Re: [TLS] Updating for non-X.509 certificate types

2017-03-10 Thread Eric Rescorla
From:* Eric Rescorla [mailto:e...@rtfm.com] > *Sent:* Friday, March 10, 2017 10:53 AM > *To:* Andrei Popov > *Cc:* Ilari Liusvaara ; tls@ietf.org > *Subject:* Re: [TLS] Updating for non-X.509 certificate types > > > > > > > > On Fri, Mar 10, 2017 at 10:04 AM, A

Re: [TLS] Updating for non-X.509 certificate types

2017-03-10 Thread Andrei Popov
@ietf.org Subject: Re: [TLS] Updating for non-X.509 certificate types On Fri, Mar 10, 2017 at 10:04 AM, Andrei Popov mailto:andrei.po...@microsoft.com>> wrote: > Does anyone use this? > I don't think anyone uses it. Au contraire: Windows TLS stack supports user_mapping and this m

Re: [TLS] Updating for non-X.509 certificate types

2017-03-10 Thread Eric Rescorla
On Fri, Mar 10, 2017 at 10:04 AM, Andrei Popov wrote: > Ø Does anyone use this? > > Ø I don't think anyone uses it. > > > > Au contraire: Windows TLS stack supports user_mapping and this mechanism > appears to be somewhat in use. However, I agree that this falls into the > category of extension

Re: [TLS] Updating for non-X.509 certificate types

2017-03-10 Thread Andrei Popov
1.3, when the client is willing to accept TLS<=1.2. Cheers, Andrei -Original Message- From: ilariliusva...@welho.com [mailto:ilariliusva...@welho.com] Sent: Friday, March 10, 2017 10:43 AM To: Andrei Popov Cc: Eric Rescorla ; tls@ietf.org Subject: Re: [TLS] Updating for non-X.

Re: [TLS] Updating for non-X.509 certificate types

2017-03-10 Thread Ilari Liusvaara
On Fri, Mar 10, 2017 at 06:04:54PM +, Andrei Popov wrote: > Ø Does anyone use this? > > Ø I don't think anyone uses it. > > Au contraire: Windows TLS stack supports user_mapping and this > mechanism appears to be somewhat in use. However, I agree that > this falls into the category of exten

Re: [TLS] Updating for non-X.509 certificate types

2017-03-10 Thread Andrei Popov
Ø Does anyone use this? Ø I don't think anyone uses it. Au contraire: Windows TLS stack supports user_mapping and this mechanism appears to be somewhat in use. However, I agree that this falls into the category of extensions that need to be either deprecated or redefined for TLS 1.3. Cheers

Re: [TLS] Updating for non-X.509 certificate types

2017-03-10 Thread Eric Rescorla
On Fri, Mar 10, 2017 at 9:23 AM, Ilari Liusvaara wrote: > On Fri, Mar 10, 2017 at 08:42:38AM -0800, Eric Rescorla wrote: > > On Fri, Mar 10, 2017 at 8:37 AM, Ilari Liusvaara < > ilariliusva...@welho.com> > > wrote: > > > > > > The problem here is, one can't do that with TLS 1.2+1.3 dual-version >

Re: [TLS] Updating for non-X.509 certificate types

2017-03-10 Thread Ilari Liusvaara
On Fri, Mar 10, 2017 at 08:42:38AM -0800, Eric Rescorla wrote: > On Fri, Mar 10, 2017 at 8:37 AM, Ilari Liusvaara > wrote: > > > The problem here is, one can't do that with TLS 1.2+1.3 dual-version > > either. If client doesn't know what extension X means in TLS 1.3 > > (but does know it for TLS

Re: [TLS] Updating for non-X.509 certificate types

2017-03-10 Thread Eric Rescorla
On Fri, Mar 10, 2017 at 8:37 AM, Ilari Liusvaara wrote: > On Fri, Mar 10, 2017 at 07:02:22AM -0800, Eric Rescorla wrote: > > On Fri, Mar 10, 2017 at 4:40 AM, Ilari Liusvaara < > ilariliusva...@welho.com> > > wrote: > > > > > - user_mapping: Has extra handshake message. > > > - cert_type: All the

Re: [TLS] Updating for non-X.509 certificate types

2017-03-10 Thread Ilari Liusvaara
On Fri, Mar 10, 2017 at 07:02:22AM -0800, Eric Rescorla wrote: > On Fri, Mar 10, 2017 at 4:40 AM, Ilari Liusvaara > wrote: > > > - user_mapping: Has extra handshake message. > > - cert_type: All the problems of CCertT and SCertT, combined with > > fixing both to be the same. > > > > Does anyon

Re: [TLS] Updating for non-X.509 certificate types

2017-03-10 Thread Eric Rescorla
On Fri, Mar 10, 2017 at 4:40 AM, Ilari Liusvaara wrote: > On Thu, Mar 09, 2017 at 04:43:19PM -0800, Eric Rescorla wrote: > > As noted in https://github.com/tlswg/tls13-spec/issues/722, the new > fancy > > TLS 1.3 Certificate structure doesn't map well to the various non-X.509 > > cert structures

Re: [TLS] Updating for non-X.509 certificate types

2017-03-10 Thread Ilari Liusvaara
On Thu, Mar 09, 2017 at 04:43:19PM -0800, Eric Rescorla wrote: > As noted in https://github.com/tlswg/tls13-spec/issues/722, the new fancy > TLS 1.3 Certificate structure doesn't map well to the various non-X.509 > cert structures we have defined, specifically: > > - Raw Public Keys > - Cached Inf

Re: [TLS] Updating for non-X.509 certificate types

2017-03-09 Thread Eric Rescorla
Yes, assuming that people agree with my plan above, I will do so. On Thu, Mar 9, 2017 at 7:06 PM, Martin Thomson wrote: > It seems like the minimum thing TLS 1.3 can do is observe that these > extensions exist and that they can't be used with TLS 1.3 (yet). > > On 10 March 2017 at 11:43, Eric Re

Re: [TLS] Updating for non-X.509 certificate types

2017-03-09 Thread Martin Thomson
It seems like the minimum thing TLS 1.3 can do is observe that these extensions exist and that they can't be used with TLS 1.3 (yet). On 10 March 2017 at 11:43, Eric Rescorla wrote: > As noted in https://github.com/tlswg/tls13-spec/issues/722, the new fancy > TLS 1.3 Certificate structure doesn't

[TLS] Updating for non-X.509 certificate types

2017-03-09 Thread Eric Rescorla
As noted in https://github.com/tlswg/tls13-spec/issues/722, the new fancy TLS 1.3 Certificate structure doesn't map well to the various non-X.509 cert structures we have defined, specifically: - Raw Public Keys - Cached Info - OpenPGP Probably mapping each of these to 1.3 is relatively straightfo