Re: [TLS] PR#28: Converting cTLS to QUIC-style varints

Peter Gutmann <> Wed, 07 October 2020 01:13 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 31F023A1597 for <>; Tue, 6 Oct 2020 18:13:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.895
X-Spam-Status: No, score=-1.895 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id TpA-R-R9nhLr for <>; Tue, 6 Oct 2020 18:13:22 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 58C403A1554 for <>; Tue, 6 Oct 2020 18:13:21 -0700 (PDT)
Received: from ( []) (Using TLS) by with ESMTP id au-mta-55-kP0BlDauM-iK1GGyN0G3xA-1; Wed, 07 Oct 2020 12:13:16 +1100
X-MC-Unique: kP0BlDauM-iK1GGyN0G3xA-1
Received: from PS2P216CA0091.KORP216.PROD.OUTLOOK.COM (2603:1096:300:2c::29) by (2603:10c6:10:2d::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3433.38; Wed, 7 Oct 2020 01:13:14 +0000
Received: from (2603:1096:300:2c:cafe::f9) by (2603:1096:300:2c::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3433.36 via Frontend Transport; Wed, 7 Oct 2020 01:13:13 +0000
X-MS-Exchange-Authentication-Results: spf=none (sender IP is;; dkim=none (message not signed) header.d=none;; dmarc=none action=none
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.3433.34 via Frontend Transport; Wed, 7 Oct 2020 01:13:12 +0000
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 7 Oct 2020 14:13:10 +1300
Received: from ([]) by ([]) with mapi id 15.00.1497.006; Wed, 7 Oct 2020 14:13:10 +1300
From: Peter Gutmann <>
To: Christian Huitema <>, Michael D'Errico <>, "Salz, Rich" <>, "" <>
Thread-Topic: [TLS] PR#28: Converting cTLS to QUIC-style varints
Thread-Index: AQHWm3iaIo8XmEHI+EC08gFil/dDFKmI7+aAgAAB6gCAAAx8gIAAz48AgAAafwCAAAEYgIAAChUAgAADY4CAAV/Trg==
Date: Wed, 7 Oct 2020 01:13:10 +0000
Message-ID: <>
References: <> <> <> <> <> <> <> <>, <>
In-Reply-To: <>
Accept-Language: en-NZ, en-GB, en-US
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 58964146-89fe-4ac8-c36a-08d86a5e294d
X-MS-TrafficTypeDiagnostic: SYBPR01MB3818:
X-Microsoft-Antispam-PRVS: <>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0
X-Microsoft-Antispam-Message-Info: OaY8suywqt1J8+2Sbjw5gIJ7Lc0waoTpSzEcVD/ARCIsqwaePOBJ/2/3gpfpP0Mf+43kjAwcQrKcpW64GAy6WzAB7RmYOF0lG2of6bI+TN+aQ4f8OmKkqJu13Tc8u7ENACjd2yCwYHog9MXLEk9cim9gZraCYet5xNllEEnztxtxfv5cHfYgMaZZltQIeZXxruOhXUeLZvwR2nCbHrtJq/JOlu2UkA/gnZPpG9VUvzpaNNPV7fzyEavLZwezI0gGT9ZF9sP3kn5za3kZaQM54Gol3qc0F5IzMDeuFaNfxl2s51+yhwMsPWIpWvOiRF4UM02YsEIFyY+05WTj/QvU2v3FWfKUKegm2745V61SRTe4LFrfUSQF9nqXQsVn8iKt9idKiz34IQ+pJRVG51dSAA==
X-Forefront-Antispam-Report: CIP:; CTRY:NZ; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM;;; CAT:NONE; SFS:(4636009)(46966005)(498600001)(2616005)(5660300002)(83380400001)(82310400003)(336012)(26005)(7636003)(47076004)(356005)(186003)(36906005)(110136005)(8676002)(70206006)(86362001)(8936002)(70586007)(4744005)(2906002); DIR:OUT; SFP:1101
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Oct 2020 01:13:12.1309 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 58964146-89fe-4ac8-c36a-08d86a5e294d
X-MS-Exchange-CrossTenant-Id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=d1b36e95-0d50-42e9-958f-b63fa906beaa; Ip=[]; Helo=[]
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SYBPR01MB3818
Authentication-Results:; auth=pass smtp.auth=CAU17A13
X-Mimecast-Spam-Score: 0
Content-Language: en-NZ
Content-Type: text/plain; charset=WINDOWS-1252
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
Subject: Re: [TLS] PR#28: Converting cTLS to QUIC-style varints
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 07 Oct 2020 01:13:24 -0000

Christian Huitema <> writes:

>Receiver side: receive the message, parser with generic ASN.1 decoder,
>process the message using the "parsed" representation, re-encode with DER,
>check the signature.

Except that no true Scots... uhh, sane person ever even tried that.  I've
heard that there was one implementation, done in Europe, but have never seen
it.  Everyone else just treated what arrived as a blob and went with that.
That's why, years ago, on the PKIX list I said "there is only one encoding
rule and that is memcpy()".

>Well, we have learned a few things since 1994.

Except for the people who did secure XML, who not only ignored what we've
learned so far but made it worse by making it active content rather than flat
byte strings.

But that seems to be the rule for XML design in any case.