IETF Logo Mail Archive

Re: [quicwg/base-drafts] Describe inputs to TLS more clearly (#4011)

Mike Bishop <notifications@github.com> Thu, 03 September 2020 15:27 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4AA1B3A0F3B for <quic-issues@ietfa.amsl.com>; Thu, 3 Sep 2020 08:27:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.697
X-Spam-Level:
X-Spam-Status: No, score=-1.697 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bB8TQBFJGilw for <quic-issues@ietfa.amsl.com>; Thu, 3 Sep 2020 08:27:39 -0700 (PDT)
Received: from out-18.smtp.github.com (out-18.smtp.github.com [192.30.252.201]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D5C123A0F34 for <quic-issues@ietf.org>; Thu, 3 Sep 2020 08:27:38 -0700 (PDT)
Received: from github-lowworker-a6a2749.va3-iad.github.net (github-lowworker-a6a2749.va3-iad.github.net [10.48.16.62]) by smtp.github.com (Postfix) with ESMTP id 1E5F5340EDD for <quic-issues@ietf.org>; Thu, 3 Sep 2020 08:27:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1599146858; bh=FqWmhy/0EThUeIN0rMcOZgDuD0IcNpx9l+L3Inj2+7s=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=PT0dkJzCh+jrYIG3df0RRKwgHRgLR2qds/ztq7ig3y/ntiFbSX8kERAPiVFymMY/0 7aDYUfcNBxYCDNbgbNYhsyweLZEhfTSlhYf078OkXilg478VjboXoCw0JX5mejGAy7 T1R6wtGemqtOfZEz4BKKuO8KKIl5Z7h916xdBkj8=
Date: Thu, 03 Sep 2020 08:27:38 -0700
From: Mike Bishop <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJKYXIJJILYP4YB5CLKN5LTWGVEVBNHHCRENCFU@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/4011/review/481953908@github.com>
In-Reply-To: <quicwg/base-drafts/pull/4011@github.com>
References: <quicwg/base-drafts/pull/4011@github.com>
Subject: Re: [quicwg/base-drafts] Describe inputs to TLS more clearly (#4011)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5f510b6af4ab_4ea519f035269a"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: MikeBishop
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/rPgl6AXrkYtZ2KPO-UfyZlZyMVM>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Sep 2020 15:27:40 -0000

@MikeBishop approved this pull request.



> @@ -499,12 +499,23 @@ handshake, new data is requested from TLS after providing received data.
 ### Encryption Level Changes
 
 As keys at a given encryption level become available to TLS, TLS indicates to
-QUIC that reading or writing keys at that encryption level are available.  While
-generating these keys, an endpoint SHOULD buffer received packets marked as
-protected by the keys being generated, and process them once those keys become
-available.  If the keys are generated asynchronously, an endpoint MAY continue
-responding to the received packets that were processable while waiting for TLS
-to provide these keys.
+QUIC that reading or writing keys at that encryption level are available.
+
+The events that cause new keys to be available are not asynchronous; they

Given that you describe in the following paragraph that the keys might well results from asynchronous processing, I'm not convinced that "not asynchronous" is the proper claim to make here.  I think this claim is really trying to say that key generation isn't spontaneous, and you don't have to have a callback mechanism for TLS to just decide to give you keys out of the blue.  However (following paragraph), the time from input to completion-with-keys can take a while and shouldn't be blocking.

Perhaps something like "The availability of new keys is always a result of inputs provided to TLS."?

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/4011#pullrequestreview-481953908

v2.31.3 | Report a Bug | By Email | System Status