Re: Binary packet protocol rethink

Simon Josefsson <simon@josefsson.org> Fri, 27 November 2015 08:55 UTC

Return-Path: <bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org>
X-Original-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Delivered-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 746AD1AD481 for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Fri, 27 Nov 2015 00:55:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.185
X-Spam-Level:
X-Spam-Status: No, score=-2.185 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RP_MATCHES_RCVD=-0.585] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zue_f5IWJ7qh for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Fri, 27 Nov 2015 00:54:55 -0800 (PST)
Received: from mail.netbsd.org (mail.NetBSD.org [IPv6:2001:4f8:3:7::25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EFD691AD49D for <secsh-tyoxbijeg7-archive@lists.ietf.org>; Fri, 27 Nov 2015 00:54:53 -0800 (PST)
Received: by mail.netbsd.org (Postfix, from userid 605) id 899A214A2C7; Fri, 27 Nov 2015 08:54:46 +0000 (UTC)
Delivered-To: ietf-ssh@netbsd.org
Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id B41E514A2CB for <ietf-ssh@netbsd.org>; Fri, 27 Nov 2015 08:54:41 +0000 (UTC)
X-Virus-Scanned: amavisd-new at NetBSD.org
Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id CiaKu6XQLcYz for <ietf-ssh@netbsd.org>; Fri, 27 Nov 2015 08:54:40 +0000 (UTC)
Received: from duva.sjd.se (duva.sjd.se [IPv6:2001:9b0:1:1702::100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.netbsd.org (Postfix) with ESMTPS id 5A90814A1E4 for <ietf-ssh@netbsd.org>; Fri, 27 Nov 2015 08:54:37 +0000 (UTC)
Received: from latte.josefsson.org ([155.4.17.2]) (authenticated bits=0) by duva.sjd.se (8.14.4/8.14.4/Debian-4) with ESMTP id tAR8sNuw007337 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NOT); Fri, 27 Nov 2015 09:54:24 +0100
From: Simon Josefsson <simon@josefsson.org>
To: nisse@lysator.liu.se
Cc: Simon Tatham <anakin@pobox.com>, ietf-ssh@netbsd.org
Subject: Re: Binary packet protocol rethink
References: <87egfdxebo.fsf@latte.josefsson.org> <87egfdxebo.fsf@latte.josefsson.org> <nny4dksr3i.fsf@armitage.lysator.liu.se> <1448554180-sup-7145@atreus.tartarus.org> <nntwo8sdau.fsf@armitage.lysator.liu.se>
OpenPGP: id=54265E8C; url=http://josefsson.org/54265e8c.txt
X-Hashcash: 1:22:151127:ietf-ssh@netbsd.org::6P2pDR7q96ObbKD/:2gZV
X-Hashcash: 1:22:151127:nisse@lysator.liu.se::fxnQX1IrLXtL4DUp:3ROH
X-Hashcash: 1:22:151127:anakin@pobox.com::tqRIEpD8iIqg7cFv:nTHH
Date: Fri, 27 Nov 2015 09:54:22 +0100
In-Reply-To: <nntwo8sdau.fsf@armitage.lysator.liu.se> ("Niels \=\?iso-8859-1\?Q\?M\=F6ller\=22's\?\= message of "Thu, 26 Nov 2015 21:42:17 +0100")
Message-ID: <874mg7yg8x.fsf@latte.josefsson.org>
User-Agent: Gnus/5.130014 (Ma Gnus v0.14) Emacs/24.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
X-Virus-Scanned: clamav-milter 0.98.7 at duva.sjd.se
X-Virus-Status: Clean
Sender: ietf-ssh-owner@NetBSD.org
List-Id: ietf-ssh.NetBSD.org
Precedence: list

nisse@lysator.liu.se (Niels Möller) writes:

> The problem is the interactivity. Let's consider the simplest example
> (but I'm not saying this example captures all essentials of the
> problem). Say I let my shell connection idle for some time, then I type
> a couple of characters, and I want a timely response before I type the
> next command. Then my typing has to correspond to a TCP segment that can
> be decrypted and authenticated and passed on to the remote shell. With
> the current ssh protocol, that TCP segment will carry a single
> CHANNEL_DATA packet, possibly in combination with fragments of IGNORE
> messages and possibly other piggybacking messages, e.g., WINDOW_ADJUST.
>
> To hide the user's typing from traffic analysis is a tradeoff, with
> varying amounts of cover traffic (preferably including responses;
> there's maybe some use for an IGNORE_CONTENTS_BUT_PLEASE_REPLY message
> type).

In libssh2 there is a keepalive message that can be sent regulary.  It
is a SSH_MSG_GLOBAL_REQUEST with the want-reply bit set.  It should be
replied to (typically with a SSH_MSG_REQUEST_FAILURE message).

That said, I'm also skeptic whether this is an effort that will pan out.
I don't see the problem statement sufficiently strong to motivate work.
In general that may be because the idea is too weak, but can also be
that the problem statement is not fleshed out well enough.  Right now it
is hard to tell which case applies, but the end result is the same
(=nothing will happen).

/Simon