Re: [TLS] Connection ID Draft
Stephen Farrell <stephen.farrell@cs.tcd.ie> Sun, 22 October 2017 15:50 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2232E1399C6 for <tls@ietfa.amsl.com>; Sun, 22 Oct 2017 08:50:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.301
X-Spam-Level:
X-Spam-Status: No, score=-4.301 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jLEe_yczv4FE for <tls@ietfa.amsl.com>; Sun, 22 Oct 2017 08:50:18 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 413DC1399C7 for <tls@ietf.org>; Sun, 22 Oct 2017 08:50:17 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 08C4ABE7B; Sun, 22 Oct 2017 16:50:16 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N4YyxWuZtdyi; Sun, 22 Oct 2017 16:50:14 +0100 (IST)
Received: from [10.244.2.100] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 99F99BE6F; Sun, 22 Oct 2017 16:50:14 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1508687414; bh=v1LRRMeWl9IYJkR/CVkFTvXe7i9KXJ6TbCTEPIH6k4s=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=J3+7CNe5EHSZY6x8Ws9b0RAjPO9/H7373LsryioWv3mZosBfIejALe5I01UjTJK7D HGAD+/RpQ0sbMr6PVRAHRMMM7b0d0PBdiBCzFlJcLuZ+seY6W5TZlRINlC/yUq15Cn 14Z0y9vELp9ZBygULpfQ1iMYUSHnGnsbkUG0jtxs=
To: Eric Rescorla <ekr@rtfm.com>
Cc: "tls@ietf.org" <tls@ietf.org>
References: <CABcZeBPXB6cOSztzDHtKSWUCJrgET+9cF_rAiiE8CYCUSY_uLA@mail.gmail.com> <574d133f-0531-2206-c7d3-825ebaffacdd@cs.tcd.ie> <CABcZeBM_xUadFDnAK-FLGjqciDOLGoePv8xhSFkmBYS5nooXxQ@mail.gmail.com> <765bb5b0-2129-9ea8-2c51-b6b4163748e8@cs.tcd.ie> <CABcZeBNbt-ZB=8jsp=pKkDfS9qKOogfmjeAieN6KC9KBNkWnrg@mail.gmail.com> <016ec9b6-d59e-531a-0930-9f355edb34be@cs.tcd.ie> <CABcZeBP_a_tLkMz87CBNzsv7LCpPCHYMTk2asN8hHHtgN1ZRFQ@mail.gmail.com> <f8e1f136-014c-6471-c5f2-bff31cc54723@cs.tcd.ie> <CABcZeBOKydO+g-73eB-pqGXKgiD9XYjP3JTQGjy1GwphWenPFg@mail.gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <d5849014-8bea-2ad0-0f2d-b477e269d80a@cs.tcd.ie>
Date: Sun, 22 Oct 2017 16:50:13 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <CABcZeBOKydO+g-73eB-pqGXKgiD9XYjP3JTQGjy1GwphWenPFg@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="4uaxBLOr2H8LNcKV2OReqMxBwDgIr1v1n"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/6oXgeI9F5Qa7mOUVLQvupA0F_CI>
Subject: Re: [TLS] Connection ID Draft
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Oct 2017 15:50:20 -0000
On 22/10/17 16:41, Eric Rescorla wrote: > >> Maybe the thing we could agree at this stage is that the cid scheme >> has to be usable in that one-message-per-day scenario and needs to >> provide some way that such messages aren't easily linkable based on >> cids. > > I think that's a requirement in some cases but not others. It might be > best to settle for the others. Sorry, I'm not sure what you mean there. Are you saying that you think the above requirement can't be met by a generally usable scheme? I agree that not all scenarios need to meet the req posited above. I'd worry that if DTLS1.3 can't meet the above requirement then folks will invent something that does, which may be worse than using DTLS in a bunch of cases. OTOH, one could equally, and maybe fairly, argue that DTLS really doesn't scale down quite that far, which'd I guess argue that there's a need for some other security protocol for those situations. S. PS: I fully accept your point that purely napkin-based schemes aren't good enough and if those're the only kind of hash-chain based proposals seen, then the WG oughtn't go for one of those.
- [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Nikos Mavrogiannopoulos
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Matt Caswell
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft Hannes Tschofenig
- Re: [TLS] Connection ID Draft Eric Rescorla
- [TLS] 答复: Connection ID Draft yinxinxing
- [TLS] 答复: Connection ID Draft yinxinxing
- Re: [TLS] 答复: Connection ID Draft Eric Rescorla
- Re: [TLS] 答复: Connection ID Draft Eric Rescorla
- [TLS] 答复: Connection ID Draft yinxinxing
- Re: [TLS] 答复: Connection ID Draft Eric Rescorla
- [TLS] 答复: 答复: Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Benjamin Kaduk
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Christian Huitema
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Nikos Mavrogiannopoulos
- Re: [TLS] Connection ID Draft Simon Bernard
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Benjamin Kaduk
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Matt Caswell
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Matt Caswell
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft Matt Caswell
- Re: [TLS] Connection ID Draft Simon Bernard