Re: [quicwg/base-drafts] Separate key/secret availability from usage (#1654)
Christian Huitema <notifications@github.com> Mon, 13 August 2018 17:08 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E361C130FA3 for <quic-issues@ietfa.amsl.com>; Mon, 13 Aug 2018 10:08:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.009
X-Spam-Level:
X-Spam-Status: No, score=-8.009 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id plYpumrwaJRe for <quic-issues@ietfa.amsl.com>; Mon, 13 Aug 2018 10:08:42 -0700 (PDT)
Received: from out-2.smtp.github.com (out-2.smtp.github.com [192.30.252.193]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E516130E9D for <quic-issues@ietf.org>; Mon, 13 Aug 2018 10:08:42 -0700 (PDT)
Date: Mon, 13 Aug 2018 10:08:38 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1534180118; bh=laBwUShaQVdhh2rVbWNGnEDY62AiZ212hjyxHcMfBdw=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=w81Rk8OxWsmUgWufP2+PVNRprg7uMG+sw7ZxBScmwGsNq5xaFCyZguqM3uto3wSMx joGdJJOYCL8r69Lv8NqUMC36TJxjG+EXmwkf+RPITZasXU5oSe0RFYZSQLeQVWbfPW CGNARGQCKaCLNhq6xg/Nti8pXlhShSZFhXcYD4nw=
From: Christian Huitema <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abf0d04368e342f3de54aa8ec4e246305aea15c26592cf0000000117897d1692a169ce14db09b1@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/1654/review/145746786@github.com>
In-Reply-To: <quicwg/base-drafts/pull/1654@github.com>
References: <quicwg/base-drafts/pull/1654@github.com>
Subject: Re: [quicwg/base-drafts] Separate key/secret availability from usage (#1654)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5b71bb16967f2_64203f953bebe61849348c"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: huitema
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/6JHHB0b3Q34JbNQNzbcm7W1G5Zk>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.27
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Aug 2018 17:08:44 -0000
huitema approved this pull request. I think this text is better than the previous one. I suggest adding a paragraph about the need for reordering before submission to TLS. It is somewhat redundant, and I would understand that editors decide to do without. But I think it is important to hammer this point, as it is an important part of the design. > -CRYPTO frame in Handshake encryption) may send STREAM data (in 1-RTT -encryption). However, if the Finished is lost, the client would have to -retransmit the Finished, in which case it would use Handshake encryption. - +Although TLS only uses one encryption level at a time, QUIC may use more than +one level. For instance, after sending its Finished message (using a CRYPTO +frame at the Handshake encryption level) an endpoint can send STREAM data (in +1-RTT encryption). If the Finished message is lost, the endpoint uses the +Handshake encryption level to retransmit the lost message. + +In particular, server implementations need to be able to read packets at the +Handshake encryption level before the final TLS handshake message at the 0-RTT +encryption level (EndOfEarlyData) is available. Though the content of CRYPTO +frames at the Handshake encryption level cannot be forwarded to TLS before +EndOfEarlyData is processed, the client could send ACK frames that the server +needs to process in order to detect lost Handshake packets. Looks good. You may or may not want to hammer the point about ordering. Something like this: Proper operation of TLS requires that handshake octets be delivered to the TLS receiver in the order in which they were produced by the sender but QUIC can only guarantee ordering within an encryption level. Due to possible reordering and losses it is possible that encryption level 1 messages sent in 0-RTT packets arrive after level 2 messages sent in Handshake packets. QUIC receivers need to make sure that handshake messages are only submitted to TLS when TLS is ready to accept messages at that encryption level. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/pull/1654#pullrequestreview-145746786
- [quicwg/base-drafts] Separate key/secret availabi… Martin Thomson
- Re: [quicwg/base-drafts] Separate key/secret avai… MikkelFJ
- Re: [quicwg/base-drafts] Separate key/secret avai… Christian Huitema
- Re: [quicwg/base-drafts] Separate key/secret avai… Martin Thomson
- Re: [quicwg/base-drafts] Separate key/secret avai… Martin Thomson
- Re: [quicwg/base-drafts] Separate key/secret avai… Christian Huitema
- Re: [quicwg/base-drafts] Separate key/secret avai… Kazuho Oku
- Re: [quicwg/base-drafts] Separate key/secret avai… Christian Huitema
- Re: [quicwg/base-drafts] Separate key/secret avai… Nick Banks
- Re: [quicwg/base-drafts] Separate key/secret avai… Kazuho Oku
- Re: [quicwg/base-drafts] Separate key/secret avai… Mike Bishop
- Re: [quicwg/base-drafts] Separate key/secret avai… Martin Thomson
- Re: [quicwg/base-drafts] Separate key/secret avai… Martin Thomson
- Re: [quicwg/base-drafts] Separate key/secret avai… Mike Bishop
- Re: [quicwg/base-drafts] Separate key/secret avai… Kazuho Oku
- Re: [quicwg/base-drafts] Separate key/secret avai… MikkelFJ