Re: Consensus Calls for Transport/TLS issues, post-Cupertino

Eric Rescorla <ekr@rtfm.com> Wed, 30 October 2019 21:49 UTC

MIME-Version: 1.0
References: <4D6397AF-B411-4E67-AFD2-76E8F2AD462C@mnot.net> <CANatvzwYA-NN+p5jLu4vpgKY_G-ZoUM03CacZWS2FAPyPqgiiw@mail.gmail.com> <BN3PR00MB0083E9A10A58F4CCC7B8A5C6B3680@BN3PR00MB0083.namprd00.prod.outlook.com> <22517ab5-9a6c-4486-b7ea-03badc064cbe@www.fastmail.com> <CANatvzx=RWB1Bio7tqX7nN_Vn1SfSaE69LZbuiU5pWeXP=BwNQ@mail.gmail.com> <DB6PR10MB176678E88FF226C2EB8FF78EAC680@DB6PR10MB1766.EURPRD10.PROD.OUTLOOK.COM> <CACpbDccOe01VBjwwy=mdSi5nync8bXa506OMTbLPpBH-hoj4Sw@mail.gmail.com> <CAPDSy+4S06qHBbitdH07Ah6gJYV+ZMY4huYLVGw14Q-n6isCrg@mail.gmail.com> <BN6PR2201MB17008576E4F8400B5DDB696FDA6B0@BN6PR2201MB1700.namprd22.prod.outlook.com> <CACpbDcf+n47NXh8XMEKx6n1fiJPZ+WyuivNmuBy1vKhZYZe6Uw@mail.gmail.com> <CAM4esxQYyTQPpF13v0AT4R=TcFOa9=UCn0nWsiqwMReYFOYDYg@mail.gmail.com> <CABcZeBM2QGC+wx-UUKMkJDqxKscOgJfhqwPhr7QXg3h-GpZwfQ@mail.gmail.com> <4d408d7a-7c50-4ccc-a42b-fb2b71b0c507@www.fastmail.com> <CABcZeBMdQPMeu862uizQYKr451Y9mvwhZ4MT7h_te5ho_Y9DOQ@mail.gmail.com> <98b890c7-d57f-484c-88d5-056e4e607465@www.fastmail.com> <CABcZeBP4BwBsySd8Phhg3fd3kTMoS6E=j5tit3pg7JKe7vrb6Q@mail.gmail.com> <1e5ae15f-56cf-47c5-930a-9f5bae59763b@www.fastmail.com> <CABcZeBP2yHXaaXYtAwYfqshrENwMaMCQsmnOd3KD2DurwGy8dg@mail.gmail.com> <CAN1APdeNFGuZh5gX0MBC-CotdSeHzrHk7jqUtZJKyCcFMc2aew@mail.gmail.com> <CABcZeBO_af+CZZse+-WpjRQWj35UjRpvZMTq0_wCGoMBQE0Z2g@mail.gmail.com> <CAN1APdcxvfjmzOvtdRWm5HXyyEmwAQYm2hYNCxmnFnUfgQJnGg@mail.gmail.com>
In-Reply-To: <CAN1APdcxvfjmzOvtdRWm5HXyyEmwAQYm2hYNCxmnFnUfgQJnGg@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 30 Oct 2019 14:48:46 -0700
Message-ID: <CABcZeBMryBDamWpuk2zdoP4FHUS5NRd+UUMJTwZanDJ+AU2i6A@mail.gmail.com>
Subject: Re: Consensus Calls for Transport/TLS issues, post-Cupertino
To: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
Cc: Jana Iyengar <jri.ietf@gmail.com>, Mike Bishop <mbishop@evequefou.be>, Martin Thomson <mt@lowentropy.net>, IETF QUIC WG <quic@ietf.org>, David Schinazi <dschinazi.ietf@gmail.com>, Martin Duke <martin.h.duke@gmail.com>, Kazuho Oku <kazuhooku@gmail.com>
Content-Type: multipart/alternative; boundary="000000000000bae191059627b466"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/cyy3_kvGHQj2tGRdm7OBfxv-UY0>
Precedence: list

On Wed, Oct 30, 2019 at 2:33 PM Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
wrote:

> If the goal is to decide when the handshake is complete at both ends in
>> finite time with high probability, then it appears that an explicit signal
>> is required because you cannot rely on random (organic) 1-RTT traffic to
>> drive this process.
>>
> Well, it's not clear to me that one needs to know this, actually. I agree
> we've used this as a proxy for various things, but it's not actually clear
> to me that we need to, so we should re-examine those cases to see what the
> real preconditions are.
>
> For one thing, I would be sad if an optimised implementation needs to
> handle multiple packet number spaces. That complicates implementations
> because you need to think performance through all layers. Of course you can
> just suck it up an deal with it. Likewise, you can probably find a way
> around path migration.
>
> By compared to sending a single 1-byte HANDSHAKE_DONE frame, why would you
> do that? To marginally simplify the handshake?
>
This isn't an argument that keeping the keys around doesn't work, but
rather that you think it's the wrong engineering tradeoff. It's possible
you're right about that, but I'd like to start by establishing the agreed
upon facts of what will and will not work before we debate engineering
tradeoffs.

-Ekr

Consensus Calls for Transport/TLS issues, post-Cu… Mark Nottingham
Re: Consensus Calls for Transport/TLS issues, pos… Kazuho Oku
Re: Consensus Calls for Transport/TLS issues, pos… Nick Banks
Re: Consensus Calls for Transport/TLS issues, pos… Martin Thomson
Re: Consensus Calls for Transport/TLS issues, pos… Kazuho Oku
Re: Consensus Calls for Transport/TLS issues, pos… Mikkel Fahnøe Jørgensen
Re: Consensus Calls for Transport/TLS issues, pos… Jana Iyengar
Re: Consensus Calls for Transport/TLS issues, pos… David Schinazi
RE: Consensus Calls for Transport/TLS issues, pos… Mike Bishop
Re: Consensus Calls for Transport/TLS issues, pos… Jana Iyengar
Re: Consensus Calls for Transport/TLS issues, pos… Martin Duke
Re: Consensus Calls for Transport/TLS issues, pos… Eric Rescorla
Re: Consensus Calls for Transport/TLS issues, pos… Eric Rescorla
Re: Consensus Calls for Transport/TLS issues, pos… Martin Thomson
Re: Consensus Calls for Transport/TLS issues, pos… Eric Rescorla
Re: Consensus Calls for Transport/TLS issues, pos… Martin Thomson
RE: Consensus Calls for Transport/TLS issues, pos… Mike Bishop
Re: Consensus Calls for Transport/TLS issues, pos… Martin Thomson
Re: Consensus Calls for Transport/TLS issues, pos… Eric Rescorla
Re: Consensus Calls for Transport/TLS issues, pos… Martin Thomson
Re: Consensus Calls for Transport/TLS issues, pos… Watson Ladd
Re: Consensus Calls for Transport/TLS issues, pos… Martin Thomson
RE: Consensus Calls for Transport/TLS issues, pos… Mike Bishop
RE: Consensus Calls for Transport/TLS issues, pos… Mikkel Fahnøe Jørgensen
Re: Consensus Calls for Transport/TLS issues, pos… Eric Rescorla
Re: Consensus Calls for Transport/TLS issues, pos… Mikkel Fahnøe Jørgensen
Re: Consensus Calls for Transport/TLS issues, pos… Eric Rescorla
Re: Consensus Calls for Transport/TLS issues, pos… Mikkel Fahnøe Jørgensen
Re: Consensus Calls for Transport/TLS issues, pos… Eric Rescorla
Re: Consensus Calls for Transport/TLS issues, pos… Martin Thomson
Re: Consensus Calls for Transport/TLS issues, pos… Christian Huitema
Re: Consensus Calls for Transport/TLS issues, pos… Martin Thomson
Re: Consensus Calls for Transport/TLS issues, pos… Christian Huitema
Re: Consensus Calls for Transport/TLS issues, pos… Mark Nottingham