Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.txt
Martin Rex <mrex@sap.com> Fri, 04 May 2012 23:34 UTC
Return-Path: <mrex@sap.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C7B121F84FF for <tls@ietfa.amsl.com>; Fri, 4 May 2012 16:34:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.071
X-Spam-Level:
X-Spam-Status: No, score=-10.071 tagged_above=-999 required=5 tests=[AWL=0.178, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oJrTmkjlSFdD for <tls@ietfa.amsl.com>; Fri, 4 May 2012 16:34:13 -0700 (PDT)
Received: from smtpde01.sap-ag.de (smtpde01.sap-ag.de [155.56.68.170]) by ietfa.amsl.com (Postfix) with ESMTP id 37D5121F8539 for <tls@ietf.org>; Fri, 4 May 2012 16:34:12 -0700 (PDT)
Received: from mail.sap.corp by smtpde01.sap-ag.de (26) with ESMTP id q44NYBPU002424 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sat, 5 May 2012 01:34:11 +0200 (MEST)
From: Martin Rex <mrex@sap.com>
Message-Id: <201205042334.q44NY9go003966@fs4113.wdf.sap.corp>
To: paul.hoffman@vpnc.org
Date: Sat, 05 May 2012 01:34:09 +0200
In-Reply-To: <62F11982-64E4-4EDE-B8E3-E26F898D9763@vpnc.org> from "Paul Hoffman" at May 4, 12 03:06:58 pm
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-SAP: out
Cc: tls@ietf.org
Subject: Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: mrex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 May 2012 23:34:14 -0000
Paul Hoffman wrote:
>
> Martin Rex wrote:
> >
> > I believe it is acceptable and more correct than your proposed
> > alternative.
> >
> > RFC6091 does _not_ permit different certificates types for
> > client and server, so this will not fit into the extensibility provided
> > by rfc6091.
>
> Ummmm, I never said that it did.
> My proposed alternative wording was to deal with exactly the case of
> both sides using raw keys. Why did you think different?
Ooops, I'm sorry.
Your proposed replacement text is actually much less problematic
than the description heading it (and which I had better quoted):
>>>
>>> This is both wrong and insufficient.
>>>
>>> It is wrong in that the server might also authenticate the client
>>> through a future TLSA-type protocol that handles user certificates,
>>> and might also authenticate the client through LDAP. The entire
>>> sentence can be removed.
[...]
>>> 3.5. Client Certificate
>>>
>>> This message is only sent in response to the certificate request
>>> message. The client certificate message is sent using the same
>>> formatting as the server certificate message, and it is also required
>>> to present a certificate that matches the negotiated certificate
>>> type. If RawPublicKey certificates have been selected and no certificate
>>> is available from the client, then a certificate structure of type
>>> "empty_cert" that contains an RawPublicKey value MUST be sent.
>>> The server SHOULD respond with a "handshake_failure" fatal alert if
>>> client authentication is required.
What is confusing in your description is
"empty_cert" that contains a RawPublicKey value
I believe wie need another codepoint in the rfc6091 enumerator
OpenPGPCertDescriptorType:
enum {
empty_cert(1),
subkey_cert(2),
subkey_cert_fingerprint(3),
+ x509_spki(4),
(255)
} OpenPGPCertDescriptorType;
because "empty_cert" is not meant to be extensible in rfc6091:
uint24 OpenPGPEmptyCert = 0;
struct {
OpenPGPCertDescriptorType descriptorType;
select (descriptorType) {
case empty_cert: OpenPGPEmptyCert;
case subkey_cert: OpenPGPSubKeyCert;
case subkey_cert_fingerprint:
OpenPGPSubKeyCertFingerprint;
}
} Certificate;
Btw. -oob Section 3.3 should be modified similar to rfc6091 section 3.4:
current:
3.3. Certificate Request
The semantics of this message remain the same as in the TLS
specification.
new:
3.3. Certificate Request
The semantics of this message remain the same as in the TLS
specification. However, if this message is sent, and the negotiated
certificate type is RawPublicKey, then the "certificate_authorities"
list MUST be empty.
-Martin
- [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.txt Joe Salowey
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… Simon Josefsson
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… Paul Wouters
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… Paul Hoffman
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… Paul Hoffman
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… Martin Rex
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… Paul Hoffman
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… Martin Rex
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… Martin Rex
- Re: [TLS] WGLC for draft-ietf-tls-oob-pubkey-03.t… =JeffH