Re: [TLS] Fwd: New Version Notification for draft-sheffer-tls-pinning-ticket-00.txt
Dave Garrett <davemgarrett@gmail.com> Sun, 11 October 2015 20:21 UTC
Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E60D1A90F9 for <tls@ietfa.amsl.com>; Sun, 11 Oct 2015 13:21:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Wzb9JPMxxA6h for <tls@ietfa.amsl.com>; Sun, 11 Oct 2015 13:21:36 -0700 (PDT)
Received: from mail-qg0-x22d.google.com (mail-qg0-x22d.google.com [IPv6:2607:f8b0:400d:c04::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 260221A90F6 for <tls@ietf.org>; Sun, 11 Oct 2015 13:21:36 -0700 (PDT)
Received: by qgt47 with SMTP id 47so107369185qgt.2 for <tls@ietf.org>; Sun, 11 Oct 2015 13:21:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:references:in-reply-to:mime-version :content-type:content-transfer-encoding:message-id; bh=MvlUk9ydrEUHnpYPoLV+H79v2ooZHnckv+mb7khNJ5w=; b=nfH8ZnjK5wigyGtOtyI7Q9aAa+z547rE9zpZrgwohQv+INFsUh9acIaQzqLX2UP1C5 9Q39IymUpRjzGoAe7KH/09Bt+bIj9jmw65kzcyjY2F2a0kpIK9V08U2Y5FbuWpdd2GaI 5TWDPiRNMs1ATkTx27cRO2jU8gzq5fQIkirjqDSPZi8lsGQu+gVPp3du1Sv8wtIIvLp3 MVlDZRBKEiz9NqLypvowY4fhDbhZO9BEJDmq3NBvIF//4iWauEp5yqOF3jWVkRu8qn/0 g40gC3f5voKl4860e5Ts6sJolKVzO9guIGMgiQ0zKxhzmPxzceiWM8vtczRpAtvTIyfc pcjA==
X-Received: by 10.140.97.7 with SMTP id l7mr28638443qge.32.1444594895364; Sun, 11 Oct 2015 13:21:35 -0700 (PDT)
Received: from dave-laptop.localnet (pool-72-94-152-197.phlapa.fios.verizon.net. [72.94.152.197]) by smtp.gmail.com with ESMTPSA id s19sm5739080qgd.27.2015.10.11.13.21.34 (version=TLSv1 cipher=RC4-SHA bits=128/128); Sun, 11 Oct 2015 13:21:34 -0700 (PDT)
From: Dave Garrett <davemgarrett@gmail.com>
To: tls@ietf.org, Yaron Sheffer <yaronf.ietf@gmail.com>
Date: Sun, 11 Oct 2015 16:21:32 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
References: <20151011193517.30413.36864.idtracker@ietfa.amsl.com> <561ABF32.20008@gmail.com>
In-Reply-To: <561ABF32.20008@gmail.com>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <201510111621.32854.davemgarrett@gmail.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/qAgXLgmQfiZkZYdFhGlCE2CnzSo>
Subject: Re: [TLS] Fwd: New Version Notification for draft-sheffer-tls-pinning-ticket-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 11 Oct 2015 20:21:38 -0000
https://tools.ietf.org/html/draft-sheffer-tls-pinning-ticket-00#section-3 Your notation is incorrect. Please read the section on vectors carefully, as it *is* confusing and the notation is not what is usually assumed. I'll cite the TLS 1.2 spec as it has not changed: https://tools.ietf.org/html/rfc5246#section-4.3 For "type name<n..m>;", the range [n,m] is always in _bytes_, not entry count. In particular, note the second example at the end of the vectors section: uint16 longer<0..800>; /* zero to 400 16-bit unsigned integers */ All 3 of your arrays of strings are listed with "<0..1>", which actually notates zero or one byte, not zero or one element. There is no way to explicitly state a range of allowed sizes by entry count with variable length entries, within this notation. Yes, this is not great and yes, this is often misunderstood. You'll have to mandate entry count with a "MUST" in the body of the text. No, it's probably not going to be changed any time soon, as that would contradict past specifications' notation. Maybe something like "type name<min_bytes..max_bytes>[min_count..max_count];" could work, but that's probably not worth the confusion of introducing a new and more complex notation. On the actual topic of the proposal, I haven't looked into it in detail yet, but I am glad to see pinning being worked on at the TLS level. Dave On Sunday, October 11, 2015 03:57:38 pm Yaron Sheffer wrote: > We have a standard for certificate pinning (RFC 7469), but it is rather > hard to use and as a result is rarely deployed. This draft proposes a > lightweight alternative that allows TLS clients to authenticate the > server they're connecting to, even if a rogue CA can generate fake > certificates for that server. > > The draft is currently TLS 1.3-only, and is based on the previous draft > of 1.3 so some minor details may have changed. > > Comments are of course most welcome. > > Thanks, > Yaron > > > -------- Forwarded Message -------- > Subject: New Version Notification for > draft-sheffer-tls-pinning-ticket-00.txt > Date: Sun, 11 Oct 2015 12:35:17 -0700 > From: internet-drafts@ietf.org > To: Yaron Sheffer <yaronf.ietf@gmail.com> > > > A new version of I-D, draft-sheffer-tls-pinning-ticket-00.txt > has been successfully submitted by Yaron Sheffer and posted to the > IETF repository. > > Name: draft-sheffer-tls-pinning-ticket > Revision: 00 > Title: TLS Server Identity Pinning with Tickets > Document date: 2015-10-11 > Group: Individual Submission > Pages: 14 > URL: > https://www.ietf.org/internet-drafts/draft-sheffer-tls-pinning-ticket-00.txt > Status: > https://datatracker.ietf.org/doc/draft-sheffer-tls-pinning-ticket/ > Htmlized: > https://tools.ietf.org/html/draft-sheffer-tls-pinning-ticket-00 > > > Abstract: > Fake public-key certificates are an ongoing problem for users of TLS. > Several solutions have been proposed, but none is currently in wide > use. This document proposes to extend TLS with opaque tickets, > similar to those being used for TLS session resumption, as a way to > pin the server's identity. That is, to ensure the client that it is > connecting to the right server even in the presence of corrupt > certificate authorities and fake certificates. The main advantage of > this solution is that no manual management actions are required. > > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [TLS] Fwd: New Version Notification for draft-she… Yaron Sheffer
- Re: [TLS] Fwd: New Version Notification for draft… Dave Garrett
- Re: [TLS] Fwd: New Version Notification for draft… Daniel Kahn Gillmor
- Re: [TLS] Fwd: New Version Notification for draft… Yaron Sheffer
- Re: [TLS] Fwd: New Version Notification for draft… Yaron Sheffer
- Re: [TLS] Fwd: New Version Notification for draft… Daniel Kahn Gillmor