what allows our proxy to gracefully downgrade HTTP/2 or SPDY clients and gateways to HTTP/1.
>> As for dates, these *are* copied from the original certificate, the reason is that this makes the client behavior similar to whatever it is with the original certificate. We did consider making the certificates short-lived, but decided against it. 
>> </hat>
> 
> I'm wondering if it also strips things it doesn't know but are
> marked critical.

For the server-side half of the connection, a proxy acts as a client, or in certificate terminology, a relying party. If there’s a critical extension it doesn’t understand, it rejects the certificate, and never even gets to the stage of creating a fake certificate.

So there’s the big set of certificate extension, a proper subset of this that are the extensions that the product understands, and a proper subset of that, which are the extensions that it copies. 

Yoav