IETF Logo Mail Archive

Re: [TLS] Consensus Call on draft-ietf-tls-dnssec-chain-extension

Nico Williams <nico@cryptonector.com> Fri, 13 April 2018 20:31 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4508C129515 for <tls@ietfa.amsl.com>; Fri, 13 Apr 2018 13:31:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cryptonector.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kAY9sLpwZKlQ for <tls@ietfa.amsl.com>; Fri, 13 Apr 2018 13:31:45 -0700 (PDT)
Received: from homiemail-a55.g.dreamhost.com (sub4.mail.dreamhost.com [69.163.253.135]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D3877127978 for <tls@ietf.org>; Fri, 13 Apr 2018 13:31:45 -0700 (PDT)
Received: from homiemail-a55.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a55.g.dreamhost.com (Postfix) with ESMTP id 01DE768004116; Fri, 13 Apr 2018 13:31:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=cryptonector.com; bh=ZIBV96wrMrzByK 2P/BTbFE4ujOI=; b=rNAuc84nSWLRlzuKnZmMYsgqeXtRWLL59sEREC+iWnMTdz 7CocbXhlw/UX7IiEQb1lKfWXz88QhTGgAVEzU3j7BBDR2xw8q14j3wd8gg5WHALd 2p18M3hB6vNBIo9LU3NJya9H/IGQKV9Qp4j9GXFo2HvJ6jXIg+H/VAR0enudE=
Received: from localhost (unknown [8.2.105.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a55.g.dreamhost.com (Postfix) with ESMTPSA id 92C7C68004115; Fri, 13 Apr 2018 13:31:44 -0700 (PDT)
Date: Fri, 13 Apr 2018 15:30:07 -0500
From: Nico Williams <nico@cryptonector.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: TLS WG <tls@ietf.org>
Message-ID: <20180413202936.GX25259@localhost>
References: <alpine.LRH.2.21.1804120438460.24369@bofh.nohats.ca> <CAL02cgSuTOaT_NwnpXaa8DPhNJhzqZwepRL+J29BzcBfCTDtHw@mail.gmail.com> <CAHbuEH78KNyk8fnHThRkCERKPjZzYppi1uhkDx6kL_t448q0_g@mail.gmail.com> <20180412175441.GD20782@akamai.com> <6db83a59-1f0f-f552-0d48-6e2a8d43f602@nomountain.net> <CABkgnnUwOjkY1_KejV-YOw3YRqjFfzaYurEY1OpZ8phQVhcWLg@mail.gmail.com> <114FE78D-F340-4752-BEF0-459FE1548A80@dukhovni.org> <aa7ca33a-4acd-c770-a43c-df7a1f66c782@nlnetlabs.nl> <E3918F11-9AD7-4C06-9173-5175ECACD16B@dukhovni.org> <CABcZeBP6-7_NNmC+7iVnNXbQw7p3jJH4eC1-EjY4C4CwdWWNcg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CABcZeBP6-7_NNmC+7iVnNXbQw7p3jJH4eC1-EjY4C4CwdWWNcg@mail.gmail.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/qXE6VAv0-K2RL7j5pKhDtKS1rDg>
Subject: Re: [TLS] Consensus Call on draft-ietf-tls-dnssec-chain-extension
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Apr 2018 20:31:47 -0000

On Thu, Apr 12, 2018 at 04:10:27PM -0700, Eric Rescorla wrote:
> On Thu, Apr 12, 2018 at 4:06 PM, Viktor Dukhovni <ietf-dane@dukhovni.org>
> wrote:
> > Proposed text:
> >
> >    When the server has DNSSEC-signed TLSA records, the first RRset in
> >    the chain MUST contain the TLSA record set being presented.
> >    However, ...
> >
> >    When the server either has no TLSA records, or its domain is not
> >    DNSSEC-signed, it is RECOMMENDED that the server return a denial
> >    of existence of either the TLSA records, or proof of insecure
> >    delegation at some parent domain, rather than omit the extension.
> >    Clients that are willing to fall back from DANE to some alternative
> >    mechanism may require the denial of existence to make that possible.
> >
> 
> I believe that that this text would harm ineteroperability.
> 
> The difficulty here is what the server knows about the clients behavior.
> Specifically, if the server serves TLSA records and then ceases doing
> without serving authenticated denial of existence, then it is unable to
> determine if this would cause clients to fail because it doesn't know if
> the client implements the text in the final paragraph. One could argue
> that current clients could pin, but that's totally extratextual, as opposed
> t having a noninteroperable behavior in the document.

It's better to send the denial of existence than no extension -- the
client could just as well be pinning (because the I-D said it could, or
because the client does it regardless), and not having extension then
will cause failure.

Now, clients that don't do opportunistic pinning would have to... notice
the lack of TLSA RRs, but not necessarily bother validating the denial
of existence chain.  There's not even a need to say that the client
SHOULD (let alone MUST) validate the denial of existence chain.  It
suffices that the server SHOULD send it.

Nico
--

v2.23.0 | Report a Bug | By Email