Re: [TLS] Don't Split HelloRetryRequest

Stephen Farrell <stephen.farrell@cs.tcd.ie> Thu, 01 April 2021 18:57 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E1E923A1F27 for <tls@ietfa.amsl.com>; Thu, 1 Apr 2021 11:57:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=tcdud.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TAYMvf082ALh for <tls@ietfa.amsl.com>; Thu, 1 Apr 2021 11:57:44 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70115.outbound.protection.outlook.com [40.107.7.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE8E53A1E9F for <tls@ietf.org>; Thu, 1 Apr 2021 11:57:38 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cTd7qxewTC3cAsiZ+p0aQCyPRA2VcYyeM1mAW93y6lPzWfBODWUX1Ot9gMxFXlb28hf0nBmnjE721YsKy9rRv5muf8xpw+5OhsSWvU8gnCrSpi+ACvH9OvhwFoKSG9a6Cx34GkezT+OijguwpPO2+jAOEv0WYdN62b5SHLNhEdbe64Ew+ooUXRIvrjmqvSBSz1ND9tT5R/7nlHhonJ61P7g04UX2ytkxECuacqe8h/5TpFtsjgELPQ1knZhAH6oXhTWgum7OLqYtGaGjGthTV3P/ypMvNOOjkJ2F8AfIztMb+3FvM71JRVzoSRhA5Xm5JKuLHxbua1KaLPQTwrRwpg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=yxaAiV9Q4GV7Z3JvgHGqRxb/mUy/1HcIDXO4aiy4XCY=; b=BL58n218QZu+K8u13mRPlfWvHQmwF4KiHgPp+lXqaYD0mqtnafdyRrPtAKSlK065lQI4LHSG3C1YDKUN6gvJukVfsiqQ4eRP6KuTt02NzHW5kk9AUQ1m5l6uV7IPuHKTdHO7mh5b3LiJFWwJpu4R6YZMk0nqjdAVunrZen1MKtqJi/+7s/hm/MAlwRoT1KxSQH8JUe4afnvDuFp/HHZMZvMVulFsvjIJgWZz2IiLzxCNRQM21/TMik/5BkhHWV0w0zejRHZrtx4AhmNAYUaSgHWDJ/96xlk5PXnbSwXYtTecrfQXb2Qvi8oTR++SBJV5q+Rw8187nd+mDgLptDtfLA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=TCDUD.onmicrosoft.com; s=selector1-TCDUD-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=yxaAiV9Q4GV7Z3JvgHGqRxb/mUy/1HcIDXO4aiy4XCY=; b=BEnOgRjudLg+0Z1aXC4V9Kz5udCv0liUuL2Uhd9aN1AZ6xdQ8saFyrvGwMtKGeKNCfaZi6Ho+NgPuJHAR86Uxd+mcYW93mcoMToCWYoUVuPv0l0x27IBthtJ5dEscVyYACaD3AEyYtdqgwXmVBUcbGhx+EjKK10jYX5PWZagBnU=
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by DB6PR02MB3079.eurprd02.prod.outlook.com (2603:10a6:6:18::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3999.27; Thu, 1 Apr 2021 18:57:33 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::2d8d:9193:d3f3:6cc6]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::2d8d:9193:d3f3:6cc6%5]) with mapi id 15.20.3999.029; Thu, 1 Apr 2021 18:57:33 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
To: Christopher Patton <cpatton@cloudflare.com>
Cc: tls@ietf.org
References: <d0758a0a-737b-40ac-8189-1b4168510859@www.fastmail.com> <CAG2Zi216sYnwmZFdHxnMC+8vP0Ewr7tBr0TBc2PKkpJsgRFjiA@mail.gmail.com> <8f69f37e-b011-85a3-cd76-75cff00156a2@cs.tcd.ie> <CAG2Zi229wAWC8NLuN_1h6KQiBRzxvA-NQN8obdoSbfAUL+713A@mail.gmail.com> <c7c8a7fe-143d-cb50-8806-7eb052588e84@cs.tcd.ie>
Message-ID: <83231f86-c074-7a16-e88e-5f211a0122e6@cs.tcd.ie>
Date: Thu, 1 Apr 2021 19:57:31 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1
In-Reply-To: <c7c8a7fe-143d-cb50-8806-7eb052588e84@cs.tcd.ie>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="yOI57blFTwOZ8HEFWcZr7b5bFbyir1HI7"
X-Originating-IP: [2001:bb6:5e5e:b458:705a:4d69:e974:1604]
X-ClientProxiedBy: DU2PR04CA0051.eurprd04.prod.outlook.com (2603:10a6:10:234::26) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [IPv6:2001:bb6:5e5e:b458:705a:4d69:e974:1604] (2001:bb6:5e5e:b458:705a:4d69:e974:1604) by DU2PR04CA0051.eurprd04.prod.outlook.com (2603:10a6:10:234::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3999.26 via Frontend Transport; Thu, 1 Apr 2021 18:57:33 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: be32e354-e52a-43f0-b0d5-08d8f54001fd
X-MS-TrafficTypeDiagnostic: DB6PR02MB3079:
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-Microsoft-Antispam-PRVS: <DB6PR02MB30794A7997BBEA624C4ED6D1A87B9@DB6PR02MB3079.eurprd02.prod.outlook.com>
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Oob-TLC-OOBClassifiers: OLM:230;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: ld2WMZXOJvjx6ruX1H/qWfPUECiddbNrf/9pd7cgpLZY6s3v/TykL4bqk5+OvLKBCQMPyUkRa15oyypbtp5+I8FZ4t7a8GhindFOqWkoZnDwxagEDxqVllr0JCIZ/9AU9RPpeF2qetWgC8HhYpkyALwbT97DP+bDA2fFR4U8y8DJpctBxQ1EyL7HLt5K4kJkn8qxSzb6AUiySmZdLBGfKF+tQu3QU5gfm8THgluzZwdYaASaR5R/beycPDuj7A3XhKxYSREmrA1lUbDuCSw9JUXBy3nPc9W1lukYYK/Pcn8DpJZu9B1vWh39BxACz1YLeLt5pETEkucUqPF+hNyxfwY42Bqbd2rtRsus/F/CAvYsbMCy1DnNNwyL9oxhoXPTon45c9Xm7YcGWFX/BKVed2v/uIMj/RacxXiPgcDgE9YNf6Mu3mqvK+dTHzlPAw3cemX2IMXECAfTilvb3/r5VK2dfmGfgJfDJYv1pK606Sr4Yr5wkPJFlZ3+xCaiDjX3K6OTbNqVSor513RjfaiziOoFBFIp2mAbJ3qjnfHkNfnLoj75Ktvy+Q9lbCz7W/DGIi3JugVUCl4+2LtZBYGOm0u8DHzOCPoddP0RCxQbfKFdbMAgvBkcNhcLZPOH+c1gUqgLBUdVeQPoXAOzbw0/4AJmTCJxI9tT5d0pXWvgyjgSdatehEYomLisXMBalqGvVFpSzVwzgrsCSw4N6I9qaA==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(39860400002)(396003)(136003)(346002)(376002)(366004)(66476007)(66946007)(66556008)(478600001)(21480400003)(83380400001)(66616009)(33964004)(53546011)(6916009)(16526019)(186003)(86362001)(52116002)(4326008)(5660300002)(31696002)(2616005)(316002)(235185007)(786003)(2906002)(6486002)(31686004)(38100700001)(36756003)(8936002)(8676002)(44832011)(45980500001)(43740500002); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData: =?utf-8?B?MFYxUmNiMEhYcWhEbEZpQStzS2FsYkMwQXk4WlQvM091NzlQNVQ0ZkhxS3Na?= =?utf-8?B?Y0QvMCt1RWs0dHcxeFpUdFdJRm9GL3h3MEJBcUFuNnppWHZDd2hoNmVJVkRq?= =?utf-8?B?T3pyMnA1cmlrWU93cWZZTVZRM2ZpR2R3Y3MwVnc3ZCtlL1hwNUMveGJzWUtw?= =?utf-8?B?R3RGYVZlVVVPd0ovQ2NVNlJLQjN3bUs1eWVESkdUQWNCUzZFOFZZNFhJZ2NX?= =?utf-8?B?QTFHVFJrOFhhQnpnTzRPeXVqK3Q0eWtwSkJUN1ZUMjdVZVBFK2xFcGtnZkNH?= =?utf-8?B?WnJMdWdya1R2NHo4ODlZbVl3aENBSVZBc2JndFVBM1A3U211TUE4d21PRmh4?= =?utf-8?B?U1QxMFRQaUFBcytodGpJWXRQWS9WU3RPVWRYbS91QStveUNnTzZnQ1BPQ0s4?= =?utf-8?B?NXJ6TVg0d1FUQlZWTnAwWXVMb05VVmxTelI0UXZ3RWlOZ213SkRaalpLV2hq?= =?utf-8?B?UDJvVHcvVThGWHkrbXlLdldHWExDc1RyMEhDN3VWMnJWNGtSb0FQbjdTa1FZ?= =?utf-8?B?aDdiMjNBY2NsN1RFOFB5OERxMUUxSUlDa2IwdDlLYlFScHMwZGwxMVJKQzJI?= =?utf-8?B?TnJhbklsRFFXUmJDY21oaXRiTElSU082RjNjMXpxQVJYZS9NVGEvNHczT1NK?= =?utf-8?B?TldyRDBOeEFnOXFncEdNdkhNZ0hlVGp5eCt0cUhZajByeXVJUUlYRCtadzZs?= =?utf-8?B?empHclZTbU9VNmJ3VDdoYWZUdURBYTJ5YXpsQ0RoOHJBekoyV1hhMjJTSkhI?= =?utf-8?B?YVlYMnMvQ1NKSldadnRXczl4MExUcVoxaVVGelhKYk5vR2hhcEhFZ0FXbWkv?= =?utf-8?B?dUlqNXcrSFQwZXlWQTRlUmxyMUx3WEt5U1hYREZEY1FOaEhoS2MwWWs0V3hX?= =?utf-8?B?S2o2b3RWVkgxREs3eWFNRU1RQUwrUU9zQ0hZS0lSZWZGV1Zpc0lyOHh5eGJP?= =?utf-8?B?Z2NHc2UwOHNkbkZHR2d2ZmJ2OTR3bWd5QThqRFlUNE4rNE9GcHJCaG55Z0hS?= =?utf-8?B?aFRiQ21VSWRmVmFaMkVBaThhOXJUQmUyelNxNm9SN2NXbTQ5Sm1vcVVlS2NH?= =?utf-8?B?Sk9ISWh3QjEydnBsY0VlNHdSVFE0Skh0YVNHSXJUVVc3Z3RLL3p6Sms2azVw?= =?utf-8?B?ZU5xdzJYRG1MNmxkS21VcTZqMmVLMzBkY2FYZ1dJNUhhbmtpL3lDYjJmL1p0?= =?utf-8?B?MUFlVjNRTjZGMmhoM2o0VUpvUm1FRU52VnF5bWZrQ0tuQ3pjNmRIdDhGR2oy?= =?utf-8?B?dGNRTmthL2p2V2NmMjdhdkV2aXhoOXUxaGxISkRKbkNPbEhDSW9WNVEzT1RX?= =?utf-8?B?OWlYSDcxVTRkM3RSV0EvUnVjZ3cvM2k2aGZEZXI2YkpkSWUwc29ZWDk1K1d5?= =?utf-8?B?UW1uMG1zMy81dzRyM3cwTFNZK0lzcHZ4dWRlS2kzTEZQMUVZZkpPSWtOeUFj?= =?utf-8?B?OVFqa3JpdG1idWs5bnY1cUF1dkM0Q2NBQW9MODNLSEZNR1FNTEsvNTF1a2s0?= =?utf-8?B?NW5MYW02emkxQ1g2YkJzeHA5WWFYd1M2NE16TkVReDZtTm1WLzlhOGNVci9B?= =?utf-8?B?eXRkRklyZHZBTVVqUkt3djl5L0toU1dHTktDVWFsQ0RlNG5RTWFzRGVwYnpV?= =?utf-8?B?cmR2aGxGVi80eWJtd1g2QnY3VTk2UmJCTDBkeU12NU40RXhocENwcWxWaVgy?= =?utf-8?B?c3R4OHlyN0wzUE9SbmRkekxTU3lieTFaVHJ1eWlQRERBMDRCRm5yWVBpRWpE?= =?utf-8?B?TnY5aGhaZWJoNk9rdkJLK1JwcVJYempCaUFiM3h5Q21Pb0JCMExiL3hjYXZ0?= =?utf-8?B?S2tMT25pUWcvdkhPbnprV0p6Mm85N1AxejhBdHZ5VWRaNEV4SkU3N29hcHRs?= =?utf-8?Q?8C4AhtOzLHZYy?=
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: be32e354-e52a-43f0-b0d5-08d8f54001fd
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Apr 2021 18:57:33.5219 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: pBbvKsYWNEr7cVTpaqIA+AMO0Q9a6kVg6luzELzKlnmYtmxZO/mNRR/XCBEZUr1p
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR02MB3079
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/D6jNIISe3QBfE00mhFEFNprNzQo>
Subject: Re: [TLS] Don't Split HelloRetryRequest
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Apr 2021 18:57:50 -0000

Hiya,

On 01/04/2021 19:24, Stephen Farrell wrote:
> some guidance on checking your front-
> end's choice of curves and failing when some of the HRR
> cases get out of whack

Actually it occurs to me that we could for example say
that back-ends are RECOMMENDED to support the first
curve listed in ECHConfig for both ECH and the TLS h/s
and then also RECOMMEND that clients include a key share
for that curve as well. With that, it might be acceptable
to not use HRR (but fail) if the inner CH has no key
shares that the back-end can handle. Things like that
might reduce the number of HRR cases we need to handle
via new protocol mechanisms.

S.