-
Notifications
You must be signed in to change notification settings - Fork 142
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Client-Cert HTTP Header: call out resumption risks in security considerations #2345
Comments
See #1992 for discussion leading to the current text. |
I am nowhere near competent enough in TLS or implementations thereof to write such security considerations so am going to need a lot of help. By which I mean a PR or proposed text. |
These seem to be general TLS concerns, and not specific to this header, no?
That's not quite right. That is a valid implementation strategy, but there are others, particularly if you want to avoid ballooning the ticket size. See #1992 (comment) |
Thinking about this a bit more and, to David's point, aren't these concerns applicable to resumption w/ client certs in TLS in general? Any discussion in this draft should probably be couched in that context. Or refer to discussion elsewhere. |
Draft is in the RFC Editor queue https://datatracker.ietf.org/doc/draft-ietf-httpbis-client-cert-field/ so past the window for changes. |
It would also be good to add some notes to Security Considerations on the risks associated with resumption, ie for implementations that do try and use client cert information following a resumed session. While there's mention here in 3.3. TLS Session Resumption, the risks are very non-obvious and subtle. Especially if there's not an RFC that describes how to convey client cert information across session resumption safely (covering TLS 1.2 and 1.3) it seems like much stronger ("should not" / "must not") guidance may be applicable. Some risks might include:
The text was updated successfully, but these errors were encountered: