Re: [TLS] I-D Action: draft-ietf-tls-snip-01.txt
Ben Schwartz <bemasc@google.com> Tue, 22 February 2022 20:58 UTC
Return-Path: <bemasc@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 776443A0B7C for <tls@ietfa.amsl.com>; Tue, 22 Feb 2022 12:58:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.598
X-Spam-Level:
X-Spam-Status: No, score=-17.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iBOMVdR8AJVd for <tls@ietfa.amsl.com>; Tue, 22 Feb 2022 12:58:43 -0800 (PST)
Received: from mail-io1-xd31.google.com (mail-io1-xd31.google.com [IPv6:2607:f8b0:4864:20::d31]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A0C773A0ADC for <tls@ietf.org>; Tue, 22 Feb 2022 12:58:43 -0800 (PST)
Received: by mail-io1-xd31.google.com with SMTP id c23so17146492ioi.4 for <tls@ietf.org>; Tue, 22 Feb 2022 12:58:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=CmAe9U9eFL0BelqgqZjYrASRNHnAutQeSNwytbUIhLM=; b=tQ3aOZn6pkXWPKs98hJeYouzYF2FlxKdYWgOMbWpHCpmVuWDnS1BTeb6X0cRn0Jnkr 1mGBsDIF7CVmZpVdd/NDYbYQsUtMWAi0enFiXM/UuY5B1J+ErnszOFh/NF/6XvD/Imkl 6mzHXKKEUW9ftIZY1a41bTjGZPqQvltXN4Ofy6KuyUG0h4e9dE7dYZgIDksWhmlQurK5 74uaOXrlttG6Roc1pI7GPMZ5U+IyyKH4SPXstkavzXns7QU5eFialfPI6k++fNEFCG78 GT5rP5bK5+Fw56U0ix+IB7QnhBcd2Vfh56VwavLhnNa2qpLXGpIepyMD0b6oeZt1F4h/ d4vQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=CmAe9U9eFL0BelqgqZjYrASRNHnAutQeSNwytbUIhLM=; b=Ho74C8rpAyVJCExtT1JhwsN7EQfAtBgNDZkVqXGs5ing47w29Jo9lCzP0BzRXhCg+J e1IjQiYpcEKsKkk2EtuG0ov5XKxCoZgeVPPDpUiN5Knmvechwv+xHSeTqV3bDJXkPYGC RpzJywpatNYJW+cWKYIfx2w9tC7a2n9Jhy43NTkSyyzoIlpj3tbxHFXlnVNshwphmM6L tabIiuoSOb1x00/2mIBF24LOkt23Qt962BiIqCPNheOMrUoQ8H70Ehf1o47i7TD5Z6BD eXbT0BjIfz4MrIJaOvT8DiB3Wog/urefE1RWw6VLwApns8llcsi2ei8QuRmP3xPwtADN 4d0w==
X-Gm-Message-State: AOAM530ljdai/c0CCl255iLjIRF+0g/LIjAhNP57h2yjglX09HsRpqda c7vX8TttwKX3uZDMYLIC4KSJp4LP6aeM9g5lcHrYCSr4gguSHA==
X-Google-Smtp-Source: ABdhPJwPPh6E+5TcnacuesJqh4JdUg9os6ZjBn9jqxWtwrVR7ksqBhImvCSXm4AFVdoycZodV07Y+/fK834+YSJbCuI=
X-Received: by 2002:a5e:930c:0:b0:641:7453:fdb with SMTP id k12-20020a5e930c000000b0064174530fdbmr2413143iom.184.1645563522534; Tue, 22 Feb 2022 12:58:42 -0800 (PST)
MIME-Version: 1.0
References: <164498945328.29432.3195675407975344546@ietfa.amsl.com> <3032eda1-a666-4c02-93df-7e311f5dc8e7@beta.fastmail.com>
In-Reply-To: <3032eda1-a666-4c02-93df-7e311f5dc8e7@beta.fastmail.com>
From: Ben Schwartz <bemasc@google.com>
Date: Tue, 22 Feb 2022 15:58:31 -0500
Message-ID: <CAHbrMsDKz7r+vP9vEiORrPGXnnjkUWZxSefOZzqDLZqwbLmBSA@mail.gmail.com>
To: Martin Thomson <mt@lowentropy.net>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="0000000000003e191005d8a19d41"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/nVEHYOb8D7vkMvKpZ7aRLmAHG0o>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-snip-01.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Feb 2022 20:58:49 -0000
I continue to support this draft.
I am puzzled by the requirement that "A server MUST omit any compatible
protocols from this extension". Including them seems harmless, and
omitting them seems to impose an unstated requirement that (1) both parties
also include the ALPN extension and (2) the implementations of these
extensions must be intertwined. I would change this to SHOULD.
Appendix C assumes that SVCB records are not authenticated. That's allowed
by SVCB, but it's not required. A client with authenticated SVCB records
(e.g. via DNSSEC) is not vulnerable to these attacks, and SNIP would
arguably be redundant in that case. I don't think it's fair to claim that
DNSSEC is "impractical", as implied by this text. ("often impractical"
might be fine.)
Also, the bullets underneath have some issues:
> it is not possible to ensure that all server instances in a deployment
have the same protocol configuration, as deployments for a single name
routinely include multiple providers that cannot coordinate closely;
This is not a problem. The differently-configured servers would be
represented by different RRs in the RRSet.
> the ability to provide a subset of valid DNS records is integral to many
strategies for managing servers
Perhaps, but only the authoritative server is allowed to make these
judgments, and it must happen before DNSSEC signing (which signs the entire
RRSet as an indivisible unit).
> ensuring that cached DNS records are synchronized with server state is
challenging in a number of deployments.
SVCB contents are required to be accurate. They might be conservative (not
offering all supported protocols), but they can't be optimistic (promising
protocols that aren't actually supported everywhere). Perhaps there is
some SNIP use case where the client is excited to learn that this server
supports some as-yet-unannounced protocol, but it's not the main SNIP use
case.
On Wed, Feb 16, 2022 at 12:36 AM Martin Thomson <mt@lowentropy.net> wrote:
> Hey everyone,
>
> This is a keep-alive update for the most part.
>
> I spent an hour or so trying to do improve the readability of the draft.
> So it will look like a lot has changed as I rewrote large chunks, removed a
> fair bit, and moved whole sections. All of that is with a goal of making
> the content more accessible. Happy to hear how people feel that went and
> how it might be improved further.
>
> Cheers,
> Martin
>
>
> On Wed, Feb 16, 2022, at 16:30, internet-drafts@ietf.org wrote:
> > A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> > This draft is a work item of the Transport Layer Security WG of the IETF.
> >
> > Title : Secure Negotiation of Incompatible Protocols
> in TLS
> > Author : Martin Thomson
> > Filename : draft-ietf-tls-snip-01.txt
> > Pages : 12
> > Date : 2022-02-15
> >
> > Abstract:
> > An extension is defined for TLS that allows a client and server to
> > detect an attempt to force the use of less-preferred application
> > protocol even where protocol options are incompatible. This
> > supplements application-layer protocol negotiation (ALPN), which
> > allows choices between compatible protocols to be authenticated.
> >
> >
> > The IETF datatracker status page for this draft is:
> > https://datatracker.ietf.org/doc/draft-ietf-tls-snip/
> >
> > There is also an HTML version available at:
> > https://www.ietf.org/archive/id/draft-ietf-tls-snip-01.html
> >
> > A diff from the previous version is available at:
> > https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-snip-01
> >
> >
> > Internet-Drafts are also available by rsync at rsync.ietf.org:
> :internet-drafts
> >
> >
> > _______________________________________________
> > TLS mailing list
> > TLS@ietf.org
> > https://www.ietf.org/mailman/listinfo/tls
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>
- [TLS] I-D Action: draft-ietf-tls-snip-01.txt internet-drafts
- Re: [TLS] I-D Action: draft-ietf-tls-snip-01.txt Martin Thomson
- Re: [TLS] I-D Action: draft-ietf-tls-snip-01.txt Ben Schwartz
- Re: [TLS] I-D Action: draft-ietf-tls-snip-01.txt David Benjamin
- Re: [TLS] I-D Action: draft-ietf-tls-snip-01.txt Ben Schwartz
- Re: [TLS] I-D Action: draft-ietf-tls-snip-01.txt Martin Thomson