You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@trafficserver.apache.org by Leif Hedstrom <zw...@apache.org> on 2016/03/04 17:38:21 UTC

Session ticket key blocks per certificate in ssl_multicert.config ?

Hi all,

while debugging some pretty serious shortcomings of the session tickets and ssl_multicert.config, I’ve come to realize that the current implementation is (likely) overly complex, with little additional value. So my question is this:

	How important is it to configure unique session ticket keys for each certificate?


If the answer is “not very” or even “not at all", I’d like to propose that we drop this from ssl_multicert.config entirely, and only use a records.config configured session ticket configuration.  We’d retain the existing plumbing of course, including the rotation mechanisms added recently. This approach also has the nice property of easier management of these secrets. Of course, this would be an incompatible change, so could only go into v7.0.0.

Thoughts? If you feel that we need to retain the unique ticket key blocks per certificate, please speak up and explain why.

Cheers,

— Leif

Re: Session ticket key blocks per certificate in ssl_multicert.config ?

Posted by Leif Hedstrom <zw...@apache.org>.

> On Mar 7, 2016, at 3:14 AM, Luca Rea <lu...@contactlab.com> wrote:
> 
> Hi,
> 
> I've not yet used it but I can make an usage example:
> 
> If you use ATS as HTTP2 proxy for a service that sends apple push notifications your customers will give you a .p12 file containing the pair key/certificate of their authorized mobile app, so you need to customize the outbound TLS connection to the apple sandbox/production gateway with these  ones for every app messages stream.
> 
> Is that possible without something like ssl_multicert ?
> 


Not sure I understand, but I don’t think so? The session ticket keys is just a way to assure that > 1 server behind a VIP of some sort use the same secrets for the session resumptions.

— Leif

Re: Session ticket key blocks per certificate in ssl_multicert.config ?

Posted by James Peach <jp...@apache.org>.

> On Mar 7, 2016, at 2:14 AM, Luca Rea <lu...@contactlab.com> wrote:
> 
> Hi,
> 
> I've not yet used it but I can make an usage example:
> 
> If you use ATS as HTTP2 proxy for a service that sends apple push notifications your customers will give you a .p12 file containing the pair key/certificate of their authorized mobile app, so you need to customize the outbound TLS connection to the apple sandbox/production gateway with these  ones for every app messages stream.

ssl_multicert doesn't specify how to construct outbound TLS session. The only way to do this is with the proxy.config.ssl.client.* configuration variables.

J

RE: Session ticket key blocks per certificate in ssl_multicert.config ?

Posted by Luca Rea <lu...@contactlab.com>.

Hi,

I've not yet used it but I can make an usage example:

If you use ATS as HTTP2 proxy for a service that sends apple push notifications your customers will give you a .p12 file containing the pair key/certificate of their authorized mobile app, so you need to customize the outbound TLS connection to the apple sandbox/production gateway with these  ones for every app messages stream.

Is that possible without something like ssl_multicert ?

Re: Session ticket key blocks per certificate in ssl_multicert.config ?

Posted by Dave Thompson <da...@yahoo-inc.com.INVALID>.

I agree.   Unique TLS session ticket key per server or per server cluster, for sure, but I have difficulty imagining pragmatic value in managing this on a per certificate level, especially given the trade off you mention.
Dave 

    On Friday, March 4, 2016 10:39 AM, Leif Hedstrom <zw...@apache.org> wrote:
 

 Hi all,

while debugging some pretty serious shortcomings of the session tickets and ssl_multicert.config, I’ve come to realize that the current implementation is (likely) overly complex, with little additional value. So my question is this:

    How important is it to configure unique session ticket keys for each certificate?


If the answer is “not very” or even “not at all", I’d like to propose that we drop this from ssl_multicert.config entirely, and only use a records.config configured session ticket configuration.  We’d retain the existing plumbing of course, including the rotation mechanisms added recently. This approach also has the nice property of easier management of these secrets. Of course, this would be an incompatible change, so could only go into v7.0.0.

Thoughts? If you feel that we need to retain the unique ticket key blocks per certificate, please speak up and explain why.

Cheers,

— Leif

Re: Session ticket key blocks per certificate in ssl_multicert.config ?

Posted by Dave Thompson <da...@yahoo-inc.com>.

I agree.   Unique TLS session ticket key per server or per server cluster, for sure, but I have difficulty imagining pragmatic value in managing this on a per certificate level, especially given the trade off you mention.
Dave 

    On Friday, March 4, 2016 10:39 AM, Leif Hedstrom <zw...@apache.org> wrote:
 

 Hi all,

while debugging some pretty serious shortcomings of the session tickets and ssl_multicert.config, I’ve come to realize that the current implementation is (likely) overly complex, with little additional value. So my question is this:

    How important is it to configure unique session ticket keys for each certificate?


If the answer is “not very” or even “not at all", I’d like to propose that we drop this from ssl_multicert.config entirely, and only use a records.config configured session ticket configuration.  We’d retain the existing plumbing of course, including the rotation mechanisms added recently. This approach also has the nice property of easier management of these secrets. Of course, this would be an incompatible change, so could only go into v7.0.0.

Thoughts? If you feel that we need to retain the unique ticket key blocks per certificate, please speak up and explain why.

Cheers,

— Leif