TLSUnique in tls.ConnectionState

[Anmol Sethi]

Hello,

I noticed the TLSUnique field of tls.ConnectionState.

https://golang.org/pkg/crypto/tls/#ConnectionState

I tried to read RFC 5056 and 5929 but I still do not understand its purpose.

What exactly does it accomplish? Why would we want to use it?

[Sam Whited]

The tls-unique channel binding value is the bytes of the last TLS
finished message sent during TLS negotiation. They're used to uniquely
identify a specific TLS session. This can be useful to bind a security
layer (TLS) to an application layer authenticated session (eg. SASL).
This way if we've authed with SASL and we lose our connection and
then use TLS resumption to resume it, the server can see that we had
an authenticated connection over that particular TLS session and go
ahead and resume that too (without our application having to
reauthenticate).

An example of this particular scenario can be found in the SASL
package that I've been working on in my spare time recently (fair
warning, the API is about to change again to defer providing
credentials until the last possible moment and I've done almost no
optimization, this package isn't ready to actually be used yet):

https://godoc.org/mellium.im/sasl

As the comments say, vulnerabilities have been found in the tls-unique
mechanism, so until the TLS master-secret fix (see RFC 7627) is in
widespread use tls-unique is actually a rather useless channel binding
mechanism.

Best,
Sam


--
Sam Whited
pub 4096R/54083AE104EA7AD3

[Anmol Sethi]

I understand now. Thank you very much.

> --
> You received this message because you are subscribed to the Google Groups "golang-nuts" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.