Re: [TLS] TLS Client Puzzles
Dave Garrett <davemgarrett@gmail.com> Thu, 09 July 2015 19:39 UTC
Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C1AC1A0092 for <tls@ietfa.amsl.com>; Thu, 9 Jul 2015 12:39:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ua6lXSjsxzYA for <tls@ietfa.amsl.com>; Thu, 9 Jul 2015 12:39:28 -0700 (PDT)
Received: from mail-qk0-x22d.google.com (mail-qk0-x22d.google.com [IPv6:2607:f8b0:400d:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 18FD21A008E for <tls@ietf.org>; Thu, 9 Jul 2015 12:39:28 -0700 (PDT)
Received: by qkhu186 with SMTP id u186so193157816qkh.0 for <tls@ietf.org>; Thu, 09 Jul 2015 12:39:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=hT5xB7D73kyhVOrWCpuoshc3QbeAR3zogMcZXg4xsuI=; b=h1F6xQH+AQcGVO6BHEeXMYhXvpB2fXHd3ve/m2WA2MzkiAXGo/WfZaMMXE8DA57thU HsqL5mI/UCKSlm6/W3FJ7/suzELBX14bpPDuih8A4mmOWoDdtlZ+oN34bNNr0YvyspUA TuuDew6aSyWGpOtFo+usiSnBwZxDgbfB7CcSH3EboNguPMaDrBSm0ZKBNLyWQJtvmfzu N00YeDI5AMt1vqLGDC+Eb4f0llGN4x7plx3ITna0VTEJj7u0GeJbKFkY6cr2YJuxbeFi x9KJoznXK/TKEb5VeO1dHS54Nv5VZ4NtzkTNvSY1MWA29lkY89FIhTU21U0maIseev8n cr+Q==
X-Received: by 10.140.150.142 with SMTP id 136mr25792190qhw.17.1436470767111; Thu, 09 Jul 2015 12:39:27 -0700 (PDT)
Received: from dave-laptop.localnet (pool-96-245-254-195.phlapa.fios.verizon.net. [96.245.254.195]) by smtp.gmail.com with ESMTPSA id 195sm4121756qhr.13.2015.07.09.12.39.26 (version=TLSv1 cipher=RC4-SHA bits=128/128); Thu, 09 Jul 2015 12:39:26 -0700 (PDT)
From: Dave Garrett <davemgarrett@gmail.com>
To: tls@ietf.org
Date: Thu, 09 Jul 2015 15:39:25 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
References: <CAKC-DJjfq_Lw6ovX=sVFt3=4q_4CYo_N79PZFx+LrGj7DbLK+w@mail.gmail.com> <m24mldl20a.fsf@usma1mc-0csx92.kendall.corp.akamai.com> <CACsn0cntB7LiSX91Ff2gP-G+esW4VX+26mJM-Ay7jWAYhoqS-A@mail.gmail.com>
In-Reply-To: <CACsn0cntB7LiSX91Ff2gP-G+esW4VX+26mJM-Ay7jWAYhoqS-A@mail.gmail.com>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <201507091539.25403.davemgarrett@gmail.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/-mfiMtCgI31Zr-xeSV9UQXddxdk>
Subject: Re: [TLS] TLS Client Puzzles
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Jul 2015 19:39:29 -0000
I'm personally not a fan of the idea of raw processing puzzles. Has anyone investigated network puzzles of some sort, like requiring clients to retrieve a key/signature from a 3rd party? For example: a DDoS vulnerable server requests clients first get some token signed by a trusted 3rd party capable of handling heavy load & filtering DDoSes better, then can use that signed token to connect to desired server. Dave
- [TLS] TLS Client Puzzles Erik Nygren
- Re: [TLS] TLS Client Puzzles Yoav Nir
- Re: [TLS] TLS Client Puzzles Erik Nygren
- Re: [TLS] TLS Client Puzzles Douglas Stebila
- Re: [TLS] TLS Client Puzzles Jeffrey Walton
- Re: [TLS] TLS Client Puzzles Tony Arcieri
- Re: [TLS] TLS Client Puzzles Erik Nygren
- Re: [TLS] TLS Client Puzzles Watson Ladd
- Re: [TLS] TLS Client Puzzles Brian Sniffen
- Re: [TLS] TLS Client Puzzles Watson Ladd
- Re: [TLS] TLS Client Puzzles Brian Sniffen
- Re: [TLS] TLS Client Puzzles Watson Ladd
- Re: [TLS] TLS Client Puzzles Dave Garrett
- Re: [TLS] TLS Client Puzzles Brian Sniffen
- Re: [TLS] TLS Client Puzzles Martin Thomson
- Re: [TLS] TLS Client Puzzles Jeffrey Walton
- Re: [TLS] TLS Client Puzzles Martin Thomson