Re: [TLS] TLS 1.3 Cookie
Ilari Liusvaara <ilariliusvaara@welho.com> Sun, 18 December 2016 21:44 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 179AF129406 for <tls@ietfa.amsl.com>; Sun, 18 Dec 2016 13:44:39 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5
X-Spam-Level:
X-Spam-Status: No, score=-5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-3.1] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id izZN5m6-bGoQ for <tls@ietfa.amsl.com>; Sun, 18 Dec 2016 13:44:37 -0800 (PST)
Received: from welho-filter2.welho.com (welho-filter2.welho.com [83.102.41.24]) by ietfa.amsl.com (Postfix) with ESMTP id 09D7E1293DF for <tls@ietf.org>; Sun, 18 Dec 2016 13:44:36 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by welho-filter2.welho.com (Postfix) with ESMTP id 0142716D60; Sun, 18 Dec 2016 23:44:35 +0200 (EET)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp2.welho.com ([IPv6:::ffff:83.102.41.85]) by localhost (welho-filter2.welho.com [::ffff:83.102.41.24]) (amavisd-new, port 10024) with ESMTP id c2ACjLzG3oXL; Sun, 18 Dec 2016 23:44:34 +0200 (EET)
Received: from LK-Perkele-V2 (87-92-51-204.bb.dnainternet.fi [87.92.51.204]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by welho-smtp2.welho.com (Postfix) with ESMTPSA id B1ACE21C; Sun, 18 Dec 2016 23:44:34 +0200 (EET)
Date: Sun, 18 Dec 2016 23:44:25 +0200
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: "Mehner, Carl" <Carl.Mehner@usaa.com>
Message-ID: <20161218214425.GA3668@LK-Perkele-V2.elisa-laajakaista.fi>
References: <19075EB00EA7FE49AFF87E5818D673D41F7F8DAB@PRODEXMB01W.eagle.usaa.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <19075EB00EA7FE49AFF87E5818D673D41F7F8DAB@PRODEXMB01W.eagle.usaa.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/71xhkj_Q5Z--FohQY8K7P4xmeyU>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] TLS 1.3 Cookie
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Dec 2016 21:44:39 -0000
On Sun, Dec 18, 2016 at 09:18:41PM +0000, Mehner, Carl wrote: > It would also benefit from an example of what to put in the cookie, > similar to RFC 6347. e.g. Cookie = HMAC(Secret, Client-IP, Handshake > Transcript). Well, most of the time, you don't want to use cookie field in TLS 1.3, as it is mostly meant for (future) DTLS 1.3. There are some exceptions, but those mostly involve protocols running on top of UDP using TLS 1.3 as internal component. And then that protocol should specify what goes to the cookie. And in DTLS 1.3, one presumably wants to include transcript state (good luck finding SHA-256 implementation that is featureful enough...) either as MAC'd plaintext or as encrypted value in the cookie. -Ilari
- [TLS] TLS 1.3 Cookie Mehner, Carl
- Re: [TLS] TLS 1.3 Cookie Ilari Liusvaara