Re: Version Ossification: Intended Scope for QUICv1
Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com> Tue, 05 November 2019 08:49 UTC
Return-Path: <mikkelfj@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B86B120289 for <quic@ietfa.amsl.com>; Tue, 5 Nov 2019 00:49:11 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.996
X-Spam-Level:
X-Spam-Status: No, score=-0.996 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o6XhlPwtGmie for <quic@ietfa.amsl.com>; Tue, 5 Nov 2019 00:49:10 -0800 (PST)
Received: from mail-ed1-x534.google.com (mail-ed1-x534.google.com [IPv6:2a00:1450:4864:20::534]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A03201207FB for <quic@ietf.org>; Tue, 5 Nov 2019 00:49:09 -0800 (PST)
Received: by mail-ed1-x534.google.com with SMTP id c4so15500564edl.0 for <quic@ietf.org>; Tue, 05 Nov 2019 00:49:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:in-reply-to:references:mime-version:date:message-id:subject:to :cc; bh=WDVcj/zkxtAp9DCuqfyS3606kQOWOdd14ESkNCxxvxY=; b=HgHqIeI05DCABRv0AW7+t5J5dHv4CJJh/LZfPiHhCUm89eT2JojVQWiX68PK/q6l49 9AmkeB8niH0FyqaJF0z8GFBznOiCLzksIUQZKZNMaEFfUyUoKiuzjcfsOfuXc6VFFphK 1ArC0qTN1MGNfRYtdaIheLopNip2QeKS+P6aQCwiSpcbOrRmccInJ3GqwMzya+RxRNqk ehkAEcVfUovBbmygKopEx/eFVUTnaQrGGdWnRzotY/zrRnbJ2egIxNe+USdidR2qvlg5 xV3OWvUkmKLs9aPV9mqsWeI2TKfl6DwoPYAU7zzQcqx25/h7udNC+SXSRKQLiakSvOCc LfUw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:in-reply-to:references:mime-version:date :message-id:subject:to:cc; bh=WDVcj/zkxtAp9DCuqfyS3606kQOWOdd14ESkNCxxvxY=; b=SxGnOX+gH/N3AUz2gtJkND+aCQqVmBQwYUirkl6LxSE3q+ntYZxrjj/pC8oQMuijmx LdHy9KLXzw3/pUeDCWzq6RzCQh94v9Gf9yxTBSKSSyoacgIIkpLAfoXxyMuDkuVcd4EV Wrz9g1dVNURwtY4ZdBZXWuzMx0698fOKVH77nIzpPuvvleOc22MeeiHhlBPOfxJLxiTA CYOLL8teZcPz3M8mK9BWaXyPwmMp5C5kpuIFBUnVMb+9bpNnYiCFAVJP9esjzb/cSdzT 7guWI9FujWuYoEE6PxuJxqfktbEDyfn2ggzhlBt3uE8YXsPCVk7GKH/O0ohkqrkgpeE/ yU+g==
X-Gm-Message-State: APjAAAVBxOde+UcO/E9fhDHe6jYbZ9gSnJmG7wUbqvqeqOx+Zlz8rVrQ OQz0eZCJDguK1MGdkcdtMAHg6UeiI5ViznBS5KNtXNbH
X-Google-Smtp-Source: APXvYqzuatedgNH1QZu1dw2ZoTkgRVCeIynwrPJEhitUfVDWFObmvk+kjCJ2ScveZXIR2XnYZWWmu1HuP73xRw5PS+k=
X-Received: by 2002:a17:906:4d93:: with SMTP id s19mr17370225eju.285.1572943748116; Tue, 05 Nov 2019 00:49:08 -0800 (PST)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Tue, 5 Nov 2019 09:49:07 +0100
From: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
In-Reply-To: <CACpbDcetR7e01oDZ7_hihB2mpbKbOuydp6mHd474bduaMA5rbA@mail.gmail.com>
References: <CAPDSy+6E79OySoOLbJ8eWp0J-+3yeB5iGvj6sW19bEDn_V7-NA@mail.gmail.com> <CANatvzzaWFgrvnaV=VeZRAVvxqSBeMSZT5aMUu7-Vh9raeZJFw@mail.gmail.com> <BN6PR2201MB1700184D81061E2CBFD77BFBDA620@BN6PR2201MB1700.namprd22.prod.outlook.com> <e24ecddd-139d-4669-be96-b3de57557c4e@www.fastmail.com> <CACpbDcci5R7Szti7LbpH7GEm9jT2fP_Jz99Mx-bBcSe8RT43cQ@mail.gmail.com> <d5c3b4d3-2202-41d7-9ebe-3541ceec1b78@www.fastmail.com> <CACpbDcetR7e01oDZ7_hihB2mpbKbOuydp6mHd474bduaMA5rbA@mail.gmail.com>
X-Mailer: Airmail (420)
MIME-Version: 1.0
Date: Tue, 05 Nov 2019 09:49:07 +0100
Message-ID: <CAN1APdfGjt=rzU+iP+iDQvpPpCu5LCq94eUxxei7qWHZKsbNJA@mail.gmail.com>
Subject: Re: Version Ossification: Intended Scope for QUICv1
To: Jana Iyengar <jri.ietf@gmail.com>, Martin Thomson <mt@lowentropy.net>
Cc: QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000005bb5d5059695811a"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/wBAD89Jx9rJfPCIoa4ojKZLcfVU>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Nov 2019 08:49:12 -0000
I really don’t think the draft should recommend key deployments like that. It may be that baked into the binary works, but sound deployment advise is to use an environment variable for such things, then you can bake it into you deployment script if you wish. Point being, the WG should not be too specific here. On 5 November 2019 at 03.22.32, Jana Iyengar (jri.ietf@gmail.com) wrote: On Mon, Nov 4, 2019 at 5:58 PM Martin Thomson <mt@lowentropy.net> wrote: > On Tue, Nov 5, 2019, at 12:23, Jana Iyengar wrote: > > On Sun, Nov 3, 2019 at 1:46 PM Martin Thomson <mt@lowentropy.net> wrote: > > > Why can't servers just bake the "keys" into binaries? I mean, that's > not something that is likely to get lost. And it isn't really the case that > keys need to be secret, they just have to change often enough to frustrate > attempts to fixate on them. > > > > This is a fine idea, but how does it change anything? Whenever the keys > > are rotated at the server, you would still have to deal with old > > versions appearing at the server, no? > > I'm assuming that you can a) limit the time over which a token could > appear, b) use a key identifier so that keys can be changed, and c) keep > old keys in the code until the associated tokens are all expired. > Right, that makes sense. I think your point about not requiring this to be rotated frequently is a good one, and we might even want to suggest your idea of baking the key into the binary.
- Version Ossification: Intended Scope for QUICv1 David Schinazi
- Re: Version Ossification: Intended Scope for QUIC… Kazuho Oku
- RE: Version Ossification: Intended Scope for QUIC… Mike Bishop
- Re: Version Ossification: Intended Scope for QUIC… Martin Thomson
- Re: Version Ossification: Intended Scope for QUIC… Jana Iyengar
- Re: Version Ossification: Intended Scope for QUIC… Martin Thomson
- Re: Version Ossification: Intended Scope for QUIC… Jana Iyengar
- Re: Version Ossification: Intended Scope for QUIC… Mikkel Fahnøe Jørgensen
- RE: Version Ossification: Intended Scope for QUIC… Lubashev, Igor
- Re: Version Ossification: Intended Scope for QUIC… Eric Rescorla
- Re: Version Ossification: Intended Scope for QUIC… Christian Huitema
- Re: Version Ossification: Intended Scope for QUIC… Ian Swett
- Re: Version Ossification: Intended Scope for QUIC… Roberto Peon
- Re: Version Ossification: Intended Scope for QUIC… Marten Seemann
- Re: Version Ossification: Intended Scope for QUIC… Eric Rescorla
- Re: Version Ossification: Intended Scope for QUIC… Martin Thomson
- Re: Version Ossification: Intended Scope for QUIC… Ian Swett