Re: [TLS] I-D Action: draft-ietf-tls-snip-01.txt
Martin Thomson <mt@lowentropy.net> Wed, 23 February 2022 00:45 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B4433A0B88 for <tls@ietfa.amsl.com>; Tue, 22 Feb 2022 16:45:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.1
X-Spam-Level:
X-Spam-Status: No, score=-7.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=HOMBljMu; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=Gd83kpfg
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0186nLmEHfjX for <tls@ietfa.amsl.com>; Tue, 22 Feb 2022 16:45:43 -0800 (PST)
Received: from wout3-smtp.messagingengine.com (wout3-smtp.messagingengine.com [64.147.123.19]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7D8B3A0B7F for <tls@ietf.org>; Tue, 22 Feb 2022 16:45:43 -0800 (PST)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id CE4FA3201EA6; Tue, 22 Feb 2022 19:45:42 -0500 (EST)
Received: from imap41 ([10.202.2.91]) by compute2.internal (MEProxy); Tue, 22 Feb 2022 19:45:43 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=cc:cc:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm1; bh=jkmjmrCWLjNErLARDvXFN1v9k9iVVY IJR+tGJgSDhjo=; b=HOMBljMuBRIMa9AjNMULwQHcoYYC+njR4roUjFdbREOorn UK0PADEUNtv0jRA0PAc2GShRcswlxEnki5IKhJdwjQyuWRckaHxqUjd+hmW/TUAi zto5lfulbi66axFllgK6YJPORstIBzXQ5uqPOdWLJC3xeXc7NST1+MYIrdvs/Jve PoQMxO2rpzs81p5rozpHjR8v9XqXQvDoqo/CPJBu7ocTEIbjI8qm5M2hFUdhcJTX CLvd5Z1npPj3+GvO+0LlEaMZlxOZIrSP3v+ks97bFnr8rxMlPMkhX2w9hKtNJs/9 j8S6cGhpv5g/Z6e+4NP/dBPdyrr4izHKi1yKsnQw==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=jkmjmrCWLjNErLARD vXFN1v9k9iVVYIJR+tGJgSDhjo=; b=Gd83kpfg5tSdknyABuR+MITU9zllsF41v ohBsoYIA0GZRRCoGpn7R2KPwmxkOEGNR3jDJubxc/iTJ3iSeDPwYS4zqnFPr+Ep7 f7GF6NzOSEKorn1r3dO6IsMY2KGhrOozrPlBQPJGZRc6sfTSkUqaWmPvDfIf/suC Ll3CBcEOeM202uz6lURbfArHp3YgHpQpmF84Lmc1npD30yKxVSP/Q7kUSee65oMr IZuZ5AHE8Qgc9vj79Q0FZtVvpZmD0AFTBFaweiYq20H2Oe1NnF5g9euD14FkzRQe /jtuY/zPtK89iSOuUGxcoK9uyRvw7k3Rw8ywjBlQgoQlLkBcWhvOQ==
X-ME-Sender: <xms:toMVYrp1oicItB2pwvDgizZHLyB8qj_FuCA6zdU3yoOXZAK5bFBdEA> <xme:toMVYlpYX_HhccAJxv2ZswI127t7PuM8vGRRVcqUhySjBqoPFKSy6jPWSdhstTfx1 nl713hXalR2A5uGrY8>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvvddrkeelgddvgecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenuc fjughrpefofgggkfgjfhffhffvufgtsehttdertderredtnecuhfhrohhmpedfofgrrhht ihhnucfvhhhomhhsohhnfdcuoehmtheslhhofigvnhhtrhhophihrdhnvghtqeenucggtf frrghtthgvrhhnpedtgefhkeegfffhteefjeekveefteehheelgeehheevleefteefieek fefgjedvgeenucffohhmrghinhepghhithhhuhgsrdgtohhmnecuvehluhhsthgvrhfuih iivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepmhhtsehlohifvghnthhrohhphidr nhgvth
X-ME-Proxy: <xmx:toMVYoPSUeUhJyCPCpZCwBH6FUWO0O76dU5RiH_TfAN7YygbFBiEjg> <xmx:toMVYu6_nxZExCDNuUvfnmxfDyXo5sECx51uqCR5Uu9-nsTXOlEmRA> <xmx:toMVYq5QILhNje9jtidBqbFZ6FccCg6EpvcQJwFJP7Yghc4WxYXAeQ> <xmx:toMVYvich1MlJLFK5ArhWCiG287tHoxibZVlU7FrA8tmQ_Ka67KCmA>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 3589C3C0146; Tue, 22 Feb 2022 19:45:42 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.5.0-alpha0-4778-g14fba9972e-fm-20220217.001-g14fba997
Mime-Version: 1.0
Message-Id: <a0fbada4-e898-40a0-9f32-7f09ff34ea57@beta.fastmail.com>
In-Reply-To: <CAHbrMsAYG0iNAcEk7L0zJmcpbghBRisZKhA6bNcvu_xgfs8dOQ@mail.gmail.com>
References: <164498945328.29432.3195675407975344546@ietfa.amsl.com> <3032eda1-a666-4c02-93df-7e311f5dc8e7@beta.fastmail.com> <CAHbrMsDKz7r+vP9vEiORrPGXnnjkUWZxSefOZzqDLZqwbLmBSA@mail.gmail.com> <CAF8qwaAKihmgWp7arVxd0CkE+nUD5h=-vqdQrOZVqakyGgtWcQ@mail.gmail.com> <CAHbrMsAYG0iNAcEk7L0zJmcpbghBRisZKhA6bNcvu_xgfs8dOQ@mail.gmail.com>
Date: Wed, 23 Feb 2022 11:45:22 +1100
From: Martin Thomson <mt@lowentropy.net>
To: Ben Schwartz <bemasc@google.com>, David Benjamin <davidben@chromium.org>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/yhhJofhP1WYLXdIwNqj4zl5uqm8>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-snip-01.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Feb 2022 00:45:49 -0000
On Wed, Feb 23, 2022, at 09:31, Ben Schwartz wrote: > In TLS, I think "MUST" means "recipients should validate this if > possible and fail the handshake if there is a mismatch". Consider a > client implementation. Upon receipt of a SNIP response, is it supposed > to cross-check the SNIP answer vs. the ALPN offer, and fail if there is > intersection? This seems needlessly complicated. So this "MUST/SHOULD omit compatible protocols" is really only there to do as David suggests: reduce variation. I don't think that we need it for correctness. I'm inclined to loosen this to a SHOULD. It's a little awkward in the sense that clients and servers might disagree about what protocols are compatible. That is - for QUIC at least - we allow for compatibility to be defined separately from the protocol, which means that some implementations might believe that a protocol is compatible when it is not. This leads to clients including things in ALPN that the server might also include in SNIP. https://github.com/tlswg/snip/pull/9 Ben's point about ALPN is well-taken though. This very much does assume that ALPN is in use. Indeed, it makes very little sense without it. So I'm going to suggest that we mandate it directly: https://github.com/tlswg/snip/pull/8 As for the appendix, I wonder if it is better left out entirely. I almost cut it last time, and this discussion makes me think that might be the easiest way out. There are some philosophical differences here that we should probably continue to discuss, but we don't need to resolve them if we agree about the conclusion (which is to do this validation in TLS and not rely on DNSSEC). https://github.com/tlswg/snip/pull/10
- [TLS] I-D Action: draft-ietf-tls-snip-01.txt internet-drafts
- Re: [TLS] I-D Action: draft-ietf-tls-snip-01.txt Martin Thomson
- Re: [TLS] I-D Action: draft-ietf-tls-snip-01.txt Ben Schwartz
- Re: [TLS] I-D Action: draft-ietf-tls-snip-01.txt David Benjamin
- Re: [TLS] I-D Action: draft-ietf-tls-snip-01.txt Ben Schwartz
- Re: [TLS] I-D Action: draft-ietf-tls-snip-01.txt Martin Thomson