Re: [tcpinc] Eric Rescorla's Discuss on draft-ietf-tcpinc-tcpcrypt-09: (with DISCUSS and COMMENT)

"Black, David" <David.Black@dell.com> Mon, 27 November 2017 19:15 UTC

Return-Path: <David.Black@dell.com>
X-Original-To: tcpinc@ietfa.amsl.com
Delivered-To: tcpinc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3571126C83; Mon, 27 Nov 2017 11:15:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.501
X-Spam-Level:
X-Spam-Status: No, score=-5.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-2.8, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=dell.com header.b=DzSO64Zh; dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=emc.com header.b=KCg0p6Il
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YZpRqklZLzvC; Mon, 27 Nov 2017 11:15:49 -0800 (PST)
Received: from esa1.dell-outbound.iphmx.com (esa1.dell-outbound.iphmx.com [68.232.153.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B1A28126C3D; Mon, 27 Nov 2017 11:15:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=dell.com; i=@dell.com; q=dns/txt; s=smtpout; t=1511809912; x=1543345912; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=/yI01bc7sn/3/JCIVFVcCdP33rhIyq458cGF0oAc28A=; b=DzSO64Zh6Q2Jc+VARK3zXDWPfo1iZP2bX6nOzld79s196UKLtAPxtiR1 CZ5y6dU1ChFf8k3NuVsKYiHLRc0WbSkG2Fge6iKvem46WnhBejkF4DA/9 m1T5SfYvgH1kLMmaMFHp53eZgKEWoBeUumLhMPSWCeEqM3Wal+TfLy/rm U=;
IronPort-PHdr: =?us-ascii?q?9a23=3ARg9jARYw8EcXQdiLtqp/KTb/LSx+4OfEezUN459i?= =?us-ascii?q?sYplN5qZps27Zh7h7PlgxGXEQZ/co6odzbGH4+a4ASQp2tWoiDg6aptCVhsI24?= =?us-ascii?q?09vjcLJ4q7M3D9N+PgdCcgHc5PBxdP9nC/NlVJSo6lPwWB6nK94iQPFRrhKAF7?= =?us-ascii?q?Ovr6GpLIj8Swyuu+54Dfbx9GiTe5Yr5+Ngm6oRnMvcQKnIVuLbo8xAHUqXVSYe?= =?us-ascii?q?RWwm1oJVOXnxni48q74YBu/SdNtf8/7sBMSar1cbg2QrxeFzQmLns65Nb3uhnZ?= =?us-ascii?q?TAuA/WUTX2MLmRdVGQfF7RX6XpDssivms+d2xSeXMdHqQb0yRD+v9LlgRgP2hy?= =?us-ascii?q?gbNj456GDXhdJ2jKJHuxKquhhzz5fJbI2JKPZye6XQds4YS2VcRMZcTyxPDJ2h?= =?us-ascii?q?YYsTAeQPPuhYoIv8p1QSohWxChKhBP/0xTJMmnP6wbE23uYnHArb3AIgBdUOsH?= =?us-ascii?q?HModn7KaoSVfq6w7XLzTnbcvhY1y3y6JbJch88r/2HQLV9f8TLxkkxFgPKk0+c?= =?us-ascii?q?pJHhPzyPyusNsHOW4Pd+WuKrj24rsR1+oj+qxso1jITCm4wbylfB9SpjwYY1I8?= =?us-ascii?q?W1SE9lbt64HptcrSaaN5F5Qs4kXmpmuz46x6UHtJO4ZiQG1poqywDFZ/Cac4WF?= =?us-ascii?q?7AjvWPiNLTp2nH5pZa6ziwys/UWuyeDwTMa53VlQoiZYnNTBtWgB1xLN5cWEVv?= =?us-ascii?q?dw+0Ks1DWA2g3X5OFJJEA5mrfBJJI/x7M8i4cfvl/GEyL5lkj7j6+be0M58eay?= =?us-ascii?q?8evneK/pppqEOo9xjQHxL7ohl9SkAeQ9LggOR2+b+fmg1LH7/U32XrFKjvoun6?= =?us-ascii?q?bHq5DVP8QWqrSkDABL1oYj7w+zDzC70NQEhnYHK09FeBSagIT3IV3OIej4Dfe6?= =?us-ascii?q?g1Wjijtk2/fGPrj5DpXMKHjMjqvhcK585kNf0gY/095S64xOBr0cIP/+VFX9uM?= =?us-ascii?q?LEAhI3KwC0xvzoCNR51oMQQ2KPBaqZPbvcv1CS+OIvIvSDaJUItTb5Mfcq+/3u?= =?us-ascii?q?gGQkllADeamp2YEbZ2y/HvRjO0mZe2bjgs8dEWcWuQozVPHliEeYXj5de3a+Rq?= =?us-ascii?q?M86S8nCIKoFIvDWpyigKSA3Ce9ApJaf3xGBUyUEXj0bYWFW+8MaD6JL89gjDME?= =?us-ascii?q?SbahR5Um1RG0uw/w06BnIfbM+i0EqZLj08B45+zNmhEp+jx5FMWd3H+RT2F6hG?= =?us-ascii?q?8IQCU23K9nq0xn1liDybR4g+BfFdFL+/NGTh86NZ/az+NmEtz9RgLBcc2ISFa8?= =?us-ascii?q?WdWrGjAxQcwtw98AeUp9HM+ijh/b1SqwH7AVj6CLBIAz8q/Ew3j+O959y3fA1K?= =?us-ascii?q?Y9lFQmQ9VANXGohqJl8AjTHYHJwA2lkPOJZKARlBTK72rLmWmUu1pVeA1qVr7I?= =?us-ascii?q?G3cFaR2S5fnj50iKdbK1ArM9NgIJncOBMINQdtPsy15BQaGwFs7ZZjf7sWO5Dh?= =?us-ascii?q?XMjp+FcovmMS1J8CzDCURCuQQa9nWuOQU6AmGqpGeIX28mLk7mf065qbo2k3i8?= =?us-ascii?q?VEJhiljSN0A=3D?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A2EjAAAIZBxah8uZ6ERdGgEBAQEBAgEBA?= =?us-ascii?q?QEIAQEBAYJsgSYQbicHg3iKII8UgX2WbRCBPkMKI4RJTwIahFo/GAEBAQEBAQE?= =?us-ascii?q?BAQECEAEBAQoLCQgoL4I4JAEOSCEFBgEBAQEBASYBAQEBAQEBAQEBAQEBAQEBA?= =?us-ascii?q?QEXAj0BEgEBGAEBAQECASMRDB8aAQsEAgEIDgMEAQEBAgIGHQMCAgIwFAEICAI?= =?us-ascii?q?EAQ0FCIoSCAEPpwaCJ4MQh2oBAQEBAQEBAQEBAQEBAQEBAQEBAQEVAwWBD4Irg?= =?us-ascii?q?TZRgVaBaIMrhGkBEQIBCBgVgn4xgjKiRQYCqFiWDQIEAgQFAhqBOh+BG29vToI?= =?us-ascii?q?pglIQDBmBTncBiRKBFAEBAQ?=
X-IPAS-Result: =?us-ascii?q?A2EjAAAIZBxah8uZ6ERdGgEBAQEBAgEBAQEIAQEBAYJsgSY?= =?us-ascii?q?QbicHg3iKII8UgX2WbRCBPkMKI4RJTwIahFo/GAEBAQEBAQEBAQECEAEBAQoLC?= =?us-ascii?q?QgoL4I4JAEOSCEFBgEBAQEBASYBAQEBAQEBAQEBAQEBAQEBAQEXAj0BEgEBGAE?= =?us-ascii?q?BAQECASMRDB8aAQsEAgEIDgMEAQEBAgIGHQMCAgIwFAEICAIEAQ0FCIoSCAEPp?= =?us-ascii?q?waCJ4MQh2oBAQEBAQEBAQEBAQEBAQEBAQEBAQEVAwWBD4IrgTZRgVaBaIMrhGk?= =?us-ascii?q?BEQIBCBgVgn4xgjKiRQYCqFiWDQIEAgQFAhqBOh+BG29vToIpglIQDBmBTncBi?= =?us-ascii?q?RKBFAEBAQ?=
Received: from esa5.dell-outbound2.iphmx.com ([68.232.153.203]) by esa1.dell-outbound.iphmx.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 27 Nov 2017 13:11:51 -0600
From: "Black, David" <David.Black@dell.com>
Received: from mailuogwdur.emc.com ([128.221.224.79]) by esa5.dell-outbound2.iphmx.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 28 Nov 2017 01:15:47 +0600
Received: from maildlpprd52.lss.emc.com (maildlpprd52.lss.emc.com [10.106.48.156]) by mailuogwprd53.lss.emc.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.0) with ESMTP id vARJFhjX031806 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 27 Nov 2017 14:15:46 -0500
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd53.lss.emc.com vARJFhjX031806
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=emc.com; s=jan2013; t=1511810147; bh=FPm0PgmcwkZBsW6qASrvuhXTMQ0=; h=From:To:CC:Subject:Date:Message-ID:References:In-Reply-To: Content-Type:Content-Transfer-Encoding:MIME-Version; b=KCg0p6IlTcHHtczggp1nsXOlx41tZi//gDHGhbQVx2CnJd6zOGH/C0yl6h0z3ry9A XLWixh5X2e29Cmpza84BMWO1ERg9uSRQji2GNvMWJQ3GCw66zVI+AK83DOsMbvDPnY eqyF27W95tBwWkaWILreiHa7epSDwGZxuybm4sUM=
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd53.lss.emc.com vARJFhjX031806
Received: from mailusrhubprd02.lss.emc.com (mailusrhubprd02.lss.emc.com [10.253.24.20]) by maildlpprd52.lss.emc.com (RSA Interceptor); Mon, 27 Nov 2017 14:15:25 -0500
Received: from MXHUB302.corp.emc.com (MXHUB302.corp.emc.com [10.146.3.28]) by mailusrhubprd02.lss.emc.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.0) with ESMTP id vARJFSS6019613 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=FAIL); Mon, 27 Nov 2017 14:15:28 -0500
Received: from MX307CL04.corp.emc.com ([fe80::849f:5da2:11b:4385]) by MXHUB302.corp.emc.com ([10.146.3.28]) with mapi id 14.03.0352.000; Mon, 27 Nov 2017 14:15:27 -0500
To: Kyle Rose <krose@krose.org>, Eric Rescorla <ekr@rtfm.com>
CC: Daniel B Giffin <dbg@scs.stanford.edu>, tcpinc <tcpinc@ietf.org>, "tcpinc-chairs@ietf.org" <tcpinc-chairs@ietf.org>, The IESG <iesg@ietf.org>, "draft-ietf-tcpinc-tcpcrypt@ietf.org" <draft-ietf-tcpinc-tcpcrypt@ietf.org>
Thread-Topic: [tcpinc] Eric Rescorla's Discuss on draft-ietf-tcpinc-tcpcrypt-09: (with DISCUSS and COMMENT)
Thread-Index: AQHTWprePuW0lReuTEGF9kEkArM1jaMY2o+AgAJHWQCAAsH4LIAGXtcAgAABdACABGPsAIAAGX+AgAAmHoCAAAOIgIAABc2A///AkUA=
Date: Mon, 27 Nov 2017 19:15:27 +0000
Message-ID: <CE03DB3D7B45C245BCA0D243277949362FD89888@MX307CL04.corp.emc.com>
References: <151036992713.398.18032326140786383584.idtracker@ietfa.amsl.com> <20171117121703.GE57159@scs.stanford.edu> <CABcZeBMBnMB425pu5bc9kjuAqjRDnuVYQK=8P9vQBwURctCTZQ@mail.gmail.com> <CE03DB3D7B45C245BCA0D243277949362FD6E57E@MX307CL04.corp.emc.com> <20171124182842.GA80062@scs.stanford.edu> <CABcZeBORGhsgWem3P6GS=1qfkwBEZxX=CBGCOoU3R_+MsO4FrQ@mail.gmail.com> <CAJU8_nXA_1L_XVJAMGj+L4JY-so+LO79pxt_s=BTLWj_g47f_Q@mail.gmail.com> <CABcZeBNQEs6BKnxzQOuN4A4qvEDsk8kGQLt6S9Wy0OXsJ3u5cw@mail.gmail.com> <CAJU8_nWMn0_SSLUH+reS5La4J7t0uEN5u2zC8XFRXDMOffc1Qg@mail.gmail.com> <CABcZeBP2mN-Y3GFda3mqawFuFFqtzpwpsceseE5FNMH1iSpFPQ@mail.gmail.com> <CAJU8_nWk_Opuj+m4jv79qwFMUGqi5=JMk3S_3QfJLahOjL+77g@mail.gmail.com>
In-Reply-To: <CAJU8_nWk_Opuj+m4jv79qwFMUGqi5=JMk3S_3QfJLahOjL+77g@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.238.44.138]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Sentrion-Hostname: mailusrhubprd02.lss.emc.com
X-RSA-Classifications: public
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpinc/XdYHAZVikOu9qvyqfsgInLogKXg>
Subject: Re: [tcpinc] Eric Rescorla's Discuss on draft-ietf-tcpinc-tcpcrypt-09: (with DISCUSS and COMMENT)
X-BeenThere: tcpinc@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Working group mailing list for TCP Increased Security \(tcpinc\)" <tcpinc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpinc/>
List-Post: <mailto:tcpinc@ietf.org>
List-Help: <mailto:tcpinc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpinc>, <mailto:tcpinc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Nov 2017 19:15:52 -0000

Posting mostly to merge email threads back into one thread - IMHO, the following exchange seems to capture the state of things and subsumes the details that the other (my) thread with Ekr had gotten into:

> > With that said, it's not clear to me that the WG actually did have consensus
> > that this brittleness was a good tradeoff. Was this property in fact widely
> > understood? Speaking only for myself, it really only came into focus for me
> > when I did my review.
> 
> No, I think you're right that this wasn't widely understood, or at
> least not discussed. That wasn't what I was referring to, however: I
> do think the brittleness is worth at least discussing on the list
> (check) and seeing if there's consensus to make a change to the
> protocol or to add a crystal clear warning to the draft explaining the
> critical importance of not reusing SIDs.

Thanks, --David

> -----Original Message-----
> From: Kyle Rose [mailto:krose@krose.org]
> Sent: Monday, November 27, 2017 12:58 PM
> To: Eric Rescorla <ekr@rtfm.com>;
> Cc: Daniel B Giffin <dbg@scs.stanford.edu>;; Black, David
> <david.black@emc.com>;; tcpinc <tcpinc@ietf.org>;; tcpinc-chairs@ietf.org;
> The IESG <iesg@ietf.org>;; draft-ietf-tcpinc-tcpcrypt@ietf.org
> Subject: Re: [tcpinc] Eric Rescorla's Discuss on draft-ietf-tcpinc-tcpcrypt-09:
> (with DISCUSS and COMMENT)
> 
> On Mon, Nov 27, 2017 at 12:36 PM, Eric Rescorla <ekr@rtfm.com>; wrote:
> > On Mon, Nov 27, 2017 at 9:24 AM, Kyle Rose <krose@krose.org>; wrote:
> > I don't really think it's really worth relitigating this; I'm merely
> > observing
> > that if you want high resumption rates then you want stateless
> resumption.
> 
> For a server pool, I completely agree.
> 
> > As for the question of option space, I'm not persuaded it wouldn't
> > be possible to have stateless resumption with the same number of
> > round trip times if you were willing to be a bit more careful about
> > how you handled failure.
> 
> I would be interested in an (OOB) conversation on your thoughts here.
> 
> >> Agreed (though I am not sure Mirja will be happy to hear that). My
> >> comment about scope creep is simply that the WG came to a consensus
> on
> >> this topic (resumption tradeoffs) long ago, so I'm not sure we should
> >> be second guessing that judgment at IETF LC.
> >
> > I'm not sure what you think is being second guessed.
> 
> I was referring specifically to the resumption tradeoffs (rate vs.
> performance). That said, all I can find is this:
> 
> https://www.ietf.org/mail-archive/web/tcpinc/current/msg00919.html
> 
> which doesn't actually talk about that tradeoff, but rather about the
> charter's requirement for forward secrecy.
> 
> > With that said, it's not clear to me that the WG actually did have consensus
> > that this brittleness was a good tradeoff. Was this property in fact widely
> > understood? Speaking only for myself, it really only came into focus for me
> > when I did my review.
> 
> No, I think you're right that this wasn't widely understood, or at
> least not discussed. That wasn't what I was referring to, however: I
> do think the brittleness is worth at least discussing on the list
> (check) and seeing if there's consensus to make a change to the
> protocol or to add a crystal clear warning to the draft explaining the
> critical importance of not reusing SIDs.
> 
> Kyle