Re: [TLS] Call for Consensus on removal of renegotiation

"henry.story@bblfish.net" <henry.story@bblfish.net> Wed, 02 July 2014 18:19 UTC

Return-Path: <henry.story@bblfish.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A46311A03CF for <tls@ietfa.amsl.com>; Wed, 2 Jul 2014 11:19:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id he67dYkHRP91 for <tls@ietfa.amsl.com>; Wed, 2 Jul 2014 11:19:07 -0700 (PDT)
Received: from mail-wg0-f46.google.com (mail-wg0-f46.google.com [74.125.82.46]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 996541A03BC for <tls@ietf.org>; Wed, 2 Jul 2014 11:19:07 -0700 (PDT)
Received: by mail-wg0-f46.google.com with SMTP id y10so11593004wgg.17 for <tls@ietf.org>; Wed, 02 Jul 2014 11:19:06 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to; bh=Xe2g90/dCwl9W6nsF2F5a0TfU8y0NC2coBuRkoEX0Og=; b=euLfign5FoBWsQHJfQ8lKxqgyabRDowhCGsBOtnH1ubxPDyVOYst5kPBaFYzjm3ISr teHvvZPaSOifqcLpcW9fUgSDkPq9t6e1DJiX9I+yh+NwnRLCcv/NHeoIWNoeSNdgCMLy z2jUyfycmb2+BZuaxEwjetlriDnAIiI1CO/DDMHW75CKfo0e5vJiiLjVEnb6vMhbODTd OO97vxDatzcYWRuNdoC+Pm1sbKBfHo0i8inGGRJDB2CE9PyXhiylQ3WIYTV9aXyuk+n9 24FA4CKTNfxRA1JlosdralE3XHk2eQ5STW1qqkwnn+SgUlwsr/x1PswW0y8SjEEquyBp fR1Q==
X-Gm-Message-State: ALoCoQnjp6LZgHhKBog3PNA1dyKW74ehocyzBBN8DvbaBa+RypoACRw4mSC9OJtftrEaXVTrsmXk
X-Received: by 10.194.62.167 with SMTP id z7mr4566517wjr.112.1404325145967; Wed, 02 Jul 2014 11:19:05 -0700 (PDT)
Received: from [192.168.69.71] ([81.57.85.198]) by mx.google.com with ESMTPSA id n2sm54268253wjf.40.2014.07.02.11.19.01 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 02 Jul 2014 11:19:02 -0700 (PDT)
Content-Type: text/plain; charset=windows-1252
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.2\))
From: "henry.story@bblfish.net" <henry.story@bblfish.net>
In-Reply-To: <6B247363-E6E2-4A81-92D8-FE2F02C14227@gmail.com>
Date: Wed, 2 Jul 2014 20:19:00 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <05FE6B2C-A3B5-4E11-ADC3-5A588DE11C3C@bblfish.net>
References: <44DA5A30-015D-40F3-90CA-F15076891BBC@cisco.com> <53AB192F.2040001@fifthhorseman.net> <CAAF6GDdkkuB=Eko55vqaPS9Krc0XmiQk0vo2c_q5n6kydpkYuQ@mail.gmail.com> <B18B3440-8CBF-4B04-B792-F81FBF0CE8AC@gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C71854BEF192@USMBX1.msg.corp.akamai.com> <6B247363-E6E2-4A81-92D8-FE2F02C14227@gmail.com>
To: Yoav Nir <ynir.ietf@gmail.com>
X-Mailer: Apple Mail (2.1878.2)
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/pq0wclpms_v6nW1HKXyfonmZ4EI
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Call for Consensus on removal of renegotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Jul 2014 18:19:10 -0000

On 25 Jun 2014, at 22:47, Yoav Nir <ynir.ietf@gmail.com> wrote:

> 
> On Jun 25, 2014, at 11:42 PM, Salz, Rich <rsalz@akamai.com> wrote:
> 
>>> Nothing. But that would require changing those applications.
>> 
>> Wouldn't they already have to change in order to use TLS 1.3?  Or would the underlying library switch to it, and then not do the magic rekey calls?
> 
> An application running on something like Apache can replace the OpenSSL library, and instantly get upgraded from supporting only SSLv3 and TLS 1.0 to support TLS 1.2 and AES-GCM and ECDHE.
> 
> If that application ever ran enough traffic that renegotiation for rekeying was needed, upgrading to the next OpenSSL that includes TLS 1.3 would not be as smooth.
> 
> BTW: This discussion is totally missing the other use of renegotiation - to move from server-authenticated to mutually-authenticated. Unless that need is addressed (by some mechanism), I can’t support removing renegotiation.

+1

I am surprised that even though this was seriously discussed in the previous threads, it was not
put forward as an option in the straw poll. Removing renegotiation MUST Be conditional on the ability
to write servers that allow the client to move from anonymous to TLS Certificate based authentication
when needed. And it has to be baked into TLS1.3 and not part of some optional spec.

Perhaps something like http://tools.ietf.org/html/draft-thomson-tls-care-00 will do. But one needs
to make sure that you don't make a protocol such as WebID+TLS go from implementable to non-implementable.
( see http://webid.info/ )

Henry



Social Web Architect
http://bblfish.net/