Re: Consensus Calls for Transport/TLS issues, post-Cupertino
Kazuho Oku <kazuhooku@gmail.com> Tue, 22 October 2019 04:57 UTC
Return-Path: <kazuhooku@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9D60D120AF3 for <quic@ietfa.amsl.com>; Mon, 21 Oct 2019 21:57:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PWzoUD-_OvDp for <quic@ietfa.amsl.com>; Mon, 21 Oct 2019 21:57:51 -0700 (PDT)
Received: from mail-lj1-x22d.google.com (mail-lj1-x22d.google.com [IPv6:2a00:1450:4864:20::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A781120074 for <quic@ietf.org>; Mon, 21 Oct 2019 21:57:51 -0700 (PDT)
Received: by mail-lj1-x22d.google.com with SMTP id q78so529415lje.5 for <quic@ietf.org>; Mon, 21 Oct 2019 21:57:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=XqiM0HN6IA1QK6KSpnz+yjS83oh7ngsvNUm+33XsJy4=; b=Q4v8n98niq92lH7PvdMlI9oR1JpnOty9X2WWC+FuIYe4gf7fBgR5P03+uzylsNajxI HbgCkwtwDOp3eZ8RIW6ADXiaEXw8sKvzdxkX0IESLhz/+Sj7yy4z1N+Sc5nq9z81vmJw 2n0MOiCiP02d4DSP5LttLdH/VaJynIrgV6BovusaG+hTs6GcFGFgw8bFr3KE04OHGFY2 P52918ySLAoJ7++NI/OZvhZRE1cZ2eGgzZn4snwEIjyK++IfBa6O9WL11um7/OwdW5Le uoKEsWS/Uck38Bslg6XHA0ai+0Qd2hdrY7mDYWjl7U8L1H2ZOS0xogFMk7RtkRl688BK YbTw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=XqiM0HN6IA1QK6KSpnz+yjS83oh7ngsvNUm+33XsJy4=; b=D5EkSkbNyHoYlRxlacMt6dckNCAod7ofSbBLz/BrQ0Qq7ADVOUGw+xStMgdpvHb2fK INs8Z2D7/lkie16lgO3VGvBvtLRQMPT/GTC34xm5FVQdpaDEoROZZPiDKxDil/k7hxI0 xqS6fj772m1ZEXUqPSSXUM4cveXPD+hed9bo7MKZxVscMP1cclFFzB6c4Uc2zSE5o+Nh Y41YHTTP5HFTcJsHPxzcYzm3cEAEeCZlo/sSgc/hN05wPV59bY8Y282Y7exykvsN0oiQ lDUjHhH20VAp8w1y9WdB7uWMpiwU5nFN6/cwU2EBE6oXWUwfrJmdeELhCuoHfHwhzYL/ AREw==
X-Gm-Message-State: APjAAAUXN5FP4/Pjlo5TwsobDRFtUqN0CbRP/ihEplNY4xJ2+Vqomc7d NR2S+KQ2GX5Aoxb9X5I6k9FURYnNilOTXRb5Ta+gzg==
X-Google-Smtp-Source: APXvYqz5UevAihHMjLOCIW4wkJJ5kpPSUBp+uq6J415g5nbmoSrQ37/Hu3svcA0Ud+txu3w7EP4pe9Vf2PDoO5bN8G4=
X-Received: by 2002:a05:651c:326:: with SMTP id b6mr2063967ljp.119.1571720269294; Mon, 21 Oct 2019 21:57:49 -0700 (PDT)
MIME-Version: 1.0
References: <4D6397AF-B411-4E67-AFD2-76E8F2AD462C@mnot.net> <CANatvzwYA-NN+p5jLu4vpgKY_G-ZoUM03CacZWS2FAPyPqgiiw@mail.gmail.com> <BN3PR00MB0083E9A10A58F4CCC7B8A5C6B3680@BN3PR00MB0083.namprd00.prod.outlook.com> <22517ab5-9a6c-4486-b7ea-03badc064cbe@www.fastmail.com>
In-Reply-To: <22517ab5-9a6c-4486-b7ea-03badc064cbe@www.fastmail.com>
From: Kazuho Oku <kazuhooku@gmail.com>
Date: Tue, 22 Oct 2019 13:57:38 +0900
Message-ID: <CANatvzx=RWB1Bio7tqX7nN_Vn1SfSaE69LZbuiU5pWeXP=BwNQ@mail.gmail.com>
Subject: Re: Consensus Calls for Transport/TLS issues, post-Cupertino
To: Martin Thomson <mt@lowentropy.net>
Cc: IETF QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000567244059578a4c7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/r6QvSeykzXRloRnRWNzDt3jeQCo>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Oct 2019 04:57:54 -0000
2019年10月22日(火) 11:38 Martin Thomson <mt@lowentropy.net>: > On Tue, Oct 22, 2019, at 12:39, Nick Banks wrote: > > I'd also prefer to fix the problem, even if it means bringing back > > something like RETIRE_KEY. > > I would prefer to think of this proposed resolution as a temporary one. I > don't think that we agreed to keep the handshake keys indefinitely, only > that we would use that option as a fallback position until we found a > better solution. > I might point out that #3121 is not proposal-ready as a way to resolve #2863. That is because it does not define how to send and receive Handshake packets until or after migration happens. There would be a deadlock unless both endpoints agree on how that should be done (e.g., how to select SCID, whether the path used for Handshake packets migrates too). Without that being clarified, can we say that we are ready for a consensus call? > > On that basis, I think that it would be best if we open a new issue that > says "Handshake keys can't ever be dropped". > > We might still conclude not to address that issue, but the important thing > is to ensure that any solution works properly. > > -- Kazuho Oku
- Consensus Calls for Transport/TLS issues, post-Cu… Mark Nottingham
- Re: Consensus Calls for Transport/TLS issues, pos… Kazuho Oku
- Re: Consensus Calls for Transport/TLS issues, pos… Nick Banks
- Re: Consensus Calls for Transport/TLS issues, pos… Martin Thomson
- Re: Consensus Calls for Transport/TLS issues, pos… Kazuho Oku
- Re: Consensus Calls for Transport/TLS issues, pos… Mikkel Fahnøe Jørgensen
- Re: Consensus Calls for Transport/TLS issues, pos… Jana Iyengar
- Re: Consensus Calls for Transport/TLS issues, pos… David Schinazi
- RE: Consensus Calls for Transport/TLS issues, pos… Mike Bishop
- Re: Consensus Calls for Transport/TLS issues, pos… Jana Iyengar
- Re: Consensus Calls for Transport/TLS issues, pos… Martin Duke
- Re: Consensus Calls for Transport/TLS issues, pos… Eric Rescorla
- Re: Consensus Calls for Transport/TLS issues, pos… Eric Rescorla
- Re: Consensus Calls for Transport/TLS issues, pos… Martin Thomson
- Re: Consensus Calls for Transport/TLS issues, pos… Eric Rescorla
- Re: Consensus Calls for Transport/TLS issues, pos… Martin Thomson
- RE: Consensus Calls for Transport/TLS issues, pos… Mike Bishop
- Re: Consensus Calls for Transport/TLS issues, pos… Martin Thomson
- Re: Consensus Calls for Transport/TLS issues, pos… Eric Rescorla
- Re: Consensus Calls for Transport/TLS issues, pos… Martin Thomson
- Re: Consensus Calls for Transport/TLS issues, pos… Watson Ladd
- Re: Consensus Calls for Transport/TLS issues, pos… Martin Thomson
- RE: Consensus Calls for Transport/TLS issues, pos… Mike Bishop
- RE: Consensus Calls for Transport/TLS issues, pos… Mikkel Fahnøe Jørgensen
- Re: Consensus Calls for Transport/TLS issues, pos… Eric Rescorla
- Re: Consensus Calls for Transport/TLS issues, pos… Mikkel Fahnøe Jørgensen
- Re: Consensus Calls for Transport/TLS issues, pos… Eric Rescorla
- Re: Consensus Calls for Transport/TLS issues, pos… Mikkel Fahnøe Jørgensen
- Re: Consensus Calls for Transport/TLS issues, pos… Eric Rescorla
- Re: Consensus Calls for Transport/TLS issues, pos… Martin Thomson
- Re: Consensus Calls for Transport/TLS issues, pos… Christian Huitema
- Re: Consensus Calls for Transport/TLS issues, pos… Martin Thomson
- Re: Consensus Calls for Transport/TLS issues, pos… Christian Huitema
- Re: Consensus Calls for Transport/TLS issues, pos… Mark Nottingham