Re: [TLS] analysis of wider impact of TLS1.3 replayabe data
Andrei Popov <Andrei.Popov@microsoft.com> Sun, 13 March 2016 19:04 UTC
Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C3CEE12D73C for <tls@ietfa.amsl.com>; Sun, 13 Mar 2016 12:04:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SD2D3FSarPbo for <tls@ietfa.amsl.com>; Sun, 13 Mar 2016 12:04:15 -0700 (PDT)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0107.outbound.protection.outlook.com [207.46.100.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D9C012D733 for <tls@ietf.org>; Sun, 13 Mar 2016 12:04:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=zMbbh8uWx4NoHaCBHOhIOkp59GoaEmqMoo1q8l3Bcwk=; b=LQPi0mqmqLU9WqgRJxM8ATDRbbBM5ARN4a3zOvtZ8FaSTBzKQP+Kk5cKgcodaTqNygs5Of5V0EbnAPPiqQJetHDPtxi5JL7FrkFiRoGPO1bJ7MjBpSwqKAgc7HDHoE7kaxzgjzoK/vOP7TFFqF0nKQIohlSAB0hk25DcqZ52w5Q=
Received: from BLUPR03MB1396.namprd03.prod.outlook.com (10.163.81.142) by BLUPR03MB1393.namprd03.prod.outlook.com (10.163.81.14) with Microsoft SMTP Server (TLS) id 15.1.434.16; Sun, 13 Mar 2016 19:04:13 +0000
Received: from BLUPR03MB1396.namprd03.prod.outlook.com ([10.163.81.142]) by BLUPR03MB1396.namprd03.prod.outlook.com ([10.163.81.142]) with mapi id 15.01.0434.016; Sun, 13 Mar 2016 19:04:13 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: Eric Rescorla <ekr@rtfm.com>, Yoav Nir <ynir.ietf@gmail.com>
Thread-Topic: [TLS] analysis of wider impact of TLS1.3 replayabe data
Thread-Index: AQHRfRmF6I9l7FxbpECwCZyuZfQ96J9XUCuAgAAUkQCAAALfAIAACvyAgAABI4CAAAHRgIAAGQwAgAAm7aA=
Date: Sun, 13 Mar 2016 19:04:13 +0000
Message-ID: <BLUPR03MB1396B2F9A91C677F70FA3D358CB70@BLUPR03MB1396.namprd03.prod.outlook.com>
References: <56E54B85.4050204@cs.tcd.ie> <CABcZeBNTEB4FxSN=rCZBE02UMn1kDRh83Qob5K2Yf9JTdCQP9A@mail.gmail.com> <56E5706C.4020804@cs.tcd.ie> <CABcZeBMmWG-+eN8W_0TqgtM53x8ZhK-=5TfqFpbJDx9dZGGUmw@mail.gmail.com> <56E57C0B.50802@cs.tcd.ie> <161d625768e74a519b5d820c674d00d9@usma1ex-dag1mb1.msg.corp.akamai.com> <833DCAA1-5730-4EDD-AC17-1FEFD580B922@gmail.com> <CABcZeBNLa8azgqR9AubaRTao_AJHF_UDbk=9zyh+JyqVnVC94w@mail.gmail.com>
In-Reply-To: <CABcZeBNLa8azgqR9AubaRTao_AJHF_UDbk=9zyh+JyqVnVC94w@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: rtfm.com; dkim=none (message not signed) header.d=none;rtfm.com; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [50.46.246.208]
x-ms-office365-filtering-correlation-id: 537f24db-521d-4a78-9972-08d34b72449d
x-microsoft-exchange-diagnostics: 1; BLUPR03MB1393; 5:OpAwNlfjcx664GCvhtjjEukSXvXv2MlvNBcDq7iJ35SwZzSD+gaLd0K7+6HFalhetkzw7gu66r3tpC/qTu/hXmiBxX7R3ebA1X8RsbfgnOP3oeLKFfLWtWK+32mO/dmsKG5M71+b3iEw7PWZC0XMig==; 24:qyTKyEH94nS/cIUR7NuLEnMI2P48QO3TkDnODsmxeup664799y1ZVagjHQEAxtjs02L62JNHo1U/YSBJMqN9VCxqwM7E6YqLacADrVOGfUY=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BLUPR03MB1393;
x-microsoft-antispam-prvs: <BLUPR03MB13930AA9A396F519536F99A28CB70@BLUPR03MB1393.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(61426038)(61427038); SRVR:BLUPR03MB1393; BCL:0; PCL:0; RULEID:; SRVR:BLUPR03MB1393;
x-forefront-prvs: 0880FB6EC1
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(24454002)(377454003)(790700001)(10400500002)(586003)(122556002)(16236675004)(50986999)(3846002)(92566002)(19580395003)(6116002)(1096002)(5002640100001)(1220700001)(76176999)(106116001)(15975445007)(10290500002)(5005710100001)(5004730100002)(74316001)(77096005)(87936001)(3280700002)(66066001)(54356999)(189998001)(10090500001)(5001770100001)(2950100001)(19300405004)(11100500001)(2900100001)(2906002)(19609705001)(4326007)(102836003)(5003600100002)(86362001)(19580405001)(5008740100001)(8990500004)(81166005)(33656002)(76576001)(19625215002)(99286002)(3660700001); DIR:OUT; SFP:1102; SCL:1; SRVR:BLUPR03MB1393; H:BLUPR03MB1396.namprd03.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BLUPR03MB1396B2F9A91C677F70FA3D358CB70BLUPR03MB1396namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Mar 2016 19:04:13.7812 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR03MB1393
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/4bqApx4bB0vGzM_pgp_3KrDOA88>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] analysis of wider impact of TLS1.3 replayabe data
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Mar 2016 19:04:18 -0000
What Stephen said about 0-RTT makes a lot of sense to me. However, if one major browser implements this latency reduction feature, the rest will feel compelled to do the same. And EKR’s message below indicates that at least one major browser will support 0-RTT. From: TLS [mailto:tls-bounces@ietf.org] On Behalf Of Eric Rescorla Sent: Sunday, March 13, 2016 9:21 AM To: Yoav Nir <ynir.ietf@gmail.com> Cc: tls@ietf.org Subject: Re: [TLS] analysis of wider impact of TLS1.3 replayabe data On Sun, Mar 13, 2016 at 3:51 PM, Yoav Nir <ynir.ietf@gmail.com<mailto:ynir.ietf@gmail.com>> wrote: > On 13 Mar 2016, at 4:45 PM, Salz, Rich <rsalz@akamai.com<mailto:rsalz@akamai.com>> wrote: > >> I also think it is prudent to assume that implementers will turn on replayable >> data even if nobody has figured out the consequences. > > I very much agree. Customers, particularly those in the mobile field, will look at this and say "I can avoid an extra RTT? *TURN IT ON*" without fully understanding, or perhaps even really caring about, the security implications. Perhaps, and I think IoT devices are likely to do so as well. Is OpenSSL going to implement this? Are all the browsers? There are already patches in preparation for this for NSS and I expect Firefox to implement it, as long as we have any indication that a reasonable numbers of servers will accept it. -Ekr (only the first one is directed specifically at you, Rich…) Yoav
- [TLS] analysis of wider impact of TLS1.3 replayab… Stephen Farrell
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Eric Rescorla
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Stephen Farrell
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Eric Rescorla
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Stephen Farrell
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Salz, Rich
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Eric Rescorla
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Yoav Nir
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Salz, Rich
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Stephen Farrell
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Kurt Roeckx
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Eric Rescorla
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Salz, Rich
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Ilari Liusvaara
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Andrei Popov
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Bill Cox
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Scott Schmit
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Bill Cox
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Erik Nygren
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Harlan Lieberman-Berg
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Colm MacCárthaigh
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Colm MacCárthaigh
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Bill Cox
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Ilari Liusvaara
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Eric Rescorla
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Eric Rescorla
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Nikos Mavrogiannopoulos
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Kyle Nekritz
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Bill Cox
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Viktor Dukhovni
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Colm MacCárthaigh
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Colm MacCárthaigh
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Colm MacCárthaigh
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Subodh Iyengar
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Watson Ladd
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Subodh Iyengar
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Colm MacCárthaigh
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Bill Cox
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Colm MacCárthaigh
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Ilari Liusvaara
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Colm MacCárthaigh
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Geoffrey Keating
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Bill Cox
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Ryan Hamilton
- [TLS] Splitting all stateless 0RTT into its own d… Dave Garrett
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Salz, Rich
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Bill Cox
- Re: [TLS] Splitting all stateless 0RTT into its o… Eric Rescorla
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Geoffrey Keating
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Ryan Hamilton
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Ryan Hamilton
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Colm MacCárthaigh
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Kyle Nekritz
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Bill Cox
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Eric Rescorla
- Re: [TLS] Splitting all stateless 0RTT into its o… Ilari Liusvaara
- Re: [TLS] Splitting all stateless 0RTT into its o… Viktor Dukhovni
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Hubert Kario
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Martin Thomson
- Re: [TLS] analysis of wider impact of TLS1.3 repl… Hubert Kario