[Date Prev][Date Next] [Chronological] [Thread] [Top]

summary: WG last call comments on draft-ietf-ldapext-ldapv3-tls-01.txt



Thanks to all who commented on draft-ietf-ldapext-ldapv3-tls-01.txt.

The other-than-editorial-items comments that we received which generated 
discussion concerned..

  a. details of section "4.6.  Server Identity Check"

  b. security considerations of reading an ldap server's supportedExtension
     attribute from the root DSE.

I agree with RLBob that we should leave item (a) section 4.6 as-is for now, 
and see how the IESG regards it.

In terms of item (b), I suggest the below mods to the doc. 

It seems to me that the outcome of working group last call on this doc can be 
declared to be the second possible wg last call outcome...

howes@netscape.com said:
> 2) Minor changes agreed to on the list are required, and the documents
> are revised. We then ask our ADs to put forward the revised documents
> to the IESG for proposed standard status. 

So I suggest making the below substantive changes and asking our ADs to 
forward it on to the IESG.

thanks,

Jeff
------------------------------------------------------------------------

We should add this section to the doc..

---------
4.7  Refresh of Server Capabilities Information

The client SHOULD refresh any cached server capabilities information (e.g.
from the server's root DSE; see section 3.4 of [LDAPv3]) upon TLS session 
establishment. This is necessary to protect against active-intermediary
attacks which may have altered any server capabilities information retrieved
prior to TLS establishment. The server MAY advertise different capabilities
after TLS establishment. 
---------


We should update the security considerations section accordingly. Here's 
proposed text (with three blank lines between paragraphs to try to clairfy the 
edits. Resulting section 7 below this)...

7.  Security Considerations

The goals of using the TLS protocol with LDAP are to ensure connection
confidentiality and integrity, and to optionally provide for authentica-
tion. TLS expressly provides these capabilities, as described in [TLS].



All security gained via use of the Start TLS operation is gained by the
use of TLS itself. The Start TLS operation, on its own, does not provide
any additional security.



The use of TLS does not provide or ensure for confidentiality and/or
non-repudiation of the data housed by an LDAP-based directory server.

add: "Nor does it secure the data from inspection by the server 
administrators."

Once established, TLS only provides for and ensures confidentiality and
integrity of the operations and data in transit over the LDAP associa-
tion, and only if the implementations on the client and server support
and negotiate it.



The level of security provided though the use of TLS depends directly on
both the quality of the TLS implementation used and the style of usage
of that implementation. 

add: "Additionally, an active-intermediary attacker can remove the Start TLS 
extended operation from the supportedExtension attribute of the root DSE."

                        Both parties SHOULD independently ascertain and
             ^^^^^^^^^^^
             Therefore,
consent to the privacy level achieved once TLS is established and before
               ^^^^^^^
               security
begining use of the TLS connection. For example, the privacy level of
                                                     ^^^^^^^
                                                     security
the TLS connection might have been negotiated down to plaintext. 



add new paragraph: "Clients SHOULD either warn the user when the security 
level achieved does not provide confidentiality and/or integrity protection, 
or be configurable to refuse to proceed without an acceptable level of 
security.



Client and server implementors SHOULD take measures to ensure proper
protection of credentials and other confidential data where such meas-
ures are not otherwise provided by the TLS implementation.



Server implementors SHOULD allow for server administrators to elect
whether and when connection confidentiality is required.

change to: "Server implementors SHOULD allow for server administrators to 
elect whether and when connection confidentiality and/or integrity is 
required, as well as elect whether and when client authentication via TLS is 
required."


------------------------------------------------------------------------
The above changes to section 7 yield:

7.  Security Considerations

The goals of using the TLS protocol with LDAP are to ensure connection
confidentiality and integrity, and to optionally provide for authentica-
tion. TLS expressly provides these capabilities, as described in [TLS].

All security gained via use of the Start TLS operation is gained by the
use of TLS itself. The Start TLS operation, on its own, does not provide
any additional security.

The use of TLS does not provide or ensure for confidentiality and/or
non-repudiation of the data housed by an LDAP-based directory server.
Nor does it secure the data from inspection by the server administrators.
Once established, TLS only provides for and ensures confidentiality and
integrity of the operations and data in transit over the LDAP associa-
tion, and only if the implementations on the client and server support
and negotiate it.

The level of security provided though the use of TLS depends directly on
both the quality of the TLS implementation used and the style of usage
of that implementation. Additionally, an active-intermediary attacker can 
remove the Start TLS extended operation from the supportedExtension attribute 
of the root DSE. Therefore, both parties SHOULD independently ascertain and
consent to the security level achieved once TLS is established and before
begining use of the TLS connection. For example, the security level of
the TLS connection might have been negotiated down to plaintext. 

Clients SHOULD either warn the user when the security level achieved does not 
provide confidentiality and/or integrity protection, or be configurable to 
refuse to proceed without an acceptable level of security.

Client and server implementors SHOULD take measures to ensure proper
protection of credentials and other confidential data where such meas-
ures are not otherwise provided by the TLS implementation.

Server implementors SHOULD allow for server administrators to elect whether 
and when connection confidentiality and/or integrity is required, as well as 
elect whether and when client authentication via TLS is required.

------------------------------------------------------------------------