[quicwg/base-drafts] 9a7ef2: Make the TLS messages plausible

Mike Bishop <noreply@github.com> Tue, 30 June 2020 23:48 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C82AB3A0781 for <quic-issues@ietfa.amsl.com>; Tue, 30 Jun 2020 16:48:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H2AwrJ8_vM4v for <quic-issues@ietfa.amsl.com>; Tue, 30 Jun 2020 16:48:57 -0700 (PDT)
Received: from out-22.smtp.github.com (out-22.smtp.github.com [192.30.252.205]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32DD83A077A for <quic-issues@ietf.org>; Tue, 30 Jun 2020 16:48:57 -0700 (PDT)
Received: from github-lowworker-275fa97.va3-iad.github.net (github-lowworker-275fa97.va3-iad.github.net [10.48.17.64]) by smtp.github.com (Postfix) with ESMTP id 6808AA01F9 for <quic-issues@ietf.org>; Tue, 30 Jun 2020 16:48:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1593560936; bh=amTg8uwAe6sMHSCw2wLztTgVYxEyh6L+1ct2MoZHeHU=; h=Date:From:To:Subject:From; b=Ve0wZT294glShmOw+AFthGkl5rC08QmBTIgUDhr1MrZ1s+MD4gwfPxuAUbqgo1y4g oiFb2g77OReByuuBgZjLTCYaJKod6H2RypHfDB7phji6RwSWnPYUPPBAb0wrXFENaS Fr2+XveBlDTkN0kpRRr+KCv10LxXarYX/8JK+/a8=
Date: Tue, 30 Jun 2020 16:48:56 -0700
From: Mike Bishop <noreply@github.com>
To: quic-issues@ietf.org
Message-ID: <quicwg/base-drafts/push/refs/heads/transport/mbishop_wglc/972e7e-e3094f@github.com>
Subject: [quicwg/base-drafts] 9a7ef2: Make the TLS messages plausible
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-Auto-Response-Suppress: All
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/E9PcIAyQXjqLDGyqN_An5wgQUXc>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jun 2020 23:49:00 -0000

  Branch: refs/heads/transport/mbishop_wglc
  Home:   https://github.com/quicwg/base-drafts
  Commit: 9a7ef222035536493a3a00a1efdbcbdf4a645da6
      https://github.com/quicwg/base-drafts/commit/9a7ef222035536493a3a00a1efdbcbdf4a645da6
  Author: Martin Thomson <mt@lowentropy.net>
  Date:   2020-06-10 (Wed, 10 Jun 2020)

  Changed paths:
    M protection-samples.js

  Log Message:
  -----------
  Make the TLS messages plausible

Here is the breakdown of the ClientHello:

```
060040f1 = CRYPTO offset 0, length 241
010000ed = TLS Handshake length 237
0303 = version: TLS 1.2
ebf8fa56f12939b9584a3896472ec40bb863cfd3e86804fe3a47f06a2b69484c = random
00 = legacy_session_id
0004 13011302 = cipher_suites: TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384
0100 = legacy_compression_methods: none
00e0 = extensions length 194
0000 0010 000e 00 000b 6578616d706c652e636f6d = server name: example.com
ff01 0001 00 = renegotiation info
000a 0008 0006 001d00170018 = supported groups: 25519, P-256, P-384
0010 0007 000504616c706e = alpn: h3-28
0005 0005 0100000000 = certificate status
0033 0026 0024001d00209370b2c9caa47fbabaf4559fedba753de171fa71f50f1ce15d43e994ec74d748 = key share: 25519
002b 0003 020304 = supported versions: TLS 1.3
000d 0010 000e 0403050306030203080408050806 = signature algorithms: some irrelevant stuff here
002d 0002 0101 = psk modes: psk+dh
001c 0002 4001 = record size limit: max
ffa5 0032 = QUIC transport parameters extension
04 08 ffffffffffffffff = initial_max_data 2^62-1
05 04 8000ffff = initial_max_stream_data_bidi_local 2^16-1
07 04 8000ffff = initial_max_stream_data_uni 2^16-1
08 01 10 = initial_max_streams_bidi 16
01 04 80007530 = max_idle_timeout 30s
09 01 10 = initial_max_streams_uni 16
0f 08 8394c8f03e515708 = initial_source_connection_id
06 04 8000ffff = initial_max_stream_data_bidi_remote 2^16-1
```

The ServerHello was OK, but the framing wasn't.


  Commit: 0b4681671ced10eece12919d3fd4d6eb5950043c
      https://github.com/quicwg/base-drafts/commit/0b4681671ced10eece12919d3fd4d6eb5950043c
  Author: Martin Thomson <mt@lowentropy.net>
  Date:   2020-06-10 (Wed, 10 Jun 2020)

  Changed paths:
    M draft-ietf-quic-tls.md

  Log Message:
  -----------
  Update samples in the draft based on changed content


  Commit: ab3d19bde401dd8116b5c90ea5351a893a808ab3
      https://github.com/quicwg/base-drafts/commit/ab3d19bde401dd8116b5c90ea5351a893a808ab3
  Author: Martin Thomson <mt@lowentropy.net>
  Date:   2020-06-11 (Thu, 11 Jun 2020)

  Changed paths:
    M draft-ietf-quic-tls.md
    M protection-samples.js

  Log Message:
  -----------
  Fix bad extension length


  Commit: 750f3d2e50bd76127819eac7007fed351b52340c
      https://github.com/quicwg/base-drafts/commit/750f3d2e50bd76127819eac7007fed351b52340c
  Author: Martin Thomson <mt@lowentropy.net>
  Date:   2020-06-24 (Wed, 24 Jun 2020)

  Changed paths:
    M draft-ietf-quic-tls.md

  Log Message:
  -----------
  Encryption level of CRYPTO determines packet type

The text implied the opposite.


  Commit: 6b3f6fbcf1cf9255ebdc6190e5fa8153e058ce72
      https://github.com/quicwg/base-drafts/commit/6b3f6fbcf1cf9255ebdc6190e5fa8153e058ce72
  Author: Martin Thomson <mt@lowentropy.net>
  Date:   2020-06-24 (Wed, 24 Jun 2020)

  Changed paths:
    M draft-ietf-quic-invariants.md

  Log Message:
  -----------
  Packets might be integrity protected

Or MAY, but let's leave this probabilistic, because in practice there is
no uncertainty: packets are protected.

I've changed the header of the section because it isn't just about the
header: the subsections are about the specific headers, but this one is
about packets as a whole.


  Commit: 2961b77dc1742f337343134bf455405688eb47c3
      https://github.com/quicwg/base-drafts/commit/2961b77dc1742f337343134bf455405688eb47c3
  Author: Benjamin Saunders <ben.e.saunders@gmail.com>
  Date:   2020-06-29 (Mon, 29 Jun 2020)

  Changed paths:
    M draft-ietf-quic-recovery.md

  Log Message:
  -----------
  Update references to removed function


  Commit: 2e878b919cc6a78967950a710288e82a26c66968
      https://github.com/quicwg/base-drafts/commit/2e878b919cc6a78967950a710288e82a26c66968
  Author: Martin Thomson <mt@lowentropy.net>
  Date:   2020-06-30 (Tue, 30 Jun 2020)

  Changed paths:
    M draft-ietf-quic-transport.md

  Log Message:
  -----------
  Stop using CID acronym

We've been pretty disciplined about using "connection ID", except for
the text on flow labels and one mention in the diagram for
preferred_address.  Of course, the mentions in the flow label text were
specifically for the "Destination Connection ID field", so that is what
I used there.

Closes #3794.


  Commit: 173f04ff83ab8d086d1c5b1dce2c3d82c7b7a498
      https://github.com/quicwg/base-drafts/commit/173f04ff83ab8d086d1c5b1dce2c3d82c7b7a498
  Author: Jana Iyengar <jri.ietf@gmail.com>
  Date:   2020-06-30 (Tue, 30 Jun 2020)

  Changed paths:
    M draft-ietf-quic-transport.md

  Log Message:
  -----------
  Merge pull request #3796 from quicwg/no-cid

Stop using CID acronym


  Commit: 39b125843495385528f3096b0f454cf781d31662
      https://github.com/quicwg/base-drafts/commit/39b125843495385528f3096b0f454cf781d31662
  Author: Martin Thomson <mt@lowentropy.net>
  Date:   2020-07-01 (Wed, 01 Jul 2020)

  Changed paths:
    M draft-ietf-quic-invariants.md

  Log Message:
  -----------
  Merge pull request #3786 from quicwg/integrity-invariant

Packets might be integrity protected


  Commit: 667ad9ddd3db9511698ccb38477484a72d2fe3f8
      https://github.com/quicwg/base-drafts/commit/667ad9ddd3db9511698ccb38477484a72d2fe3f8
  Author: Martin Thomson <mt@lowentropy.net>
  Date:   2020-07-01 (Wed, 01 Jul 2020)

  Changed paths:
    M draft-ietf-quic-tls.md

  Log Message:
  -----------
  Merge pull request #3783 from quicwg/encryption-level-bytes

Encryption level of CRYPTO determines packet type


  Commit: a4cb76d1b82ad7797c728574a7886e60c0b9e995
      https://github.com/quicwg/base-drafts/commit/a4cb76d1b82ad7797c728574a7886e60c0b9e995
  Author: Jana Iyengar <jri.ietf@gmail.com>
  Date:   2020-06-30 (Tue, 30 Jun 2020)

  Changed paths:
    M draft-ietf-quic-recovery.md

  Log Message:
  -----------
  Merge pull request #3795 from Ralith/recovery-pseudocode-cleanup

Update pseudocode references to removed function DetectLostPackets


  Commit: 610d213f7e325f8da7e398240c8470c765e22513
      https://github.com/quicwg/base-drafts/commit/610d213f7e325f8da7e398240c8470c765e22513
  Author: Martin Thomson <mt@lowentropy.net>
  Date:   2020-07-01 (Wed, 01 Jul 2020)

  Changed paths:
    M draft-ietf-quic-tls.md
    M protection-samples.js

  Log Message:
  -----------
  Merge pull request #3753 from quicwg/fix-chello

Use plausible TLS messages


  Commit: c90601e40d22867ee40b3c7fdea2762ce13379c4
      https://github.com/quicwg/base-drafts/commit/c90601e40d22867ee40b3c7fdea2762ce13379c4
  Author: Martin Thomson <mt@lowentropy.net>
  Date:   2020-06-30 (Tue, 30 Jun 2020)

  Changed paths:
    M draft-ietf-quic-http.md

  Log Message:
  -----------
  Roy's suggestion for multiplexing justification

Closes #3790.


  Commit: e3094fab788fe42ccf4ab6ee4cf023d807da6aee
      https://github.com/quicwg/base-drafts/commit/e3094fab788fe42ccf4ab6ee4cf023d807da6aee
  Author: Mike Bishop <mbishop@evequefou.be>
  Date:   2020-06-30 (Tue, 30 Jun 2020)

  Changed paths:
    M draft-ietf-quic-http.md
    M draft-ietf-quic-invariants.md
    M draft-ietf-quic-recovery.md
    M draft-ietf-quic-tls.md
    M draft-ietf-quic-transport.md
    M protection-samples.js

  Log Message:
  -----------
  Merge remote-tracking branch 'origin/master' into transport/mbishop_wglc


Compare: https://github.com/quicwg/base-drafts/compare/972e7e5dac3f...e3094fab788f