IETF Logo Mail Archive

RE: Requiring per application data in session ticket seems wrong

Mike Bishop <mbishop@evequefou.be> Thu, 26 September 2019 18:23 UTC

Return-Path: <mbishop@evequefou.be>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E20381200CE for <quic@ietfa.amsl.com>; Thu, 26 Sep 2019 11:23:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2HBr2s8-R5uw for <quic@ietfa.amsl.com>; Thu, 26 Sep 2019 11:23:32 -0700 (PDT)
Received: from NAM05-BY2-obe.outbound.protection.outlook.com (mail-eopbgr710127.outbound.protection.outlook.com [40.107.71.127]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C9B3E12008B for <quic@ietf.org>; Thu, 26 Sep 2019 11:23:32 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Q53ajEW1tqArbA71NeQqjOfPNMwK8aR9484UIskx400NMlTCsGCWxTdm/wfqTxmJXBONauT7JEM1nUU2E1uR5u7FQdNzMGMOn2pQMb7Lwr5BamdLR6mDVcJIl+XcKs1LYzqlT2tj0T5Wa32sTUmwZHYeabrHv9jbEjGRNRgurGMbdw79U96z+5f5vR2+54DDi58wY93QawfYaRxUZet2ymFVnvsG+24E9a4pe/JIqHPcVWoLU+fdUAIT9+AenzM4vk22GZ8JqXHc2lmNxDbr1gK9xOmQSA0/MvBRqbIjKzGe3VwJpka4qfQCBy0v9khi8x6GkknaJnsX/QxPj7YPYg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/hl96P4XYoKc3CQsPf8ffgr8bBH1TlFbjfsq3QPrZt4=; b=NmG6GJ+eJsQioLAzFMODL/lI8KigBuvGgEcfjxbk1ixpPoNITRTBuCmJ8cYjDf2qXJQu8KE4tWDPeo+GVQS/rn+bZ/DCK0udqB08xg08SwgfYqXhgAQVsEozul1zTMglRFVIK23pVnY/C/5PyC6dCzWQciM7BiK+Z8PYCgtg1anKHCzphYPbBPcwE4I3v5Grklq3dxXPBuLoCLboGEBoh56Ixfz4Yx9ELowpFED9oYrVfeRIGLCUIYR8qnQGRuY3wS15t1VqgGh4BvvBJOBHJX72Ama+9bxy3EC9BH4wgOxs2pqaT9cziWrGhTtmKTQqB/sDcMjpptLFgRXJjcM13A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=evequefou.be; dmarc=pass action=none header.from=evequefou.be; dkim=pass header.d=evequefou.be; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector2-evequefou-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/hl96P4XYoKc3CQsPf8ffgr8bBH1TlFbjfsq3QPrZt4=; b=J5OfupxCSybalMscMw2On9WNs05BXH400298adkw+PMnKPFaijwm8D9/Rx+vbWCMBh7BXxQ7fTqE++GOJo78mCUoFGV+dCcXW5wka1e9c8uXZ7HBq9sBhJxDghNu8qho+dVinRi0ogWXroHCwSVSPK8ydhQmNME6bDAdqwebyKo=
Received: from BN6PR2201MB1202.namprd22.prod.outlook.com (10.174.80.146) by BN6PR2201MB1251.namprd22.prod.outlook.com (10.174.81.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2284.25; Thu, 26 Sep 2019 18:23:31 +0000
Received: from BN6PR2201MB1202.namprd22.prod.outlook.com ([fe80::288b:d6ec:1e00:c3c]) by BN6PR2201MB1202.namprd22.prod.outlook.com ([fe80::288b:d6ec:1e00:c3c%12]) with mapi id 15.20.2284.028; Thu, 26 Sep 2019 18:23:31 +0000
From: Mike Bishop <mbishop@evequefou.be>
To: Benjamin Kaduk <bkaduk@akamai.com>, Christian Huitema <huitema@huitema.net>
CC: IETF QUIC WG <quic@ietf.org>
Subject: RE: Requiring per application data in session ticket seems wrong
Thread-Topic: Requiring per application data in session ticket seems wrong
Thread-Index: AQHVae8L1AyEzzkcwUixLpixqBWrLKcp0JsAgBSJg8A=
Date: Thu, 26 Sep 2019 18:23:31 +0000
Message-ID: <BN6PR2201MB1202AA8CEAFC23FDB5B741C5DA860@BN6PR2201MB1202.namprd22.prod.outlook.com>
References: <a3d65ce8-6075-5f39-9532-d24fad6da572@huitema.net> <20190913164232.GN3806@akamai.com>
In-Reply-To: <20190913164232.GN3806@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mbishop@evequefou.be;
x-originating-ip: [2600:2b00:931f:a301:ad10:cc00:8cc7:f6a6]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: b30216d3-9fd4-474d-92a3-08d742aea29e
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(7021145)(8989299)(4534185)(7022145)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(5600167)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:BN6PR2201MB1251;
x-ms-traffictypediagnostic: BN6PR2201MB1251:
x-ms-exchange-purlcount: 1
x-microsoft-antispam-prvs: <BN6PR2201MB1251FB146EC667B2FA492811DA860@BN6PR2201MB1251.namprd22.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0172F0EF77
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(979002)(396003)(366004)(39830400003)(346002)(376002)(136003)(13464003)(199004)(189003)(6116002)(6436002)(102836004)(81166006)(8676002)(81156014)(8936002)(52536014)(76116006)(66476007)(66946007)(33656002)(64756008)(66556008)(66446008)(5660300002)(53546011)(4326008)(74316002)(7736002)(305945005)(71190400001)(486006)(476003)(11346002)(9686003)(446003)(316002)(110136005)(256004)(7696005)(2906002)(76176011)(99286004)(14444005)(229853002)(46003)(71200400001)(6246003)(6506007)(186003)(25786009)(14454004)(55016002)(86362001)(966005)(6306002)(508600001)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR2201MB1251; H:BN6PR2201MB1202.namprd22.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: evequefou.be does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: RH4HzS+YdCALNkzz0h8S9aLw4UVKE6MWQWHcF06SQ5tKXMIwVcSPyg7NDiR8qnqZtkVipzCGM9HMPC999iWJJK1jMvEbs2FMDfNVIl96yDC+edzJwoKe7KS1c7maslDNjzhF3Zj1PvTYVPU5XpHmjWhYjTk8e4gK7QUqO0krjppaViwJLTqbNyDv60YdpxZDR51V2X7lk9sP2kB3PY6O+fykcwi68jE206V/2NohlU6pL09y4hAg98ZUzUgRvFOHcIXKquFEkPrGCgKLLeGemUFgO5V+kzUWTwvHvGoMQfnRSXDLkXUNfbNeMUj27qAhVvnZd4cV94EOyGmmdPh9lvSGOnr6ZMB4bKmgXwBWOvHqc5VkcjUJ6eKgIRi4z3S5hGhKCQxlZToqKAjBg2r3p+ryMoCtCWJv3ply5rT7ySHHAQ6W8zNy0qCCZI0jv0sFNy3ZeVaZEYP2WrwPEIWSow==
x-ms-exchange-transport-forked: True
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-Network-Message-Id: b30216d3-9fd4-474d-92a3-08d742aea29e
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Sep 2019 18:23:31.5208 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: wIxhvcnykENMHICujIvs+oXnVBqNWliOuocsQ3UQQerVXlWxuUgAdKwkneKF0ELUtt0n0ZH3PuHH9Jdt0blH0A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR2201MB1251
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/9BkLuyxUEf3FZk5Ejcf2QDd1xJo>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Sep 2019 18:23:35 -0000

As noted on the issue, it's worth remembering that RFC 8446 specifically talks about this:
   In order to accept early data, the server MUST have accepted a PSK
   cipher suite and selected the first key offered in the client's
   "pre_shared_key" extension.  In addition, it MUST verify that the
   following values are the same as those associated with the
   selected PSK:

   -  The TLS version number

   -  The selected cipher suite

   -  The selected ALPN [RFC7301] protocol, if any

   These requirements are a superset of those needed to perform a 1-RTT
   handshake using the PSK in question.  For externally established
   PSKs, the associated values are those provisioned along with the key.
   For PSKs established via a NewSessionTicket message, the associated
   values are those negotiated in the connection during which the ticket
   was established.

ALPN matching is a requirement for early data with TLS 1.3.  Embedded application data is a requirement for Early Data with QUIC, and it relies on this existing requirement.  If some future version of TLS doesn't have this requirement, QUIC will need to decide how to cope with that.

-----Original Message-----
From: QUIC <quic-bounces@ietf.org> On Behalf Of Benjamin Kaduk
Sent: Friday, September 13, 2019 12:43 PM
To: Christian Huitema <huitema@huitema.net>
Cc: IETF QUIC WG <quic@ietf.org>
Subject: Re: Requiring per application data in session ticket seems wrong

On Thu, Sep 12, 2019 at 09:52:01PM -0700, Christian Huitema wrote:
> I am busy implementing draft-23 in picoquic, and I found out the new 
> section 5.4. of the transport draft, "Required Operations on 
> Connections".  It is fine, except for the requirements that servers 
> are able to encode application specific settings in the session resume 
> tickets. This makes the ticket specific to the combination of SNI + 
> ALPN, instead of just SNI as implied by RFC 8446. Seems like a bad idea.
> More discussion in https://github.com/quicwg/base-drafts/issues/3028.

It's not clear to me that this specifically makes the ticket tied to the ALPN, but rather that a given ticket (still tied to SNI) may or may not have some additional information that allows for additional functionality when used with a specific ALPN.  A ticket with that additional information could well be used with a different ALPN and the same SNI (though the logistics of getting additional information in place that would allow a single ticket to get enhanced functionality with more than one ALPN could be challenging.  In this case, if you don't have that additional information, you can't use early data, for example.

-Ben

v2.23.0 | Report a Bug | By Email