IETF Logo Mail Archive

Re: [TLS] Idempotency and the application developer

Bill Frantz <frantz@pwpconsult.com> Fri, 05 May 2017 15:31 UTC

Return-Path: <frantz@pwpconsult.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEBBF129A96 for <tls@ietfa.amsl.com>; Fri, 5 May 2017 08:31:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.08
X-Spam-Level:
X-Spam-Status: No, score=0.08 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XGjHvV7JvPdX for <tls@ietfa.amsl.com>; Fri, 5 May 2017 08:31:54 -0700 (PDT)
Received: from elasmtp-masked.atl.sa.earthlink.net (elasmtp-masked.atl.sa.earthlink.net [209.86.89.68]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1E65E129521 for <tls@ietf.org>; Fri, 5 May 2017 08:31:53 -0700 (PDT)
Received: from [97.33.64.104] (helo=Williams-MacBook-Pro.local) by elasmtp-masked.atl.sa.earthlink.net with esmtpa (Exim 4.67) (envelope-from <frantz@pwpconsult.com>) id 1d6fCx-0002lA-Uq; Fri, 05 May 2017 11:31:52 -0400
Date: Fri, 05 May 2017 08:31:53 -0700
From: Bill Frantz <frantz@pwpconsult.com>
To: Colm MacCárthaigh <colm@allcosts.net>
cc: Watson Ladd <watsonbladd@gmail.com>, tls@ietf.org
X-Priority: 3
In-Reply-To: <CAAF6GDfqi4keBrygD-Q2_yRS+zUyTnOnhDgD60e3JSsgqC-R1A@mail.gmail.com>
Message-ID: <r470Ps-10124i-8C6EE6E6F1274993A14AE6198AB7F492@Williams-MacBook-Pro.local>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Mailsmith 2.4 (470)
X-ELNK-Trace: 3a5e54fa03f1b3e21aa676d7e74259b7b3291a7d08dfec799698d57e580f6917f06005743ae9f0db350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 97.33.64.104
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/0M8eNFnDnjpR1LQQH-8kRjb8V2g>
Subject: Re: [TLS] Idempotency and the application developer
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 May 2017 15:31:56 -0000

On 5/4/17 at 4:47 PM, colm@allcosts.net (Colm MacCárthaigh) wrote:

>I think you're right; and we could enforce in TLS by encrypting 0-RTT under
>a key that isn't transmitted until 1-RTT.

This might be a generally useful pattern for 0-RTT use cases 
that are trying to get large quantities of data to the server quickly.

BTW, I expect to see lots of security bugs due to 0-RTT.

<cynic>But the Internet and computer operating systems are 
insecure anyway.</cynic>

Cheers - Bill

-------------------------------------------------------------------------
Bill Frantz        | The first thing you need when  | Periwinkle
(408)356-8506      | using a perimeter defense is a | 16345 
Englewood Ave
www.pwpconsult.com | perimeter.                     | Los Gatos, 
CA 95032

v2.23.0 | Report a Bug | By Email