IETF Logo Mail Archive

Re: [TLS] New Version Notification for draft-kampanakis-tls-scas-latest-00.txt (ICA Supression)

Ilari Liusvaara <ilariliusvaara@welho.com> Mon, 14 February 2022 07:42 UTC

Return-Path: <ilariliusvaara@welho.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95F393A0846 for <tls@ietfa.amsl.com>; Sun, 13 Feb 2022 23:42:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m6o2dUfOsVyq for <tls@ietfa.amsl.com>; Sun, 13 Feb 2022 23:42:37 -0800 (PST)
Received: from welho-filter4.welho.com (welho-filter4b.welho.com [83.102.41.30]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CB73F3A07A7 for <tls@ietf.org>; Sun, 13 Feb 2022 23:42:36 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by welho-filter4.welho.com (Postfix) with ESMTP id 25D0B63117 for <tls@ietf.org>; Mon, 14 Feb 2022 09:42:34 +0200 (EET)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp2.welho.com ([IPv6:::ffff:83.102.41.85]) by localhost (welho-filter4.welho.com [::ffff:83.102.41.26]) (amavisd-new, port 10024) with ESMTP id XcdOM8YbIF1M for <tls@ietf.org>; Mon, 14 Feb 2022 09:42:32 +0200 (EET)
Received: from LK-Perkele-VII2 (87-92-216-160.rev.dnainternet.fi [87.92.216.160]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by welho-smtp2.welho.com (Postfix) with ESMTPSA id E12A772 for <tls@ietf.org>; Mon, 14 Feb 2022 09:42:31 +0200 (EET)
Date: Mon, 14 Feb 2022 09:42:31 +0200
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: "tls@ietf.org" <tls@ietf.org>
Message-ID: <YgoH5/zQS67JgexL@LK-Perkele-VII2.locald>
References: <83f923185c3741ccb668826f5b11b0c3@EX13D01ANC003.ant.amazon.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <83f923185c3741ccb668826f5b11b0c3@EX13D01ANC003.ant.amazon.com>
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/uOfm33V-DSBvYGx4EhwzQfRif44>
Subject: Re: [TLS] New Version Notification for draft-kampanakis-tls-scas-latest-00.txt (ICA Supression)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Feb 2022 07:42:42 -0000

On Mon, Feb 14, 2022 at 03:33:05AM +0000, Kampanakis, Panos wrote:
> Hi TLS WG,
> 
> This draft draft-kampanakis-tls-scas-latest is attempting to resurrect
> Martin’s original draft-thomson-tls-sic. It proposes using two new TLS
> 1.3 flags (draft-ietf-tls-tlsflags ) to signal to the TLS server or
> client to not send its Intermediate CA (ICA) certificates. 
> 
> Feedback and discussion are welcome. 
> 
> -----Original Message-----
> From: internet-drafts@ietf.org <internet-drafts@ietf.org> 
> Sent: Sunday, February 13, 2022 2:34 PM
> To: Bas Westerbaan <bas@cloudflare.com>; Bytheway, Cameron <bythewc@amazon.com>; Martin Thomson <mt@lowentropy.net>; Kampanakis, Panos <kpanos@amazon.com>
> Subject: [EXTERNAL] New Version Notification for draft-kampanakis-tls-scas-latest-00.txt
> 
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.
> 
> 
> 
> A new version of I-D, draft-kampanakis-tls-scas-latest-00.txt
> has been successfully submitted by Panos Kampanakis and posted to the IETF repository.
> 
> Name:           draft-kampanakis-tls-scas-latest
> Revision:       00
> Title:          Suppressing CA Certificates in TLS 1.3
> Document date:  2022-02-13
> Group:          Individual Submission
> Pages:          10
> URL:            https://www.ietf.org/archive/id/draft-kampanakis-tls-scas-latest-00.txt
> Status:         https://datatracker.ietf.org/doc/draft-kampanakis-tls-scas-latest/
> Htmlized:       https://datatracker.ietf.org/doc/html/draft-kampanakis-tls-scas-latest
> 

Some quick comments:

1) There are a few "shall" in the text. Should those be "SHALL"?

2) Section 3.2:

"To prevent a failed TLS connection, a client could chose to not send
its intermediates regardless of the flag from the server, if it has a
reason to believe the issuing CAs do not exist in the server ICA
list." 

... Shouldn't the client send its intermediates if it thinks the server
does not have them.

3) Why there are two flags? I do not see a case where both would be
sent in the same message.

4) In WebPKI, there are some cornercases (constrained ICAs) where the
client might be missing a certificate or certificates in the chain.
Currently the WebPKI root program rules allow not disclosing
"technically constrained" certificates (but there are plans to change
this).

5) In the client auth scenario, the server might have exhaustive
list of all issuing ICAs it accepts, so including any ICAs is never
necressary. However, this might be handled even currently by not
giving the client a chain. However, doing this in other direction
can be quite dangerous without prior agreement.



-Ilari

v2.23.0 | Report a Bug | By Email