IETF Logo Mail Archive

Re: [TLS] TLS 1.3 certificate delegation?

Andy Lutomirski <luto@amacapital.net> Fri, 08 November 2013 23:04 UTC

Return-Path: <luto@amacapital.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C76821E8082 for <tls@ietfa.amsl.com>; Fri, 8 Nov 2013 15:04:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.851
X-Spam-Level:
X-Spam-Status: No, score=-2.851 tagged_above=-999 required=5 tests=[AWL=0.126, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gMh2B4sKqsYh for <tls@ietfa.amsl.com>; Fri, 8 Nov 2013 15:04:37 -0800 (PST)
Received: from mail-ve0-f169.google.com (mail-ve0-f169.google.com [209.85.128.169]) by ietfa.amsl.com (Postfix) with ESMTP id A5D1321E805F for <tls@ietf.org>; Fri, 8 Nov 2013 15:04:37 -0800 (PST)
Received: by mail-ve0-f169.google.com with SMTP id jy13so1946660veb.14 for <tls@ietf.org>; Fri, 08 Nov 2013 15:04:37 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=di0xovGQ+bs7bU/2HpwjSMVmdijfQQNwUeMDs4YaOtM=; b=OzHVwPxVILHX5JJjP3M2VRcyTnvZ3qXaMFXslyQwIlosx18SHBTVvzDCppAGcr2od2 c09E06SU0NIHgzsZqu9nWV/Fm6GLWx+JjS9gW99/y47HlR7ISlQ72RXp9sxgv11aQlET VdendnsI361usKPpVW+xo5d9tLS1+RGsEai2xn3QJnxOKBBCfCE/zS+t79FVY+JWfnNL 7xwAjUR8dSs1FOnh5BIlpVFlPCeJ6kd+ZYxg8Ji8RbxnqC01ed2O5yUZ86elDwDTHHHa Ps5vqR+Mkhl/v6uQECzFO0DoCBF4J9NjrQblS1TTJ53cwxbg4mim0EsLrOgLWTjQ6vbY OzSQ==
X-Gm-Message-State: ALoCoQkFqx8Uig8s6Dixz9MzksSvmrs0NMNxfOd24HoUPezyHrJuWoAr2aTYaNUesUaXg+0vEaB3
X-Received: by 10.220.244.132 with SMTP id lq4mr267982vcb.31.1383951877102; Fri, 08 Nov 2013 15:04:37 -0800 (PST)
MIME-Version: 1.0
Received: by 10.58.8.18 with HTTP; Fri, 8 Nov 2013 15:04:17 -0800 (PST)
In-Reply-To: <527D6858.5040007@comodo.com>
References: <527CF707.2070000@secunet.com> <r422Ps-1075i-7D1B8241D4174A8BAEFBF63DCD3FADA9@Williams-MacBook-Pro.local> <2A0EFB9C05D0164E98F19BB0AF3708C711DA7CF541@USMBX1.msg.corp.akamai.com> <CALCETrUBc+2urjCEGvpXQczu920X7knzYUW+dGd6vTAU1MQaGg@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C711DA7CF57F@USMBX1.msg.corp.akamai.com> <527D1790.8010108@secunet.com> <CALCETrUHO6pWjhMMk4N0UxcAfKhOXKYNod8bUHbd5Rk75czBZQ@mail.gmail.com> <527D6858.5040007@comodo.com>
From: Andy Lutomirski <luto@amacapital.net>
Date: Fri, 08 Nov 2013 15:04:17 -0800
Message-ID: <CALCETrW-0-xSDdODSe0qNk8TJE=nbJxKPMiUaWLuJ-FidOcAuw@mail.gmail.com>
To: Rob Stradling <rob.stradling@comodo.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] TLS 1.3 certificate delegation?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Nov 2013 23:04:44 -0000

On Fri, Nov 8, 2013 at 2:40 PM, Rob Stradling <rob.stradling@comodo.com> wrote:
> On 08/11/13 17:43, Andy Lutomirski wrote:
> <snip>
>
>> The problem AIUI with X.509 constraints in general is that they only
>> apply to the next certificate down the chain,
>
>
> Disagree.  I'd say the reverse is true.
>
> The Basic Constraints pathLenConstraint field (RFC5280 4.2.1.9)...
>   "...gives the maximum number of non-self-issued intermediate
>    certificates that may follow this certificate in a valid
>    certification path."
>
> The Name Constraints extension (RFC5280 4.2.1.10)...
>  "...indicates a name space within which all subject names in
>   subsequent certificates in a certification path MUST be located."
>
>
>> which means that there's
>> plenty of room to get the spec wrong and make it useless [1].
>
>
> OpenSSL 0.9.8 doesn't process Name Constraints, but OpenSSL 1.0.0+ does.  So
> upgrade.  :-)
>
>
>> If TLS 1.3 adds a new mechanism here,
>
>
> ...then implementers might "get the spec wrong and make it useless"?

If it's widely used (possibly even by default in some implementation)
to use short-term fixed DH parameters a la QUIC, then implementations
won't have the opportunity to screw it up.

--Andy

v2.23.0 | Report a Bug | By Email