[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] Next steps for Client Certificate URL

To: tls@xxxxxxxx
Subject: Re: [TLS] Next steps for Client Certificate URL
From: Nelson B Bolyard <nelson@xxxxxxxxxxx>
Date: Sat, 29 Mar 2008 08:21:58 -0700
Delivered-to: tls@xxxxxxxxxxxxxx
In-reply-to: <47EE16B8.3010900@xxxxxxxxxx>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Organization: Network Security Services
References: <1696498986EFEC4D9153717DA325CB7238EA05@xxxxxxxxxxxxxxxxxxxxxx> <47ED54D2.5040000@xxxxxxxxxxx> <47EE16B8.3010900@xxxxxxxxxx>
Sender: tls-bounces@xxxxxxxx
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; rv:1.9b5pre) Gecko/2008031700 NOT Firefox/2.0 SeaMonkey/2.0a1pre

Nikos Mavrogiannopoulos wrote, On 2008-03-29 03:15:
> Nelson B Bolyard wrote:
>> Pasi.Eronen@xxxxxxxxx wrote, On 2008-03-28 07:13:
>>
>>> Given this, would everyone be OK with updating the existing
>>> client_certificate_url extension so that including the hash is
>>> mandatory (client MUST send, server MUST NOT accept without hash)?
>>> This behavior would be independent of the negotiated TLS version.
>> I'm trying to understand the attack against which this hash is going
>> to protect, that is not already adequately protected without it.
>> Can someone outline that attack here?
> 
> Usually even if you do not have an attack at hand, it might be good to 
> prove that a modification to a security protocol makes it no less 
> secure. By adding the hash (and considering it ideal) it is not hard to 
> prove that the modified scheme is as strong as by sending the 
> certificate itself.

Given two protocols of equivalent security, the one with less overhead is
preferable in the marketplace.  If the best thing that can be said about
the addition of the hash is that it makes the protocol no less secure,
that is hardly a compelling reason to make it mandatory, as Pasi proposed.

In answer to Pasi's question, quoted above, I object to making purely
redundant processing required for client cert URLs in TLS.  It suffices
to be available. If a need for it arises, then it can be used.

_______________________________________________
TLS mailing list
TLS@xxxxxxxx
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] Next steps for Client Certificate URL
  - From: Nikos Mavrogiannopoulos

References:
- [TLS] Next steps for Client Certificate URL
  - From: Pasi.Eronen
- Re: [TLS] Next steps for Client Certificate URL
  - From: Nelson B Bolyard
- Re: [TLS] Next steps for Client Certificate URL
  - From: Nikos Mavrogiannopoulos

Prev by Date: Re: [TLS] Security today
Next by Date: Re: [TLS] Next steps for Client Certificate URL
Previous by thread: Re: [TLS] Next steps for Client Certificate URL
Next by thread: Re: [TLS] Next steps for Client Certificate URL
Index(es):
- Date
- Thread