Re: [TLS] I-D Action: draft-ietf-tls-certificate-compression-01.txt

David Benjamin <davidben@chromium.org> Thu, 14 December 2017 22:43 UTC

Return-Path: <davidben@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 85901126BF7 for <tls@ietfa.amsl.com>; Thu, 14 Dec 2017 14:43:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=chromium.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8yNA3KRf85t9 for <tls@ietfa.amsl.com>; Thu, 14 Dec 2017 14:43:48 -0800 (PST)
Received: from mail-qt0-x232.google.com (mail-qt0-x232.google.com [IPv6:2607:f8b0:400d:c0d::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 299CA1242F5 for <tls@ietf.org>; Thu, 14 Dec 2017 14:43:48 -0800 (PST)
Received: by mail-qt0-x232.google.com with SMTP id r39so9944717qtr.13 for <tls@ietf.org>; Thu, 14 Dec 2017 14:43:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=dmAPwBO0uDFvaR2ZCq9BOE+aAc+FZRmbPbb6fAiI37s=; b=AwQeeZohz/jsECfJhXgUILjjr3rts5j/2pg7X112KisYR78Z2FJJDjCSs1wBUT/o3h M31nEpc/oaXj0rzIZld3VQlAuRqYiXexxBX+gBrZCciJRrtFNc9EM5cMa1W+2bMoDy80 DnJUBoRBweCJvFe3DIox2biKlte1fxkxLFWK0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=dmAPwBO0uDFvaR2ZCq9BOE+aAc+FZRmbPbb6fAiI37s=; b=Y4P7MvEU4wYUjRe7qar/efx074jkt4IqNNBX6SWwiwW/c4Tkc7OmJlASwLZNY62SAR dYKJZ1XmVNSruTK4NnWvUPHX1lLaXf6Mw7+TpbLKG7zPydMKVKiAvsRtqlQQmgEJDdpF UOeZNsxWC/aK++QiUCDPSvhqoQEkXnD5t18bSFDujAMKZMHtqV3epDjsmzacyY3tYlFv 2NncOGjje3oXGZer9Ir4y9MNEMqyqRTNfvGGue5rMkDV13du28DgiUA48rKSXFr17dsE gZa+K64DIm4Z+mqgAkX771kiHea2BG01szGySGhgnx7WSJ6hDKb+yfHYtHACHcqoGDhX VFww==
X-Gm-Message-State: AKGB3mIpy05A/xWul1gPolwxvBUtI/XWbefMqF66p1332s1tXkImDRRp j9C+Eik5qKGLg3gNk+DDrxHRPvjA4pfqhnQl0T1q
X-Google-Smtp-Source: ACJfBouOyctL4sd/HIcz00JGN8Q4Pomr45h7EG0wR4sFrzthjWgDaZCVPFfpUOGuWUdxVia+7sCzGJvCGZ0T+sDXJEs=
X-Received: by 10.200.51.46 with SMTP id t43mr19376917qta.75.1513291427024; Thu, 14 Dec 2017 14:43:47 -0800 (PST)
MIME-Version: 1.0
References: <151282209956.24790.5482932813219061171@ietfa.amsl.com> <20171209123023.GA8296@pinky> <CABkgnnUdKJZ++dV_Vc1jGFpieAvAqVq=H8+1uB_NkNeSgLys-Q@mail.gmail.com> <CAAZdMacFcRniUCZeTqTW+fhVDL+bOFpf-k6PPjd8tPkc6Cr=SQ@mail.gmail.com> <CABkgnnXw++RaOj+4g6edRcebBa73UmOXprgYp-qazavECXDPXg@mail.gmail.com> <20171214214650.GA15254@LK-Perkele-VII>
In-Reply-To: <20171214214650.GA15254@LK-Perkele-VII>
From: David Benjamin <davidben@chromium.org>
Date: Thu, 14 Dec 2017 22:43:34 +0000
Message-ID: <CAF8qwaBg28EaUrfUrOir3BjBwKgVUAfV3-F4c2rZOTtD9nPv1g@mail.gmail.com>
To: Ilari Liusvaara <ilariliusvaara@welho.com>
Cc: Martin Thomson <martin.thomson@gmail.com>, "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="001a1138e872f3d23f0560549d6b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/nWJMSPeDsgz-HptOfzHKWdQBKnk>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-certificate-compression-01.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Dec 2017 22:43:50 -0000

On Thu, Dec 14, 2017 at 4:47 PM Ilari Liusvaara <ilariliusvaara@welho.com>;
wrote:

> On Tue, Dec 12, 2017 at 06:43:19PM -0600, Martin Thomson wrote:
> > On Tue, Dec 12, 2017 at 6:32 PM, Victor Vasiliev <vasilvv@google.com>;
> wrote:
> > > https://github.com/tlswg/certificate-compression/pull/8
> >
> > That's a lot cleaner.  Thanks.  Some minor quibbles, but I like this
> > construction far better.
>
> Yeah, same here, I like this construction far better than the -01 one.
>
> > A question about client certificates prior to TLS 1.3: Are we happy
> > making compression for client certificates only available in TLS 1.3
> > (or higher if we can assume that we will maintain parity in future)?
> > I think that I can live with that.
>
> As others have said, this extension is basically undeployable with
> TLS 1.2 because middleboxes.
>

Another observation about the middlebox issue: if we leave the text as-is,
where it is defined for TLS 1.2 server certificates, but we all silently
agree that servers should decline it at TLS 1.2, clients are still
obligated to implement it in their TLS 1.2 state machine because the
advertisement is the same.

If we're never going to deploy it in TLS 1.2 anyway, this seems like a
waste of the complexity budget. Better to say it is not defined for TLS 1.2
at all because of non-compliant middleboxes and avoid all this ambiguity.


> Also, assuming parity in the future might not be a good idea. Does
> anyone have any idea what TLS 1.4 might be about[1] (TLS 2.0 would
> likely be about cleaning representation, but that would likely be a
> bad idea)?
>
>
> [1] Not Post-Quantum Cryptography. Integrating PQC into TLS 1.3 is not
> a difficult task (once you know the trick). And I do not see TLS
> changes making it any easier without weakening security.
>
>
>
> -Ilari
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>