Joseph Salowey <[email protected]> wrote: > On Thu, Oct 22, 2020 at 8:08 AM Eliot Lear <[email protected]> > wrote:
>> +1. How does anyone even do OCSP without having first gotten onto the
>> network?
> [Joe] THat is what OCSP stapling is supposed to solve since the OCSP
> messages are sent in the TLS handshake. I believe there are some EAP-TLS
> implementations that support OCSP, but I am not sure if it is actually
> deployed.
I think that it should say, if you do OCSP, then you must staple.
But, the intro suggests that revocation checking is mandatory with TLS 1.3.
(I didn't double check if that's MUST, SHOULD, or what)
Since CRLs won't be fresh and can't be retrieved until online, then it seems
that OCSP is needed if one is going to revocation checking.
What I read in section 5.4 is that servers have to support OCSP stapling
requests. I see a tiny bit of wiggle room as to whether the peer actually
must USE it :-)
Maybe that wiggle room can be made official for Hannes.
The document currently says: (1.0)
Privacy is mandatory and achieved without any additional round-trips,
revocation checking is mandatory and simplified with OCSP stapling,
and:
5.4. Certificate Revocation
This section updates Section 5.4 of [RFC5216].
While certificates may have long validity periods, there are a number
of reasons (e.g. key compromise, CA compromise, privilege withdrawn,
etc.) why client, server, or sub-CA certificates have to be revoked
before their expiry date. Revocation of the EAP server's certificate
is complicated by the fact that the EAP peer may not have Internet
connectivity until authentication completes.
EAP-TLS peers and servers supporting TLS 1.3 MUST support Certificate
Status Requests (OCSP stapling) as specified in [RFC6066] and
Section 4.4.2.1 of [RFC8446]. When EAP-TLS is used with TLS 1.3, the
peer and server MUST use Certificate Status Requests [RFC6066] for
the server's certificate chain and the EAP peer MUST treat a
CertificateEntry (except the trust anchor) without a valid
CertificateStatus extension as invalid and abort the handshake with
an appropriate alert. When EAP-TLS is used with TLS 1.3, the server
MUST check the revocation status of the certificates in the client's
certificate chain.
The OCSP status handling in TLS 1.3 is different from earlier
versions of TLS, see Section 4.4.2.1 of [RFC8446]. In TLS 1.3 the
OCSP information is carried in the CertificateEntry containing the
associated certificate instead of a separate CertificateStatus
message as in [RFC4366]. This enables sending OCSP information for
all certificates in the certificate chain.
>> Eliot
>>
>> On 21 Oct 2020, at 11:02, Hannes Tschofenig <[email protected]>
>> wrote:
>>
>> Hi all,
>>
>> this draft mandates OCSCP stapling (for use with TLS 1.3 in EAP-TLS) and
I
>> believe this is a problem for implementations. This extra burden is IMHO
>> unjustified. For the type of deployments where EAP is used there is no
need
>> for a mandatory certificate revocation checking with OCSP.
>>
>> Having it optional, like the use of many other TLS extensions, is fine
for
>> me. FWIW even TLS 1.3, which is used in a more generic environment, does
>> not mandate the use of OCSP stapling.
>>
>> This requirement will make the problem described in
>> draft-ietf-emu-eaptlscert worse. I am sure the authors are aware of this
>> fact since they are also co-authors of draft-ietf-emu-eaptlscert.
>>
>> Ciao
>> Hannes
>> IMPORTANT NOTICE: The contents of this email and any attachments are
>> confidential and may also be privileged. If you are not the intended
>> recipient, please notify the sender immediately and do not disclose the
>> contents to any other person, use it for any purpose, or store or copy
the
>> information in any medium. Thank you.
>> _______________________________________________
>> Emu mailing list
>> [email protected]
>> https://www.ietf.org/mailman/listinfo/emu
>>
>>
>> _______________________________________________
>> Emu mailing list
>> [email protected]
>> https://www.ietf.org/mailman/listinfo/emu
>>
> ----------------------------------------------------
> Alternatives:
> ----------------------------------------------------
> _______________________________________________
> Emu mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/emu
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Emu mailing list [email protected] https://www.ietf.org/mailman/listinfo/emu
