IETF Logo Mail Archive

Re: [TLS] DTLS 1.3

Nikos Mavrogiannopoulos <nmav@redhat.com> Tue, 05 July 2016 13:47 UTC

Return-Path: <nmavrogi@redhat.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E8B8912D591 for <tls@ietfa.amsl.com>; Tue, 5 Jul 2016 06:47:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.142
X-Spam-Level:
X-Spam-Status: No, score=-4.142 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-1.426, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, SUBJ_ALL_CAPS=1.506] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VXpRKfGXgsBH for <tls@ietfa.amsl.com>; Tue, 5 Jul 2016 06:47:30 -0700 (PDT)
Received: from mx5-phx2.redhat.com (mx5-phx2.redhat.com [209.132.183.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 36E8912D58E for <tls@ietf.org>; Tue, 5 Jul 2016 06:47:30 -0700 (PDT)
Received: from zmail22.collab.prod.int.phx2.redhat.com (zmail22.collab.prod.int.phx2.redhat.com [10.5.83.26]) by mx5-phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u65DlTMp021118; Tue, 5 Jul 2016 09:47:29 -0400
Date: Tue, 05 Jul 2016 09:47:28 -0400
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
To: Ilari Liusvaara <ilariliusvaara@welho.com>
Message-ID: <1668071051.2739941.1467726448720.JavaMail.zimbra@redhat.com>
In-Reply-To: <20160704205114.GB4837@LK-Perkele-V2.elisa-laajakaista.fi>
References: <577A38A2.2090209@gmx.net> <17444145.2646138.1467662059329.JavaMail.zimbra@redhat.com> <20160704205114.GB4837@LK-Perkele-V2.elisa-laajakaista.fi>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.36.6.111]
X-Mailer: Zimbra 8.0.6_GA_5922 (ZimbraWebClient - FF47 (Linux)/8.0.6_GA_5922)
Thread-Topic: DTLS 1.3
Thread-Index: kqW46FNUGkTH9sRKr9Wepej+JcYubA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/BC82Kyo38qZOKK7dNqZCUBYUYRc>
Cc: tls@ietf.org
Subject: Re: [TLS] DTLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Jul 2016 13:47:32 -0000

----- Original Message -----
> On Mon, Jul 04, 2016 at 03:54:19PM -0400, Nikos Mavrogiannopoulos wrote:
> > ----- Original Message -----
> > > Hi all,
> > > 
> > > I have made an attempt to integrate DTLS 1.3 into the TLS 1.3 document
> > > and you can find the result at
> > > https://github.com/tlswg/tls13-spec/pull/512
> > > 
> > > I have worked on a prototype implementation of DTLS 1.3 and if someone
> > > else has something working by the time of the Hackathon in Berlin please
> > > let me know.
> > 
> > May I recommend a more radical approach for DTLS? My experience with
> > servers
> > handling DTLS traffic from various clients is that the clients change IPs
> > (while
> > roaming) and incoming ports (due to firewall state timeout), making
> > impossible
> > for the server to map the encrypted incoming packets from unknown IP/port
> > combinations
> > to any particular handler (i.e., handling process/thread or logical
> > handler). That
> > is because an independently received DTLS record packet has no session
> > identifying
> > information.
> 
> I think in DTLS 1.2, that was meant to be handled at lower layer (of course,
> often there isn't such layer even when needed).

I'm not sure that is discussed at DTLS 1.2 protocol at all. It is mostly ignored
as a problem. In the most unreliable layers (including UDP), this cannot be handled
at the lower layer without introducing another layer.

> > For that I'd like to propose the DTLS record format to include at least a
> > 3-byte identifier which will allow servers to recognize streams coming from
> > unknown
> > sources. That would be similar to the SPI field in the ESP packets. That
> > is,
> > a format similar to:
> One can't change the headers in ClientHello/ServerHello and expect to remain
> backwards compatible.

Why would these headers need to change? The ClientHello will be sent under
DTLS 1.0 and if the server see that the client supports the version with the
new format, it will reply using the new fields. The protocol's design can
cope with such changes.

> And how would that identifier be assigned? 0 in ClientHello, then copy
> whatever the server sends?

If the procedure above is followed the client will copy whatever it
sees from the server's hello packet.

regards,
Nikos

v2.14.0 | Report a Bug | By Email