[TLS] Re: Review of draft-santesson-tls-gssapi-00

To: <Pasi.Eronen at nokia.com>
Subject: [TLS] Re: Review of draft-santesson-tls-gssapi-00
From: Simon Josefsson <simon at josefsson.org>
Date: Wed, 21 Mar 2007 16:47:26 +0100
Cc: tls at ietf.org
In-reply-to: <B356D8F434D20B40A8CEDAEC305A1F2403ECA9BA@esebe105.NOE.Nokia.com> (Pasi Eronen's message of "Wed\, 21 Mar 2007 17\:16\:57 +0200")
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
Openpgp: id=B565716F; url=http://josefsson.org/key.txt
References: <A15AC0FBACD3464E95961F7C0BCD1FF01EEDF5A8@EA-EXMSG-C307.europe.corp.microsoft.com> <200703081752.SAA13445@uw1048.wdf.sap.corp> <A15AC0FBACD3464E95961F7C0BCD1FF01EEDF84A@EA-EXMSG-C307.europe.corp.microsoft.com> <861wjyfnmp.fsf@delta.rtfm.com> <A15AC0FBACD3464E95961F7C0BCD1FF01EEDF88A@EA-EXMSG-C307.europe.corp.microsoft.com> <86fy8ee7g5.fsf@delta.rtfm.com> <A15AC0FBACD3464E95961F7C0BCD1FF01EEDFC6F@EA-EXMSG-C307.europe.corp.microsoft.com> <B356D8F434D20B40A8CEDAEC305A1F2403E92576@esebe105.NOE.Nokia.com> <A15AC0FBACD3464E95961F7C0BCD1FF01EF5FEA6@EA-EXMSG-C307.europe.corp.microsoft.com> <B356D8F434D20B40A8CEDAEC305A1F2403E92709@esebe105.NOE.Nokia.com> <33F43BC3-4F76-48B1-9DC9-3B05C951C7BE@checkpoint.com> <B356D8F434D20B40A8CEDAEC305A1F2403ECA9BA@esebe105.NOE.Nokia.com>
User-agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.95 (gnu/linux)

<Pasi.Eronen at nokia.com> writes:

> Yoav Nir wrote:
>
>> > We certainly have to complete the authentication (including GSS-API)
>> > before we let application data through. In my proposal, that would
>> > happen after the channel binding messages (not immediately after the
>> > finished messages).
>> 
>> This would change the same state machine which you reference in RFC  
>> 2246. That figure makes it clear that application data immediately  
>> follows the Finished message. Inserting more handshake messages  
>> between the Finished message and the application data is just as big  
>> a change as is inserting them before the Finished message.
>
> In my proposal, the GSS-API messages would use a new content type, not
> handshake; so the state machine for TLS handshake message processing
> would not be changed.
>
> IMHO this is a smaller change (but I admit that judging the size of
> these changes is somewhat subjective).

I like your proposal better too, since it seems like a good compromise
here, but I believe one of the problems with it is termination: if the
TLS handshake Finished messages doesn't complete a TLS handshake, from
a key-management point of view (which is what some applications wants
from TLS), when should the TLS session terminate?  With your proposal
it finishes after TLS Finished and after GSS_Init/Accept_sec_context
terminates with success.  That's not a generic termination condition
that fits well with how EAP looks at TLS negotiation.

A generic "user authentication" mechanism like the TLS Inner
Application extension, enhanced with support for GSS-API, may be
better.  It would provide a framework to tell applications using TLS
for key-management when the TLS negotiations have finished, instead of
having them wait for TLS Finished and then wait for GSS success.

Anyway, I'd be interested to hear EKR and Stefan's thoughts on your
proposal, and what (if any) disadvantages they believe it have.

/Simon

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

References:
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Stefan Santesson
- Re: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Martin Rex
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Stefan Santesson
- Re: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: EKR
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Stefan Santesson
- Re: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: EKR
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Stefan Santesson
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Pasi.Eronen
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Stefan Santesson
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Pasi.Eronen
- Re: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Yoav Nir
- RE: [TLS] Review of draft-santesson-tls-gssapi-00
  - From: Pasi.Eronen

Prev by Date: RE: [TLS] Review of draft-santesson-tls-gssapi-00
Next by Date: RE: [TLS] Review of draft-santesson-tls-gssapi-00
Previous by thread: RE: [TLS] Review of draft-santesson-tls-gssapi-00
Next by thread: RE: [TLS] Review of draft-santesson-tls-gssapi-00
Index(es):
- Date
- Thread

[TLS] Re: Review of draft-santesson-tls-gssapi-00

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.