Re: [TLS] 答复: Connection ID Draft
Eric Rescorla <ekr@rtfm.com> Sat, 14 October 2017 02:37 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B2FF1321F5 for <tls@ietfa.amsl.com>; Fri, 13 Oct 2017 19:37:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zuGak_Mtrfvr for <tls@ietfa.amsl.com>; Fri, 13 Oct 2017 19:37:24 -0700 (PDT)
Received: from mail-qt0-x22c.google.com (mail-qt0-x22c.google.com [IPv6:2607:f8b0:400d:c0d::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1BAC71241F3 for <tls@ietf.org>; Fri, 13 Oct 2017 19:37:24 -0700 (PDT)
Received: by mail-qt0-x22c.google.com with SMTP id z28so20389340qtz.13 for <tls@ietf.org>; Fri, 13 Oct 2017 19:37:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=UEi/Kv/U873+MpCM+eaCI1p2eicbUyTrP7BD3X1DmX8=; b=DtHZm1iu3M1VtF6eA/qHKrimrUnZizrw7QuHFGcmUXSf8UFSLc/nQNxnpb+B56LgoY BW5ttGRzSF/KoGc9aQi53AQVjH3CTNwVpzKE7yX8+pqQQaYmPYMrAE9jXX0LOn9k5n/8 MLtauvnPHvpn9hKl5VCoEi4kmLE7Q8ibR1O+/FkJo/NTQqPFNS6b6tblmxaHAOtuiqux OVEn/O+jCXHuWGjDjUV3fzm2LZnFtU/8meiErsLYndY3fS9zuxy+leCP/Asm8AbWqbHd F/wIO0AAa1efcX/NuMEwCIQPyLJ3lQ4NyseCdTtWcU/RvAxxKmyE/xttXMwHNnt9USEq 4LVA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=UEi/Kv/U873+MpCM+eaCI1p2eicbUyTrP7BD3X1DmX8=; b=jgk+MAWvj5MxUOPxQDy2T2/btR0hgZCEKDQ8Iec+SgiaQ9RpiWXnKVZjl6t8y5pPjN DFfNrWRjGMFjCDeIdYvR491rwTqhiLUlj5MBe0grrNeIx2R4ecnRFRGiLYAbm/z8Z9O3 ATEBXCIqxz+LabSOuODc3Ezry8NOBw3mXre4F+zXHG/KrDFkVcyG1uBL5hb2YY7ZyTzt GojJ5qcIuDUE1uTTHVPz40FBzgIlsHb4zYZPOHcwVIcTdgGx8SZNIKO2UlLlx4tuz9o8 lB6K+dD5JG92Qk/dxFgXRfrjy/+jKrOeDjj2/zJqdIDKaKUp5NvTgooIt+xcCxzqq0GZ 5mqA==
X-Gm-Message-State: AMCzsaX8gYU2RkWdFOUfZmnjW53SS/dFwBRPOWOShFGO/BOkEwbe2MHo +virgAOq3NUuHdRY/C/qhLPtWko+ktOSwW54+k2b/6dL
X-Google-Smtp-Source: ABhQp+QqvRbE9pA9vEKZWLb0YFoktNCE2LPsSua8gNfoJ/0B2hbUU0I/TRnj6a+OD62vZQllAtI36bhT0Gd9jeITRsM=
X-Received: by 10.37.45.83 with SMTP id s19mr11050ybe.400.1507948643168; Fri, 13 Oct 2017 19:37:23 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.129.75.194 with HTTP; Fri, 13 Oct 2017 19:36:42 -0700 (PDT)
In-Reply-To: <DBDF9AE44733284D808F0E585E1919022C7AAC48@dggemi508-mbs.china.huawei.com>
References: <DBDF9AE44733284D808F0E585E1919022C7A77E2@dggemi508-mbx.china.huawei.com> <9800fbbc-f23f-139d-b5a9-ef6515123f73@gmx.net> <DBDF9AE44733284D808F0E585E1919022C7AAC48@dggemi508-mbs.china.huawei.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 13 Oct 2017 19:36:42 -0700
Message-ID: <CABcZeBOakTsbSJODAroNFm7SsiVsnh9fhKMzT1J8i5PoC9rYXw@mail.gmail.com>
To: yinxinxing <yinxinxing@huawei.com>
Cc: Hannes Tschofenig <hannes.tschofenig@gmx.net>, "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="f4030435b0103749a0055b78a71b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/8T4o3CUGuwNXlIAvNTWKn1vu4YY>
Subject: Re: [TLS] 答复: Connection ID Draft
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Oct 2017 02:37:26 -0000
On Fri, Oct 13, 2017 at 7:28 PM, yinxinxing <yinxinxing@huawei.com> wrote: > Hi Hannes, > > "exchange new CIDs and switch between them every day" may not be a good > choice for power constrained IOT devices. From the point of saving battery, > it is better to transfer the new CID to the other peer in the application > responding message in passing, instead of sending an independent updating > CID message. > Well, that's obviously something you could do but it's not part of TLS, though of course you could use the connection ID in TLS. > > In addition, like what Stephen mentioned, it is essential to avoid > linkability between new CID and old CID. This is not covered in this draft. > New security considerations text welcome. For 1.2, in this draft, there is no NewConnectionID and RequestConnectionID > message, how can the CID be updated. This is what I mean "worse". > Yes. As I said, I'm not really trying to fix TLS 1.2, though I'm happy to have the extension used both places. -Ekr > Regards, > Yin Xinxing > > -----邮件原件----- > 发件人: Hannes Tschofenig [mailto:hannes.tschofenig@gmx.net] > 发送时间: 2017年10月13日 23:41 > 收件人: yinxinxing; Eric Rescorla; tls@ietf.org > 主题: Re: [TLS] Connection ID Draft > > I would like to focus on one of the points raised below: > > 3. We have a practical usecase in IoT. The IOT device, like > > intelligent water meter, sends one message per day, and goes to sleep. > > It wakes up in the second day and sends a message and then goes to > > sleep. If it always (or for a long time) use the same CID, there may > > be a risk of tracing IOT device or the owner of this device. > > Therefore, it is important to recommend user to update CID once it > > finishes sending message. For the CID in DTLS1.2, this becomes worse. > > > The user is typically not doing anything. > > > Without this CID extension you would send a full exchange or use session > resumption. This would allow someone in the middle to see the handshake. > In DTLS/TLS 1.2 this would reveal the client certificate. > > With DTLS 1.3 and this extension you would hide the certificate and you > could echange new CIDs and switch between them every day. The source IP > address will most likely still reveal the subscriber (if you consider some > cooperation with the ISP). > > So, you actually get pretty good privacy properties with DTLS 1.3 & CID > (unless some of the data center folks destroy it again with their fancy > extensions). With DTLS 1.2 there is only a performance benefit but the > privacy properties remain the same IMHO. > > Ciao > Hannes > > > > > > > > > > Regards, > > > > Yin Xinxing > > > > > > > > *发件人:*TLS [mailto:tls-bounces@ietf.org] *代表 *Eric Rescorla > > *发送时间:*2017年10月13日7:14 > > *收件人:*tls@ietf.org > > *主题:*[TLS] Connection ID Draft > > > > > > > > Hi folks, > > > > > > > > I have just posted a first cut at a connection ID draft. > > > > https://tools.ietf.org/html/draft-rescorla-tls-dtls-connection-id-00 > > > > > > > > Comments welcome. > > > > > > > > -Ekr > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > TLS mailing list > > TLS@ietf.org > > https://www.ietf.org/mailman/listinfo/tls > > >
- [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Nikos Mavrogiannopoulos
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Matt Caswell
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft Hannes Tschofenig
- Re: [TLS] Connection ID Draft Eric Rescorla
- [TLS] 答复: Connection ID Draft yinxinxing
- [TLS] 答复: Connection ID Draft yinxinxing
- Re: [TLS] 答复: Connection ID Draft Eric Rescorla
- Re: [TLS] 答复: Connection ID Draft Eric Rescorla
- [TLS] 答复: Connection ID Draft yinxinxing
- Re: [TLS] 答复: Connection ID Draft Eric Rescorla
- [TLS] 答复: 答复: Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Benjamin Kaduk
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Christian Huitema
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Nikos Mavrogiannopoulos
- Re: [TLS] Connection ID Draft Simon Bernard
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Benjamin Kaduk
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Matt Caswell
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Matt Caswell
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft Matt Caswell
- Re: [TLS] Connection ID Draft Simon Bernard