IETF Logo Mail Archive

Re: [quicwg/base-drafts] Rework Key Update (#2237)

Martin Thomson <notifications@github.com> Sun, 30 December 2018 23:18 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5F7FC13104E for <quic-issues@ietfa.amsl.com>; Sun, 30 Dec 2018 15:18:21 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.065
X-Spam-Level:
X-Spam-Status: No, score=-8.065 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.065, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pt2uf9PSHDlR for <quic-issues@ietfa.amsl.com>; Sun, 30 Dec 2018 15:18:20 -0800 (PST)
Received: from out-7.smtp.github.com (out-7.smtp.github.com [192.30.252.198]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE6BE129AB8 for <quic-issues@ietf.org>; Sun, 30 Dec 2018 15:18:19 -0800 (PST)
Date: Sun, 30 Dec 2018 15:18:18 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1546211898; bh=pCbuTgLEirHsh8Ijc2Dsl/bTsFRsDtF1OidqzfF9iLo=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=YfKxckiO9lyJCwyWoZLF5+QUKelPL/W1XXN+IwcEL+qWBBjWnuR5TXBu8sFOBgFpH 4OiHi/fx9Bb4n4OrzA5ho+GmfezN4Q8xpLrOmBUt4zTg8F25NacHCDSqp45+ZnjFHn YgcpeassXt5EdTKkmqXYbJH/d4in2zkmArG3WpCY=
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab8fac0677614553670cd825ca2502fd32a28189a892cf000000011841143a92a169ce1770e975@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2237/c450593563@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2237@github.com>
References: <quicwg/base-drafts/pull/2237@github.com>
Subject: Re: [quicwg/base-drafts] Rework Key Update (#2237)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c29523aca6fe_a033f7f2b8d45c02069be"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/3W_uf-YeXjEXpEtH3Gyizl5p0LA>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 30 Dec 2018 23:18:21 -0000

At this stage, I'm going to put this on the agenda for discussion in Tokyo.  I think that we have three valid options, though we might have ruled the first out:

1. use acknowledgements to regulate multiple updates
2. use two phase bits, representing a cyclic sequence (0, 1, 2, 3) and allow two updates ahead
3. use one phase bit and a second bit indicating whether key updates are permitted

1 is theoretically possible, but likely to be impractical in many implementations, so we can rule that out.

This PR is currently 2, though I'm biased slightly toward 3 now.  It doesn't have an error condition where the phase is 3 ahead of expected, but the packet number is higher.  More importantly, it reduces the number of active keys after the handshake is complete to at most 2.  The drawback is that you can block key updates.  That said, some people might consider that to be a feature.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/2237#issuecomment-450593563

v2.23.0 | Report a Bug | By Email