Re: [TLS] Call for Consensus on removal of renegotiation
Brian Hamon <B.Hamon@F5.com> Fri, 27 June 2014 17:09 UTC
Return-Path: <B.Hamon@f5.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 821C91B27A0 for <tls@ietfa.amsl.com>; Fri, 27 Jun 2014 10:09:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.552
X-Spam-Level:
X-Spam-Status: No, score=-7.552 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8i4c9IrtgO8N for <tls@ietfa.amsl.com>; Fri, 27 Jun 2014 10:09:36 -0700 (PDT)
Received: from mail.f5.com (mail.f5.com [208.85.209.139]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5A4281B288D for <tls@ietf.org>; Fri, 27 Jun 2014 10:09:36 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.97,830,1389744000"; d="scan'208";a="119849203"
X-IPAS-Result: AqcEADD7RVPAqArr/2dsb2JhbABZhBiDDsEFGYEedIIlAQEBAQIBHQYRRQULAgEIDgMEAQEBAgIGDg8DAgICHxEUAQgIAgQBDQUIFodKAwmpHZtyDYcJF4EpiyqBaAYrBwQCEoJXNYEUBJRxgX+OYYh/gis
Received: from oracle-apps.f5net.com (HELO exchmail.f5net.com) ([192.168.10.235]) by seamgw02.olympus.f5net.com with ESMTP; 27 Jun 2014 17:09:36 +0000
Received: from SEAEMBX02.olympus.F5Net.com ([fe80::a5e3:d11c:e46a:e7c7]) by SEAECAS01.olympus.F5Net.com ([::1]) with mapi id 14.03.0181.006; Fri, 27 Jun 2014 10:09:35 -0700
From: Brian Hamon <B.Hamon@F5.com>
To: Eric Rescorla <ekr@rtfm.com>, Martin Thomson <martin.thomson@gmail.com>
Thread-Topic: [TLS] Call for Consensus on removal of renegotiation
Thread-Index: AQHPkKQi2ibdHwQZAU+UoLazXGbTxJuCn8+AgAAVNgCAATV4AP//97oQgAB9MwD//4sSAIABNxcggAB7a4CAAADNgP//i1ww
Date: Fri, 27 Jun 2014 17:09:34 +0000
Message-ID: <CE5218A410D7774BA10C7A54F8BB4D305EBED3@SEAEMBX02.olympus.F5Net.com>
References: <B7430912-46B8-49DD-85EC-00FC5BC3B8D3@cisco.com> <20140626143044.F3B0C1AD68@ld9781.wdf.sap.corp> <CE5218A410D7774BA10C7A54F8BB4D305EBAC9@SEAEMBX02.olympus.F5Net.com> <CABkgnnVBsAJ3+KaR87WgUO0oQ=mYrnA7r4+qSOdcrmkM3ne7iw@mail.gmail.com> <CE5218A410D7774BA10C7A54F8BB4D305EBAEB@SEAEMBX02.olympus.F5Net.com> <CE5218A410D7774BA10C7A54F8BB4D305EBE3E@SEAEMBX02.olympus.F5Net.com> <CABkgnnU_NnrCErf6Hn3HOWD-h1jL7i2QGpsAC7w-4r33LSacyQ@mail.gmail.com> <CABcZeBNdTp10TLF6Z6YxqdNvE0vFCNQ9xZHZJf2cMkEdo1cLug@mail.gmail.com>
In-Reply-To: <CABcZeBNdTp10TLF6Z6YxqdNvE0vFCNQ9xZHZJf2cMkEdo1cLug@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [192.168.15.167]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/qzdcs7QMvpur_yzJzrorlVX6ZeI
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Call for Consensus on removal of renegotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Jun 2014 17:09:38 -0000
From: Eric Rescorla [mailto:ekr@rtfm.com] Sent: Friday, June 27, 2014 9:29 AM To: Martin Thomson Cc: Brian Hamon; <tls@ietf.org> Subject: Re: [TLS] Call for Consensus on removal of renegotiation On Fri, Jun 27, 2014 at 9:29 AM, Eric Rescorla <ekr@rtfm.com> wrote: >On Fri, Jun 27, 2014 at 9:25 AM, Martin Thomson <martin.thomson@gmail.com> wrote: >>On 27 June 2014 09:10, Brian Hamon <B.Hamon@f5.com> wrote: >>> Unless someone makes a case otherwise, I think that the answer to my question is that client authentication (assuming Martin's proposal is accepted) is either required from initial ServerHello or unavailable? >> There are other options: >> 1. TLS 1.3 could allow clients to authenticate unilaterally (i.e., not require the CertificateRequest message to be sent before sending a client cert, or mandating that servers provide a CertificateRequest always). >> 2. Authentication might be provided with a separate type of control message. This has been discussed. >> And any combination of the above, depending on what we think best fits the complexity/functionality trade-off. >> Personally, I like the idea of doing option 1 here. With confidentiality protection for handshake messages, it could make client authentication considerably more accessible than it was in previous TLS versions. Interesting and elegant proposal... Assuming we don't create headaches for implementers or opportunities for DoS, I would favor this also. >>> [...] perhaps this committee should eliminate client authentication completely from TLS. >> I haven't seen much interest in doing that. My proposal still relies on TLS providing a binding to client credentials. > I would oppose that. There are plenty of situations where mutual authentication is needed in TLS. I engaged in reductio ad absurdum there, because without either of these additional mechanisms, client authentication is impossible (in some very specific use cases over which apparently I uniquely obsess). We must have server authentication at the transport layer, in order to securely negotiate the master secret. TLS strives for symmetry, allowing the same implementation to be used in clients and servers. Therefore client authentication must be in TLS, even though authentication in the transport layer is a violation of the OSI model. Anything that moves the Internet away from password-based authentication is a win. Making "client authentication considerably more accessible than it was in previous TLS versions" should be a high priority goal for TLSv1.3.
- [TLS] Call for Consensus on removal of renegotiat… Joseph Salowey (jsalowey)
- Re: [TLS] Call for Consensus on removal of renego… Daniel Kahn Gillmor
- Re: [TLS] Call for Consensus on removal of renego… Joseph Salowey (jsalowey)
- Re: [TLS] Call for Consensus on removal of renego… Martin Thomson
- Re: [TLS] Call for Consensus on removal of renego… Colm MacCárthaigh
- Re: [TLS] Call for Consensus on removal of renego… Russ Housley
- Re: [TLS] Call for Consensus on removal of renego… Yoav Nir
- Re: [TLS] Call for Consensus on removal of renego… Salz, Rich
- Re: [TLS] Call for Consensus on removal of renego… Yoav Nir
- Re: [TLS] Call for Consensus on removal of renego… Salz, Rich
- Re: [TLS] Call for Consensus on removal of renego… Yoav Nir
- Re: [TLS] Call for Consensus on removal of renego… Salz, Rich
- Re: [TLS] Call for Consensus on removal of renego… Martin Thomson
- Re: [TLS] Call for Consensus on removal of renego… Colm MacCárthaigh
- Re: [TLS] Call for Consensus on removal of renego… Yoav Nir
- Re: [TLS] Call for Consensus on removal of renego… Colm MacCárthaigh
- Re: [TLS] Call for Consensus on removal of renego… Salz, Rich
- Re: [TLS] Call for Consensus on removal of renego… Martin Thomson
- Re: [TLS] Call for Consensus on removal of renego… Nikos Mavrogiannopoulos
- Re: [TLS] Call for Consensus on removal of renego… Hubert Kario
- Re: [TLS] Call for Consensus on removal of renego… Martin Rex
- Re: [TLS] Call for Consensus on removal of renego… Martin Rex
- Re: [TLS] Call for Consensus on removal of renego… Watson Ladd
- Re: [TLS] Call for Consensus on removal of renego… Watson Ladd
- Re: [TLS] Call for Consensus on removal of renego… Yoav Nir
- Re: [TLS] Call for Consensus on removal of renego… Yoav Nir
- Re: [TLS] Call for Consensus on removal of renego… Nikos Mavrogiannopoulos
- Re: [TLS] Call for Consensus on removal of renego… Eric Rescorla
- Re: [TLS] Call for Consensus on removal of renego… Brian Hamon
- Re: [TLS] Call for Consensus on removal of renego… Martin Thomson
- Re: [TLS] Call for Consensus on removal of renego… Brian Hamon
- Re: [TLS] Call for Consensus on removal of renego… Tapio Sokura
- Re: [TLS] Call for Consensus on removal of renego… Watson Ladd
- Re: [TLS] Call for Consensus on removal of renego… Peter Gutmann
- Re: [TLS] Call for Consensus on removal of renego… Yoav Nir
- Re: [TLS] Call for Consensus on removal of renego… James Cloos
- Re: [TLS] Call for Consensus on removal of renego… Brian Hamon
- Re: [TLS] Call for Consensus on removal of renego… Martin Thomson
- Re: [TLS] Call for Consensus on removal of renego… Eric Rescorla
- Re: [TLS] Call for Consensus on removal of renego… Martin Thomson
- Re: [TLS] Call for Consensus on removal of renego… Brian Smith
- Re: [TLS] Call for Consensus on removal of renego… Brian Hamon
- Re: [TLS] Call for Consensus on removal of renego… Martin Thomson
- Re: [TLS] Call for Consensus on removal of renego… Andy Lutomirski
- Re: [TLS] Call for Consensus on removal of renego… Peter Gutmann
- Re: [TLS] Call for Consensus on removal of renego… Martin Rex
- Re: [TLS] Call for Consensus on removal of renego… Watson Ladd
- Re: [TLS] Call for Consensus on removal of renego… Peter Gutmann
- Re: [TLS] Call for Consensus on removal of renego… Steve Checkoway
- Re: [TLS] Call for Consensus on removal of renego… Alyssa Rowan
- Re: [TLS] Call for Consensus on removal of renego… henry.story@bblfish.net