Closed Bug 1807870 Opened 1 year ago Closed 1 year ago

RFC 9266: Channel Bindings for TLS 1.3

Categories

(NSS :: Libraries, enhancement, P5)

Product:
NSS
Component:
Libraries
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED WORKSFORME

People

(Reporter: Neustradamus, Unassigned)

References

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Steps to reproduce:

Can you add the support of RFC 9266: Channel Bindings for TLS 1.3?

Little details, to know easily:

  • tls-unique for TLS =< 1.2
  • tls-exporter for TLS = 1.3

Thanks in advance.

Actual results:

No support.

Expected results:

Have the support.

NSS supports TLS exporters and so can provide the "EXPORTER-Channel-Binding" exporter that is defined in RFC 9266. See SSL_ExportKeyingMaterial.

I don't think there are any plans to support 'tls-unique'. For one, it doesn't work for TLS 1.2. The 'tls-exporter' binding works in TLS 1.2, so it is a better choice. I know that SCRAM demands that TLS 1.2 implementations implement 'tls-unique', but that is - in my opinion anyway - driven more by a desire to keep from changing the requirements for those who implemented the bindings for TLS 1.2 prior to RFC 9266.

If you have a need for 'tls-unique' in TLS 1.2, then please open a different bug for that. The Mozilla team probably won't prioritize it, but we might be willing to review a patch.

Severity: -- → S3
Status: UNCONFIRMED → RESOLVED
Closed: 1 year ago
OS: Unspecified → All
Priority: -- → P5
Hardware: Unspecified → All
Resolution: --- → WORKSFORME
See Also: → 563276
You need to log in before you can comment on or make changes to this bug.