[TLS] TLS 1.2 and CertificateRequest message

To: tls at ietf.org
Subject: [TLS] TLS 1.2 and CertificateRequest message
From: Nikos Mavrogiannopoulos <nmav at gnutls.org>
Date: Fri, 23 Oct 2009 00:24:31 +0300
Delivered-to: tls at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:sender:message-id:date:from :user-agent:mime-version:to:subject:x-enigmail-version:openpgp :content-type:content-transfer-encoding; bh=cEaTFFyPIt/hsEIF8+rMqH56ikn5uglllTo+oPje8P8=; b=N9sT4IBVCtp9MJ2z96zHAFtq1LtJ2JDnQEJxGAuHGlFgP6xL0oQAD/rG40kqvucy/Q rQ1gci/w0z0k2hkrKo1oNXZg6bs8nA0o58FZr5j7q/scpGc+NVvQMZQnNf8o6WwWl3Kc gOKYF+lKx26/MgP3NW/YFy6WWvvBnrOPihIPg=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:message-id:date:from:user-agent:mime-version:to:subject :x-enigmail-version:openpgp:content-type:content-transfer-encoding; b=nQWtfVwyi7oOXfT8yMtzeMtmzgThf2IdmjsrpY4G+wmDiTM3TiWPeavFLlzcDOYVfO KZz0iJukdvj4da/+slKthJbeHukR5SZOvws41b9usY498HdI0syC2TdQyqOulZqxz4fe QQEVHADNMGV2Mb9Mo/eFdvHZDouKHND45mZEE=
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Openpgp: id=96865171
Sender: Nikos Mavrogiannopoulos <n.mavrogiannopoulos at gmail.com>
User-agent: Thunderbird 2.0.0.23 (X11/20090817)

Hello,
 I've been taking a look at TLS 1.2 and it seems that there is some new
negotiation added at the CertificateRequest message. At this message the
server is supposed to send a list of allowed algorithm for signature
calculation, and the client should respond with a signature that depends
on the previously exchanged handshake messages.

In previous versions of TLS a client could just start the hash
calculation for this signature during the exchange to avoid storing the
actual messages up to this point. However with this negotiation at this
point it is quite impossible to do that approach and as far as I
understand needs to follow the store approach.

My questions now are:
1. How is this implemented in compliant software today?

2. Why this negotiation was added? I see no added value of having such
negotiation at a so late point.

regards,
Nikos

Follow-Ups:
- Re: [TLS] TLS 1.2 and CertificateRequest message
  - From: Michael D'Errico

Prev by Date: [TLS] Nov 2nd, Social Web Camp in Santa Clara
Next by Date: Re: [TLS] TLS 1.2 and CertificateRequest message
Previous by thread: [TLS] Nov 2nd, Social Web Camp in Santa Clara
Next by thread: Re: [TLS] TLS 1.2 and CertificateRequest message
Index(es):
- Date
- Thread

[TLS] TLS 1.2 and CertificateRequest message

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.