Re: Read-out on offline connection ID discussion
Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com> Wed, 24 January 2018 22:51 UTC
Return-Path: <mikkelfj@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D0D612D779 for <quic@ietfa.amsl.com>; Wed, 24 Jan 2018 14:51:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id moNR8oKhMo51 for <quic@ietfa.amsl.com>; Wed, 24 Jan 2018 14:51:05 -0800 (PST)
Received: from mail-it0-x229.google.com (mail-it0-x229.google.com [IPv6:2607:f8b0:4001:c0b::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0107B12AF84 for <quic@ietf.org>; Wed, 24 Jan 2018 14:51:04 -0800 (PST)
Received: by mail-it0-x229.google.com with SMTP id m11so19784528iti.1 for <quic@ietf.org>; Wed, 24 Jan 2018 14:51:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:in-reply-to:references:mime-version:date:message-id:subject:to; bh=rg3UXNDW58VX9yyxMfLTEkQryT0aIwLC8TBNy6ow+yM=; b=ZpP1f2LBmIfcHxKTSCxC6lBF+X/6l1ChFTIL8wkSJSEssCOOzH3LV9XZYBQKIAuKxf favO0xnfv+p+tkykmVtzabdMzBWkYceDeOR7hYKc3azwFBm+ExkoB7pu1nz/W1kR1psX U3n53T1tNMK8DY89m24LVsTMXEN67ONGCk61BD1gKPRlMYlQYzGrZTBQo3i8USJxLnsL 1Kz4Jn9RgDcJJmdzyBw/vykqZWgfpxOrs/TnA4xY2zN6J6puHnE8V3X6Aq+yXlG4N1Ih n0sDgU6aRnbr49clgfKu5IFQCSk35LZnRDAJ8Yi1POV1KBscCCQMbyN8PNK9pMhzdkd4 aW6w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:in-reply-to:references:mime-version:date :message-id:subject:to; bh=rg3UXNDW58VX9yyxMfLTEkQryT0aIwLC8TBNy6ow+yM=; b=VOSHq0XNpvlJ4pdR0IBgs2bhTQwa7BeRt3chaTg7DN+vZN6s9qe8eWBNbrJeTE4kDV zVSKthx8JleVIpWy3MOSVgblPqll3LsOwmR7yfEBRsR2sNhd88KO4Jbi5Py6u+h2dWqM oXgv6pVxJ3SYl33GIrKoTwXbWvBIcsJUyIbijxh6F5JFSeVxVI6z9Yimy2NkAspFG2te nC2muH5973on/mTIfJW/bTEVGnEd+EYawyBzNqcbg6BifCg5AACKuZZJI+KLp2wQsLsM deKHiByXtUkQQmZwvN4UmhvS4HVrkTEjBbKICpiMMDrVjhdS3LzFUi2Sg9CITS0ISQQF srdA==
X-Gm-Message-State: AKwxytdfLxqx/P4qajx40g3eO04P3Dqw87lE23k8GmueHyiXCt7fmsL6 aHLpX50iGzNxiKFHR4eg/12arIm6Jq1D3WKjvOydfg==
X-Google-Smtp-Source: AH8x227zVb6/kDEgrFAajaF7+Z2luY3GhmZxbWTFefey0Fyo079Az6et3o5kbk1vq5gXJXMRUQ6hI8iHIcaW55W+ZXM=
X-Received: by 10.36.0.209 with SMTP id 200mr10262534ita.4.1516834264398; Wed, 24 Jan 2018 14:51:04 -0800 (PST)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Wed, 24 Jan 2018 17:51:03 -0500
From: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
In-Reply-To: <CABcZeBO8UcdsPPp7D-3gZW8tuDqNhP-z+O1+WH=68KjbfYMr5A@mail.gmail.com>
References: <CABcZeBO8UcdsPPp7D-3gZW8tuDqNhP-z+O1+WH=68KjbfYMr5A@mail.gmail.com>
X-Mailer: Airmail (420)
MIME-Version: 1.0
Date: Wed, 24 Jan 2018 17:51:03 -0500
Message-ID: <CAN1APdewkGQULckLb6F4rEzcPtiFJPBVBQbkcNeupK3d+r6Sow@mail.gmail.com>
Subject: Re: Read-out on offline connection ID discussion
To: Eric Rescorla <ekr@rtfm.com>, IETF QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="001a11c1408883407c05638d7f65"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/kdBbVBHz3XzAk2q9TD3tfu4Ts-U>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Jan 2018 22:51:07 -0000
I don’t understand this requirement for the CID to be 16 bytes in order to be encrypted. If you have a unique key you can encrypt 0, truncate and xor with the CID. If you don’t have a unique key, you can encrypt a unique counter value and do the same, or derive a unique key. Kind Regards, Mikkel Fahnøe Jørgensen On 24 January 2018 at 23.37.30, Eric Rescorla (ekr@rtfm.com) wrote: Hi folks, We didn't really reach a conclusion, but here's, I think what there was at least some support for: - The long header has a variable length connection ID which has an explicit length field on the wire, with a max length (strawman: 32 bytes). The exact wire encoding to be designed by the editor. Similarly, NEW_CONNECTION_ID would have a variable length encoding. - The short header has a variable length connection ID which has an implicit length (i.e., it cannot be decoded unambiguously by an observer who is not part of the connection). However, the CID may be self-describing, so that the server may include a length field if it so chooses. There was rough consensus on the second point, but some disagreement about the first point. The major alternative proposal was to have a fixed-length CID field in the long header and NEW_CONNECTION_ID and then truncate it to an amount carried in transport_parameters. This would have the benefit that the length of the CID would be throughout the connection whereas if we wanted that rule for the other design we would need a rule. One thing that makes this second approach unattractive is that we want the server to be able to use a 16 byte connection ID (thus allowing it to be AES-encrypted) but it also needs to be able to include meta-data, such as a key-id for rotation or potentially a length. This tells us that you need to have a maximum connection ID larger than 16 bytes, and having a fixed 17-20 byte CID seems odd. -Ekr
- Read-out on offline connection ID discussion Eric Rescorla
- Re: Read-out on offline connection ID discussion Mikkel Fahnøe Jørgensen
- Re: Read-out on offline connection ID discussion Eric Rescorla
- Re: Read-out on offline connection ID discussion Christian Huitema
- RE: Read-out on offline connection ID discussion Lubashev, Igor
- Re: Read-out on offline connection ID discussion Roberto Peon
- RE: Read-out on offline connection ID discussion Lubashev, Igor
- Re: Read-out on offline connection ID discussion Roberto Peon
- Re: Read-out on offline connection ID discussion Mikkel Fahnøe Jørgensen
- Re: Read-out on offline connection ID discussion Mikkel Fahnøe Jørgensen
- Re: Read-out on offline connection ID discussion Mikkel Fahnøe Jørgensen
- Re: Read-out on offline connection ID discussion Christian Huitema
- Re: Read-out on offline connection ID discussion Brian Trammell (IETF)
- Re: Read-out on offline connection ID discussion Mikkel Fahnøe Jørgensen