Support the encrypted client certificates TLS extension

RESOLVED WONTFIX

Status

NSS
Libraries
--
enhancement
RESOLVED WONTFIX
6 years ago
5 years ago

People

(Reporter: Wan-Teh Chang, Assigned: Wan-Teh Chang)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(2 attachments, 3 obsolete attachments)

(Assignee)

Description

6 years ago
Created attachment 564913 [details]
draft-agl-tls-encryptedclientcerts-00.html

This TLS extension is specified in the attached draft by Adam Langley
draft-agl-tls-encryptedclientcerts-00.html.

It addresses the privacy issue of sending a client certificate by sending
the Certificate handshake message after the ChangeCipherSpec message.
(Assignee)

Comment 1

6 years ago
Created attachment 564919 [details] [diff] [review]
Patch by Adam Langley

The attached patch is written by Adam Langley.

This patch hasn't been tested in Chrome yet.
(Assignee)

Comment 2

6 years ago
Created attachment 569148 [details]
draft-agl-tls-encryptedclientcerts-00.txt

agl just submitted the draft to IETF:
http://www.ietf.org/id/draft-agl-tls-encryptedclientcerts-00.txt
Attachment #564913 - Attachment is obsolete: true
(Assignee)

Comment 3

6 years ago
Created attachment 572721 [details] [diff] [review]
Patch by Adam Langley, v2

Updated the patch to the current NSS trunk and made minor edits.
Attachment #564919 - Attachment is obsolete: true
(Assignee)

Comment 4

6 years ago
Created attachment 573718 [details] [diff] [review]
Patch by Adam Langley, v3

I did a thorough review, made some small changes to ssl3con.c
(prSpec vs. crSpec, etc.), and added a test case to sslauth.txt.

This patch is now of checkin quality, except for the use of
unofficial TLS extension number.
Attachment #572721 - Attachment is obsolete: true
(Assignee)

Comment 5

6 years ago
We have decided to abandon this extension.  See the Chromium changelist
https://chromiumcodereview.appspot.com/10387222/
Status: ASSIGNED → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → WONTFIX
In the event that this ever gets resurrected:

We need to consider whether this extension implies any guarantee that we will have authenticated the server's certificate before sending the client certificate. In the current libssl code, ssl3_SencClientSecondRound will block the handshake until the server's cert has been authenticated, when otherwise the handshake would continue through the Finished messages before blocking on peer certificate authentication.
You need to log in before you can comment on or make changes to this bug.