Re: [secdir] Secdir review of draft-ietf-tls-record-limit

Martin Thomson <> Tue, 06 March 2018 08:41 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id AEF27124D37; Tue, 6 Mar 2018 00:41:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id KV6k0AW6nDm0; Tue, 6 Mar 2018 00:41:49 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4003:c0f::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E3B23120724; Tue, 6 Mar 2018 00:41:48 -0800 (PST)
Received: by with SMTP id r30so337853otr.2; Tue, 06 Mar 2018 00:41:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=Ev35vhhYBOosIFkSIOmXjTZ17Nutwj1jVHgc0Pv4tDU=; b=vCB0xdgR68JChZuxSE5m4M4bTVKR82bvbxhoJE+cpAPV+X/TcrweLbOfb8xfC7SGJ1 XMFLmFsTyMA9iWcWiaq0tYHKjXqX9SjjOlbWN7WRAj3Uwv2iJaxzJkeivwAiaX55ie1s fK8VQgWaqeqqlE2C3ZCwnt77A/xZ4ora7PXZSSv15qirTcaBICC4eaY/8Kbp34Y7txQe ryf24PQjyayXzYlTPx4pU+PuRVexUzjD1mJn43P2OacXJolUNdZw1QsxayfCRpGndVaX xA/O3m/clDIf0mR1Wl75FEgVUFKJk5oDAuNwcACCy61CP8JlUP8L0+f3nIu22m/ob6JH m1YQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=Ev35vhhYBOosIFkSIOmXjTZ17Nutwj1jVHgc0Pv4tDU=; b=YKwRDSoTOTAjIBCsxF08DB4jOg5nqXzxCshU9GOMXkuJAK/YRNLdFUl06NsNmL9vyv WM+sb6e9GRIYhlFDiNxO6M/SwgrQfGxr1a6PswdFjDznI0BYxcRSOhEj+LLGTladg5gp lNcD0m04xxfcwQZ7d2vUFJpmrxrm7HZckvD+tivSyCxNtEpntBJ7416cevRQgQ7eFOTv A6FDbZ76VZsmPagmrQEhdHeuuClSi6WcImgnLSIiWYNOwItC6KUn/qgAc2qtHSCZJRd+ 6KUCKeouhu3FXJdGf4Y+74QuyAs9pT1haoJPEF/8wZedTBp87DX1pAYaHv9qe+wDE/A6 xcew==
X-Gm-Message-State: AElRT7Gqco4LcA0Ynn4cLzztJN3YVmOxXcsYD6irRselRPCtD/ebvory CH0Zu8zWkOjJVYNbtikU21jLOdVhCbY+cgVVBsk=
X-Google-Smtp-Source: AG47ELsZj7/EVSWAsEt4wSqdN/6srGtaIM9AupIcJZuzP++mN6w0WuXShGJkH4XD1QQmYvDTLxrOnsedzMpv1ZV1xQo=
X-Received: by with SMTP id p16mr4911576otf.15.1520325708249; Tue, 06 Mar 2018 00:41:48 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Tue, 6 Mar 2018 00:41:47 -0800 (PST)
In-Reply-To: <>
References: <> <> <> <> <> <> <> <> <> <>
From: Martin Thomson <>
Date: Tue, 6 Mar 2018 19:41:47 +1100
Message-ID: <>
To: Hannes Tschofenig <>
Cc: Benjamin Kaduk <>, Alan DeKok <>, "" <>, IESG <>, "" <>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Subject: Re: [secdir] Secdir review of draft-ietf-tls-record-limit
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Security Area Directorate <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 06 Mar 2018 08:41:51 -0000

Just to follow-up. I think that removing the "especially handshake
messages" will help resolve this.  This implies that handshake
messages are always unprotected, which is not the case.

The change that I propose:

-RecordSizeLimit value it receives from its peer.  Unprotected messages -
-handshake messages in particular - are not subject to this limit.
+RecordSizeLimit value it receives from its peer.  Unprotected messages are not
+subject to this limit.

On Tue, Mar 6, 2018 at 3:51 AM, Hannes Tschofenig
<>; wrote:
> I believe we are on the same page with regards to this issue.
> -----Original Message-----
> From: Martin Thomson []
> Sent: 04 March 2018 23:03
> To: Hannes Tschofenig
> Cc: Benjamin Kaduk; Alan DeKok;; IESG;
> Subject: Re: Secdir review of draft-ietf-tls-record-limit
> On Mon, Mar 5, 2018 at 2:57 AM, Hannes Tschofenig <>; wrote:
>> [Hannes] I am not sure I fully understand the approach. Even if
>> someone uses TCP a RAM limitation will not go away. TCP is likely to
>> make the situation worse since it requires some amount of RAM as well
>> even with the best possible configuration. (There is this work in LWIG
>> on TCP implementation guidance where the authors are supposed to
>> provide some information about the actual RAM usage of various TCP
>> features and settings.)
> Let me try to explain more.
> An endpoint that can't handle a big packet (whether that be a big TCP segment or a big UDP datagram) can always pretend that this is a link issue and send the appropriate ICMP message.  That limits the size of packets they receive, at least to the point that the minimum for the IP version in use is reached (576 for v4, 1280 for v6).  I'm not sure what fragmentation does here, other than make things far worse.
> If there are multiple packets arriving and no space for more than one, then the endpoint can pretend that it didn't receive the packet.  TCP also has ACKs, which the endpoint can withhold until it has space.
> Thus, the endpoint can hold as little as a single MTU of data at once.
> Given that it is not encrypted, my understanding is that there is no need to constrain how it is turned into records.
> Note that a constrained server has to handle a full ClientHello - the client won't know the limit at the server.
> IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.