Linking Identity and POP Information (tls-unique)

[achuchev]

First of all, I want to say that I really like this EST client. Great job!

I want to check if the "Linking Identity and POP Information" as described it https://tools.ietf.org/html/rfc7030#section-3.5 is supported? I don’t see it listed in https://github.com/thales-e-security/estclient#analysis-of-rfc-requirements

3.5. Linking Identity and POP Information

Server policy will determine whether clients are required to use the
mechanism specified in this section. This specification provides a
method of linking identity and proof-of-possession by including
information specific to the current authenticated TLS session within
the signed certification request. The client can determine if the
server requires the linking of identity and POP by examining the CSR
Attributes Response (see Section 4.5.2). Regardless of the CSR
Attributes Response, clients SHOULD link identity and POP by
embedding tls-unique information in the certification request. If
tls-unique information is included by the client, the server MUST
verify it. The EST server MAY reject requests without tls-unique
information as indicated by server policy.

[dmjones]

Good question. It's not supported at the moment. Our API expects you to pass in a certificate request that you obtained yourself.

One way to support this would be to add an enrolment function that accepts a callback:

type ReqGenerator interface {
  Generate(tlsUnique []byte) (*x509.CertificateRequest, error)
}

func SimpleEnrollWithPOP(authData AuthData, generator ReqGenerator) {
  // Complete handshake, then call generator
}

PRs welcome :-)

[achuchev]

@dmjones Thanks for the quick reply.
Unfortunately, my Golang skills are limited, so I will let this to the experts :)

[Neustradamus]

Any progress on it?

Can you add the support of RFC 9266: Channel Bindings for TLS 1.3?

• https://datatracker.ietf.org/doc/html/rfc9266

Channel Bindings for TLS: https://datatracker.ietf.org/doc/html/rfc5929

• XEP-0388: Extensible SASL Profile: https://xmpp.org/extensions/xep-0388.html
• XEP-0440: SASL Channel-Binding Type Capability: https://xmpp.org/extensions/xep-0440.html
• XEP-0474: SASL SCRAM Downgrade Protection: https://xmpp.org/extensions/xep-0474.html
• XEP-0480: SASL Upgrade Tasks: https://xmpp.org/extensions/xep-0480.html

Little details, to know easily:

• tls-unique for TLS =< 1.2 (RFC5929)
• tls-server-end-point =< 1.2 + 1.3 (RFC5929)
• tls-exporter for TLS = 1.3 (RFC9266)

After the jabber.ru MITM, it is time to add it:

• https://notes.valdikss.org.ru/jabber.ru-mitm/
• https://snikket.org/blog/on-the-jabber-ru-mitm/
• https://www.devever.net/~hl/xmpp-incident
• https://blog.jmp.chat/b/certwatch/certwatch

Thanks in advance.

Linked to:

• Channel Binding: State of Play scram-sasl/info#1