Re: [TLS] New Cached info draft

"Brian Smith" <> Tue, 30 March 2010 18:30 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 11FD33A6A16 for <>; Tue, 30 Mar 2010 11:30:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.216
X-Spam-Status: No, score=-0.216 tagged_above=-999 required=5 tests=[AWL=1.254, BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id MbSsGUK0pyIL for <>; Tue, 30 Mar 2010 11:30:16 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 77BBE3A6A65 for <>; Tue, 30 Mar 2010 11:30:16 -0700 (PDT)
Received: from T60 (unknown []) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 72D42509DC; Tue, 30 Mar 2010 14:30:38 -0400 (EDT)
From: "Brian Smith" <>
To: "'Stefan Santesson'" <>, <>
References: <> <>
In-Reply-To: <>
Date: Tue, 30 Mar 2010 13:30:37 -0500
Message-ID: <003501cad037$1b37c960$51a75c20$>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
thread-index: AQH2zpkx6SXE20QoIjYvnNXk//OcBgFxK2uqAU89Q70=
Content-Language: en-us
Subject: Re: [TLS] New Cached info draft
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 30 Mar 2010 18:30:18 -0000

Stefan Santesson wrote:
> On 10-03-30 6:23 PM, "Martin Rex" <> wrote:
> > I do not think that he suggested to not return the extension _and_
> > replace cached data.
> I interpreted the ServerCachedInformation structure as a separate
> sent only by the server.

No, I meant for the client and the server to use the same extension ID, but
with different syntax for the extension_data. That is allowed. In fact the
current draft already has slightly different syntax for the client and
server extension data; the client digest_value is fixed at 8 bytes and the
server digest value can be either 0 or 8 bytes.

> >> On 10-03-30 5:34 PM, "Brian Smith" <> wrote:
> >>> * The draft says that CachedInformation.cached_info can be up to 
> >>> 590KB in size. extension_data can't be larger than 64KB, so the max
> >>> for the CachedInformation.cached_info array must be 7281 or less. But,
> >>> really, sending more than a few hashes per type of cached info is
likely to
> >>> run into DoS countermeasures. It would be better to have the
> >>> require and/or at least recommend that there not be more than one (or
> >>> most a few) hashes per information type in the client hello.
> >
> > To me, allowing the client to cache distinct values for the same
> > server leads to cache management problems.  How should a client expire
> > outdated content from his cache?  If the client only caches one item
> > per "server:port" pair, then expiring of outdated cached information
> > is a non-issue.
> It's a non-issue in any case. A timer for example works well. Nothing
> prevents the client to refuse caching more than one object per type and
> server, but that restriction doesn't strike me as necessary.

It is good to keep the maximum size of extensions small so that the server
can allocate and reuse fixed-size buffers that are as small as possible. I
don't see the use for allowing multiple values per information type, but at
least I think a small cap on the total size of the extension_data (say, 1KB)
would be useful. There's no need for a server to waste resources to support
clients that send dozens, hundreds, or thousands of digests.

> >>> * The draft says "A present non-empty digest_value indicates that the
> >>> will honor caching of objects of the specified type that matches the
> >>> digest value." I don't see why this is necessary. The server should
> >>> be supporting the digests of the values that it most recently
returned, for
> >>> the information items it claims to support, so the semantics for empty
> >>> digest_values in the server extension are good enough.
> >
> > I would also appreciate semantics as suggested here.
> > Allow the server to return a ServerHelloExtension that explicitly list
> > the types of information for which the server supports caching, but
> > _without_ a digest_value, both on discovery and on actual use of
> > the caching extension by the client, so that the server does not
> > have to pre-calculate this data of future handshake message
> > while it is composing ServerHello.
> >
> The server doesn't have to send digest values in current draft.

AFAICT, there's nothing in the draft that says that the client should use
this information in any way. As long as the client is free to ignore the
server-sent digest_values when present, it doesn't hurt. But, I don't see
how it really helps either. It's better to keep the syntax as simple as

Again, it is best to require that the server explicitly list the information
types for which it supports caching. It costs the server basically nothing
to provide the few extra bytes, and it is very useful information for the
client to have.