Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on key usage" PRs (#765/#769).

Martin Thomson <martin.thomson@gmail.com> Wed, 01 March 2017 21:18 UTC

MIME-Version: 1.0
In-Reply-To: <D4DC7F7F.3122D%qdang@nist.gov>
References: <352D31A3-5A8B-4790-9473-195C256DEEC8@sn3rd.com> <CY4PR09MB1464243342F19FCBE48C37E7F3550@CY4PR09MB1464.namprd09.prod.outlook.com> <26137F3B-5655-44CA-877E-7168CE02DBF1@azet.org> <D4DC341D.311E1%qdang@nist.gov> <2572E3FC-0139-4946-A12D-9D9509C402F1@azet.org> <D4DC4473.311F2%qdang@nist.gov> <D4DC8CDB.8A84E%kenny.paterson@rhul.ac.uk> <D4DC48E2.31204%qdang@nist.gov> <CACsn0cmf1AN1roDpQykoVJgqC-rhvauVwSEvokG9wiCNkk==yw@mail.gmail.com> <D4DC7F7F.3122D%qdang@nist.gov>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 02 Mar 2017 08:18:21 +1100
Message-ID: <CABkgnnVyYGqacWfOWhnO6WRnPebNV=T9+gLnnyo-+hkCN=SvGg@mail.gmail.com>
To: "Dang, Quynh (Fed)" <quynh.dang@nist.gov>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/r9hS7nQ_ZDD7IQICxxMQcZwL1UA>
Cc: "cfrg@irtf.org" <cfrg@irtf.org>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on key usage" PRs (#765/#769).
Precedence: list

On 2 March 2017 at 05:44, Dang, Quynh (Fed) <quynh.dang@nist.gov> wrote:
> OK. What is the percentage ? Even all records were small, providing a
> correct number would be a good thing. If someone wants to rekey a lot often,
> I am not suggesting against that.

It will vary greatly depending on circumstance.  Most of the time the
record size matches the MTU.  Other times it matches the write size,
which can be only a small number of octets.  For bulk transfers it can
approach the record maximum.  All on the same connection sometimes.

I really don't know what you are suggesting here.  The point is the
accounting in terms of records doesn't really give you any insight
into the number of blocks.

[Cfrg] Closing out tls1.3 "Limits on key usage" P… Sean Turner
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Stanislav V. Smyshlyaev
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Martin Thomson
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Paterson, Kenny
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Ilari Liusvaara
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Dang, Quynh (Fed)
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Rene Struik
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Paterson, Kenny
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Rene Struik
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Paterson, Kenny
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Andrey Jivsov
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Andrey Jivsov
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Martin Thomson
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Andrey Jivsov
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Markulf Kohlweiss
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Aaron Zauner
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Tony Arcieri
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Atul Luykx
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Yoav Nir
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Atul Luykx
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Yoav Nir
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Paterson, Kenny
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Martin Thomson
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Yoav Nir
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Martin Thomson
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Yoav Nir
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Martin Thomson
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Aaron Zauner
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Aaron Zauner
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Dang, Quynh (Fed)
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Aaron Zauner
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Dang, Quynh (Fed)
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Aaron Zauner
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Dang, Quynh (Fed)
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Paterson, Kenny
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Watson Ladd
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Martin Thomson
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Dang, Quynh (Fed)
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Brian Smith
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Andrey Jivsov
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Hal Murray
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Andrey Jivsov
Re: [Cfrg] [TLS] Closing out tls1.3 "Limits on ke… Yoav Nir
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Sean Turner
Re: [Cfrg] Closing out tls1.3 "Limits on key usag… Russ Housley