IETF Logo Mail Archive

Re: [hybi] On TLS-only Approaches

"Brian Smith" <brian@briansmith.org> Mon, 23 August 2010 07:45 UTC

Return-Path: <brian@briansmith.org>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7B4E83A69A6 for <hybi@core3.amsl.com>; Mon, 23 Aug 2010 00:45:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.971
X-Spam-Level:
X-Spam-Status: No, score=-1.971 tagged_above=-999 required=5 tests=[AWL=0.628, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RjT2zm6QHE2O for <hybi@core3.amsl.com>; Mon, 23 Aug 2010 00:45:30 -0700 (PDT)
Received: from mxout-08.mxes.net (mxout-08.mxes.net [216.86.168.183]) by core3.amsl.com (Postfix) with ESMTP id 1A0FF3A67CC for <hybi@ietf.org>; Mon, 23 Aug 2010 00:45:30 -0700 (PDT)
Received: from T60 (unknown [98.200.150.199]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id 756D4509E0; Mon, 23 Aug 2010 03:45:57 -0400 (EDT)
From: Brian Smith <brian@briansmith.org>
To: hybi@ietf.org
Date: Mon, 23 Aug 2010 02:45:56 -0500
Message-ID: <000401cb4297$3bfe5650$b3fb02f0$@briansmith.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQK574ZI1SyR6HUs3Ot81qFxuKg1lg==
Content-Language: en-us
Subject: Re: [hybi] On TLS-only Approaches
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Aug 2010 07:45:31 -0000

John Tamplin wrote:
> It looks to me, according to openssl ciphers, the only NULL cipher
> supported is AECDH-NULL-SHA which still does SHA1 for integrity
> protection, so I assume it would have the same overhead. 
> RFC4346 seems to indicate a TLS_NULL_WITH_NULL_NULL
> CipherSuite option which would have a 0-byte MAC, so presumably
> you would only pay the 5-byte record overhead and there would be
> no padding.  That is more reasonable, but still seems large
> considering we have been arguing over a few bytes in the framing.

I don't think it's realistic to expect people to have unencrypted TLS cipher
suites enabled. For one thing, people expect that "https" = "secure" =
"encrypted" at a minimum.

The AES-GCM modes are authenticated and encrypted and have 21 bytes of
overhead per record. I think that's the minimum size overhead that you are
going to get realistically. (I am 100% certain that there will be an AES-GCM
implementation contributed to NSS soon.)

Also, keep in mind that with TLS, you can use TLS compression, which allows
you to compress the headers as well as the data, and which allows you to
maintain compression state across requests and across responses.
Consequently, it would be surprising to me if WebSockets over TLS didn't
result in *smaller* messages when the TLS implementation supports
compression. Memory overhead for compression is a concern but there are
tricks to mitigate that.

Regards,
Brian

v2.23.0 | Report a Bug | By Email