Re: [TLS] Certificate URL extension in draft-ietf-tls-rfc4366-bis-02

To: "Mike" <mike-list at pobox.com>, <tls at ietf.org>
Subject: Re: [TLS] Certificate URL extension in draft-ietf-tls-rfc4366-bis-02
From: "Joseph Salowey (jsalowey)" <jsalowey at cisco.com>
Date: Thu, 24 Jul 2008 21:56:31 -0700
Authentication-results: sj-dkim-4; header.From=jsalowey at cisco.com; dkim=pass ( sig from cisco.com/sjdkim4002 verified; );
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; l=2564; t=1216961759; x=1217825759; c=relaxed/simple; s=sjdkim4002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=jsalowey at cisco.com; z=From:=20=22Joseph=20Salowey=20(jsalowey)=22=20<jsalowey at ci sco.com> |Subject:=20RE=3A=20[TLS]=20Certificate=20URL=20extension=2 0in=20draft-ietf-tls-rfc4366-bis-02 |Sender:=20; bh=uGCWFugDh9p8dLGtikCignFk7eGM8DRVlbmBiGtGCWA=; b=Ma+57IB+Uz2yKh7+7BM7XC9ioHnqBs45bI+jRxksz8efJHe7HaFvp5MxNy Ng/KxmCcJQPhoQ1/zjQVJRw9AI8B5uepj338uAP0JxfQCJsOiVi+oD/TFwpQ od6xkJsC8G;
In-reply-to: <4888B788.7040702@pobox.com>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <AC1CFD94F59A264488DC2BEC3E890DE506384C05@xmb-sjc-225.amer.cisco.com> <4888B788.7040702@pobox.com>
Sender: tls-bounces at ietf.org
Thread-index: AcjtsI4/YbeIA/m9QJuAu7Ytf2HwcgAYd8QQ
Thread-topic: [TLS] Certificate URL extension in draft-ietf-tls-rfc4366-bis-02

 

> -----Original Message-----
> From: tls-bounces at ietf.org [mailto:tls-bounces at ietf.org] On 
> Behalf Of Mike
> Sent: Thursday, July 24, 2008 10:11 AM
> To: tls at ietf.org
> Cc: draft-ietf-tls-rfc4366-bis at tools.ietf.org
> Subject: Re: [TLS] Certificate URL extension in 
> draft-ietf-tls-rfc4366-bis-02
> 
> > The issue is whether to make the hash mandatory in the client 
> > certificate URL extension.  Without the hash it presents some 
> > vulnerabilities in that the certificate can be replaced.  With the 
> > hash it will cause difficulty for clients that are issued a new 
> > certificate that is populated in the repository before they have a 
> > chance to retrieve it.  It seems that on the list there was 
> some very 
> > rough consensus to make the hash mandatory.
> > 
> > In order to resolve this issue I propose that we make the hash 
> > mandatory for this extension.  If this causes an 
> operational problem 
> > in some environments then a new extension can be defined 
> that has an 
> > optional or no hash.
> 
> It doesn't sit well with me that you have URLAndOptionalHash, 
> and then say that the hash is not optional.  Plus it's been 
> optional for more than two years, so changing it now is not 
> backward compatible.
> 
> Another observation is that if a client determines the 
> certificate hash by fetching the certificate and calculating 
> the hash of what it receives, you have not solved the 
> substitution problem -- in fact that makes it worse since the 
> server will be more confident in the certificate than if no 
> hash was sent -- the client needs to be configured with the 
> hash.  (This means that this extension does not lessen 
> configurability requirements; it only allows a client to save 
> a little bit on memory.)
> 
> In addition, it seems you don't want to be stuck with SHA-1 
> anyway, so perhaps it would be best to deprecate the current 
> CertificateURL and create a new extension with hash agility added:
> 
>      struct {
>          opaque        url<1..2^16-1>;
>          HashAlgorithm algorithm;
>          opaque        hash<1..2^8-1>;
>      } URLAndHash;
> 
[Joe] Issue 46 (http://trac.tools.ietf.org/wg/tls/trac/ticket/46)
suggests a mechanism for hash agility that provides some degree of
backward compatibility. 

> Mike
> _______________________________________________
> TLS mailing list
> TLS at ietf.org
> https://www.ietf.org/mailman/listinfo/tls
> 
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

References:
- [TLS] Certificate URL extension in draft-ietf-tls-rfc4366-bis-02
  - From: Joseph Salowey (jsalowey)
- Re: [TLS] Certificate URL extension in draft-ietf-tls-rfc4366-bis-02
  - From: Mike

Prev by Date: [TLS] Alignment of the TLS/DTLS header
Next by Date: Re: [TLS] Alignment of the TLS/DTLS header
Previous by thread: Re: [TLS] Certificate URL extension in draft-ietf-tls-rfc4366-bis-02
Next by thread: Re: [TLS] Certificate URL extension in draft-ietf-tls-rfc4366-bis-02
Index(es):
- Date
- Thread

Re: [TLS] Certificate URL extension in draft-ietf-tls-rfc4366-bis-02

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.