Re: [TLS] Request mTLS Flag

Thu, 16 Nov 2023 23:03:50 -0800 

On Thu, Nov 16, 2023 at 09:00:52PM +0200, Mohit Sethi wrote:

> Unless I am mistaken, it has probably slipped under the radar of the
> WG that this indication is already achievable by using the
> client_certificate_type extension defined in RFC 7250:
> https://datatracker.ietf.org/doc/html/rfc7250 with certificate type
> value = 0:
> https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml#tls-extensiontype-values-3.

Indeed, Postfix 3.9 (release estimated Q1 '2024), when compiled against
OpenSSL 3.2 (release estimated circa next week), will automatically
signal client certificate types X.509(0) and RPK(2) iff and only a
client certificate is configured (available).

So in at least one case, the signal that the client is inclined and able
to offer a certificate is already implemented in at least one stack.

So servers could request client certificates conditioned on this signal
(and support for at least one of the offered types).

There isn't pesently (in Postfix) a way to configure offering just X.509
or just RPK, but perhaps there'll be a compelling use case to make that
possible some day.  To user either, the client configures a key and
cert, and the RPK is extracted from the cert if use of RPKs is
negotiated.

AFAIK, today just two MTAs are doing SMTP with raw public keys, both are
mine.  Server authenication by the client is via DANE-EE(3) public key
digests.

    Nov 12 17:28:27 ... Verified TLS connection established to ...:
        TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange 
X25519
        server-signature RSA-PSS (2048 bit raw public key) server-digest SHA256

    Nov 16 20:27:04 ...  Anonymous TLS connection established from ...:
        TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange 
X25519
        server-signature RSA-PSS (2048 bit raw public key) server-digest SHA256

I am not presently using client certs on either end, so the client
remains "anonymous" from the perspective of TLS.

-- 
    Viktor.

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to