IETF Logo Mail Archive

Re: [TLS] Call for Consensus on removal of renegotiation

Colm MacCárthaigh <colm@allcosts.net> Wed, 25 June 2014 20:26 UTC

Return-Path: <colm@allcosts.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C627A1A0383 for <tls@ietfa.amsl.com>; Wed, 25 Jun 2014 13:26:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.678
X-Spam-Level:
X-Spam-Status: No, score=-1.678 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZgiPoPS4M45i for <tls@ietfa.amsl.com>; Wed, 25 Jun 2014 13:26:02 -0700 (PDT)
Received: from mail-oa0-f45.google.com (mail-oa0-f45.google.com [209.85.219.45]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 25D2C1A0339 for <tls@ietf.org>; Wed, 25 Jun 2014 13:26:02 -0700 (PDT)
Received: by mail-oa0-f45.google.com with SMTP id o6so2790410oag.32 for <tls@ietf.org>; Wed, 25 Jun 2014 13:26:01 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=rFGFAu32ny/XhhEZznag2kTD222SdGRGbCf/zz7sa9M=; b=X0u+31miAC0HMVcmNCmO5O7ooaha2NgWZKeAAIInKJZNyaaqDlJNStxRUZ+26FzUYH GW4hHbUxTYT4dXeZSMYckyllz8AePoa6ayWEhmFhS/QwCKxU3Xlhlx7ZXz7ffN+VdGNl Us9QilzGEHqfb0QmXhg5xUqlu9ZZPub72JEa0mnQB8HifR5/MLQ2Q/miA4f5R5UN7BxB TbhMoT6zKhUq5FSMVqPcn5zrG743PhVx0jR9JNMMxPROifHI7Nn8kbFmztrNKNhrotfq 5Rm2xI5nOD7mDJADfisux1UxNPKAV8Op2xKYCL/pytpyXcJBNzqTR7RynDj0OzWmV+jh K5SA==
X-Gm-Message-State: ALoCoQl3QHoHAD3m5fXGU7WhKfRL6j0UEh2sNJJk/MfnVnpHYAw23XDUBceYjy1qN0nF1/YTExQU
MIME-Version: 1.0
X-Received: by 10.60.52.226 with SMTP id w2mr10737439oeo.3.1403727961332; Wed, 25 Jun 2014 13:26:01 -0700 (PDT)
Received: by 10.76.20.164 with HTTP; Wed, 25 Jun 2014 13:26:01 -0700 (PDT)
In-Reply-To: <53AB192F.2040001@fifthhorseman.net>
References: <44DA5A30-015D-40F3-90CA-F15076891BBC@cisco.com> <53AB192F.2040001@fifthhorseman.net>
Date: Wed, 25 Jun 2014 13:26:01 -0700
Message-ID: <CAAF6GDdkkuB=Eko55vqaPS9Krc0XmiQk0vo2c_q5n6kydpkYuQ@mail.gmail.com>
From: Colm MacCárthaigh <colm@allcosts.net>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/6taxwC5rKxnKeHeRyLBFShRAI6w
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Call for Consensus on removal of renegotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Jun 2014 20:26:02 -0000

On Wed, Jun 25, 2014 at 11:47 AM, Daniel Kahn Gillmor
<dkg@fifthhorseman.net> wrote:
> If we aren't providing an additional facility for re-keying, then i am
> not OK with removing renegotiation.  TLS needs a way for high-traffic,
> longstanding connections to stay up without "dead air" (as i think Sean
> called it earlier).  So i can't choose (1).

Probably a stupid and ignorant question; but what prevents
applications with this kind of requirement from creating a new
connection, negotiating a new key, and then switching to the new
connection when they're ready?


-- 
Colm

v2.23.0 | Report a Bug | By Email