TLS 1.3 Post-handshake authentication
xuelei.fan at oracle.com
Thu Mar 4 21:48:46 UTC 2021
<BCC jdk-dev, forward to security-dev>
Did you have a chance to read RFC 8740? Post-Handshake authentication in HTTP/2 is not allowed for TLS 1.3. Is there a concern for the use case you mentioned?
From: jdk-dev <jdk-dev-retn at openjdk.java.net> on behalf of arjan tijms <arjan.tijms at gmail.com>
Sent: Thursday, March 4, 2021 12:57 PM
To: jdk-dev at openjdk.java.net <jdk-dev at openjdk.java.net>
Subject: TLS 1.3 Post-handshake authentication
I noticed the following issue was recently closed:
For the Servlet spec this is however a very important feature, to the point
that for the Servlet TCK we would need to explicitly allow vendors to use
TLS 1.2 for the client-cert authentication mechanism test.
Servlet needs this post-handshake authentication, since it allows the
server to have protected/secured resources on a URL basis. During the
handshake the URL that the client wishes to request is not yet available,
so the server is unable to determine at that point whether it requires the
client to present a certificate.
Only when the request is being serviced can the server determine this, and
respond with a certificate request. This however fails when using TLS 1.3,
since it's not implemented in Java.
The issue mentions that it might be implemented on request, so hereby I
would like to request this.
Arjan Tijms (Servlet spec committer)
More information about the jdk-dev