IETF Logo Mail Archive

Re: [TLS] A flags extension

"Martin Thomson" <mt@lowentropy.net> Wed, 27 March 2019 13:42 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 18FD312001E for <tls@ietfa.amsl.com>; Wed, 27 Mar 2019 06:42:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=Js3vBT6z; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=hJvI0Iak
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IQPj263O2q9P for <tls@ietfa.amsl.com>; Wed, 27 Mar 2019 06:42:53 -0700 (PDT)
Received: from wnew3-smtp.messagingengine.com (wnew3-smtp.messagingengine.com [64.147.123.17]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F098812027C for <tls@ietf.org>; Wed, 27 Mar 2019 06:42:52 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailnew.west.internal (Postfix) with ESMTP id 6AFB545E9 for <tls@ietf.org>; Wed, 27 Mar 2019 09:42:52 -0400 (EDT)
Received: from imap2 ([10.202.2.52]) by compute1.internal (MEProxy); Wed, 27 Mar 2019 09:42:52 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type:content-transfer-encoding; s=fm1; bh=PB6I0 88zQQmSuUb3OI9PFgsEPcVLBAplR5/oXdivEy4=; b=Js3vBT6z/De0cvOWI2OH9 dlXChC0JRjpcpeEOfb/ksETuqAyPRAyOMxjirTseAz9ZOzYJ0fEsndRmfUlHtbG5 5E0nmHHnQOemM1bbQIXOerRd27C8vEOGfuHIIBIGnZ5RKGwcMXmmZTiAsUsn53N/ MnC7++lOQ/2Vwe5VzYtEd522grTSFwvFy5qzFAN0Qh7t0cp5H8v5YihLA4eD/19k WiHUwn+NZj14ZAjj4c5t/dh8SwcaDJOnCIwS1059caLaN47wup9A1Xa+smtPFe/x Cfm0Z6+oozmgypu3zpfSctIaMTlmPmktF8qCosiN+dz1yyh+bDm8cx2jdkwT1VXb Q==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=PB6I088zQQmSuUb3OI9PFgsEPcVLBAplR5/oXdivE y4=; b=hJvI0IakPtbaLp6JZxAErdMCQd36YWhYuEIBSwYC7w6VQo+K1IsG7IIEy Ux5yFxQQHTnG14q+mcZr3IiRRRrVq5QU66MdFi432srop4+iFaXOAdgri4Z07f7n pL4YW5odwNk23kXgnfqrRraHhHRFLiKPofsx/aQ6iN92n4jBf1Hc2yC1Lv4smrUv cCAgSNu82mFe4z0m56FFSHtShaBtBfHrX3G+bu72pr0cW6xixAtWbj4rhilw+8U4 uQ8uFOaJ75MLdQ8UtNrpcWcykD06iqe69Ts14ryJyf1nfLiC9U79RrMiDqv6WyT5 /49TZQo3bxOz5J5KBv09NNWZmSd8A==
X-ME-Sender: <xms:232bXHxNJZ0mHFVOrXQXVCoUDorLRLvt-ObBlARwjgm5mIWkknnckw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedutddrkedvgdehvdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkjghffffhvffutgfgsehtqh ertderreejnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhho figvnhhtrhhophihrdhnvghtqeenucffohhmrghinhepihgvthhfrdhorhhgnecurfgrrh grmhepmhgrihhlfhhrohhmpehmtheslhhofigvnhhtrhhophihrdhnvghtnecuvehluhhs thgvrhfuihiivgeptd
X-ME-Proxy: <xmx:232bXB03PQK314LKFWxZ-2rmTEkFi_t96A5kFRp_qrrPJWc5ATfrmA> <xmx:232bXCSENtjpaE-m0lk3fgTSBZrW6VskrwJtNol4T6jxyt39PWe52g> <xmx:232bXGi5AJwzf4N92QdlTHoRG2jDk5FzU7IGS9uqYiAXz5IPeI3m9A> <xmx:232bXBHmwvDeewlL1LnWBSJI2uzBk_SsjPW34hJLqzbqLOfYc_c-PUPWKto>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 5D9E37C1B7; Wed, 27 Mar 2019 09:42:51 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.5-976-g376b1f3-fmstable-20190314v3
Mime-Version: 1.0
X-Me-Personality: 92534000
Message-Id: <dcdcba29-9571-4747-880e-2aba9f649775@www.fastmail.com>
In-Reply-To: <8CCF5B81-9873-41AB-B062-AD109365A80A@gmail.com>
References: <A7EC005E-3463-406B-930F-925B4D2338E4@gmail.com> <B0FF00D7-8727-4371-8DAA-AD2A920504F8@akamai.com> <2e5a5623-7de9-4f12-b699-b0b248432f96@www.fastmail.com> <F5AD3A62-C0D1-49F7-8D10-27A7DA92DCCC@gmail.com> <be8f455bf446d6db3ba81a8ac98ed9d485cc43de.camel@redhat.com> <C1694B79-1CA2-44B5-A77E-8F12FE0C785D@gmail.com> <ac26657f9614afb3880135efeb06265393012777.camel@redhat.com> <87o95wfthk.fsf@fifthhorseman.net> <8CCF5B81-9873-41AB-B062-AD109365A80A@gmail.com>
Date: Wed, 27 Mar 2019 09:42:49 -0400
From: Martin Thomson <mt@lowentropy.net>
To: tls@ietf.org
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/2mi0jfZUFGsE0kWGPVhOLyFVpdM>
Subject: Re: [TLS] A flags extension
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Mar 2019 13:42:55 -0000

Why not go all in - make this a byte string and start from 0x80 in the first byte.  When we define the 9th flag, we add another byte.  Then you have up to 2040 flags (though it might pay to split the space before that).

struct {
  opaque<1..255> flags;
} Flags;

Otherwise, the first adopter of this pays 10 bytes where they would previously have paid 4.  Obviously there is a network effect at the third.  Since I'm writing a draft that will aim to depend on this, I have a vested interest in using this.

If you wanted to make it more attractive to me, then maybe porting some of the existing flags across might make it more appealing.

On Wed, Mar 27, 2019, at 13:08, Yoav Nir wrote:
> 
> 
> > On 27 Mar 2019, at 12:26, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:
> > 
> > On Wed 2019-03-27 10:52:20 +0100, Nikos Mavrogiannopoulos wrote:
> >> Right. What about defining a set of extensions (e.g., 2 extensions) of
> >> flags as:
> >> 
> >> struct {
> >>  uint64 flags;
> >> } Flags;
> > 
> > If we're going to be doing this kind of bit-shaving, this is the way to
> > go, starting with a single CommonFlags extension -- and maybe even a
> > uint32 or uint16, with the bitfield registry under tight WG control. If
> > we exhaust that space, then we just define a CommonFlags2 extension.
> > 
> > If someone wants an experimental boolean extension to play with, they
> > can always use an empty extension. They can apply for a bit in
> > CommonFlags if they find that the compactness is warranted.
> > 
> 
> OK. You got me convinced.
> 
> In the spirit of revising quickly and revising often, I’ve uploaded version -01:
> 
> HTML: https://datatracker.ietf.org/doc/html/draft-nir-tls-tlsflags
> DIFF: https://www.ietf.org/rfcdiff?url2=draft-nir-tls-tlsflags-01
> 
> Yoav
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

v2.23.0 | Report a Bug | By Email