IETF Logo Mail Archive

Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on draft-ietf-emu-eap-tls13-13: (with DISCUSS and COMMENT)

Eric Rescorla <ekr@rtfm.com> Thu, 04 February 2021 14:30 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3FC883A1577 for <tls@ietfa.amsl.com>; Thu, 4 Feb 2021 06:30:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XutMNott7HRA for <tls@ietfa.amsl.com>; Thu, 4 Feb 2021 06:30:35 -0800 (PST)
Received: from mail-lf1-x132.google.com (mail-lf1-x132.google.com [IPv6:2a00:1450:4864:20::132]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1366D3A157C for <tls@ietf.org>; Thu, 4 Feb 2021 06:30:33 -0800 (PST)
Received: by mail-lf1-x132.google.com with SMTP id a12so4866497lfb.1 for <tls@ietf.org>; Thu, 04 Feb 2021 06:30:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=tSQyqYnMAtiKDIWFhrV2jWxbaq+g+Lc+asMSct1wp2Y=; b=aI3iVe3lBgjLnd5YFWd+nwL3FQX7dIxEdBONvXlqKmt3ncYDoLkJ0NHGRDK1gAsi7s 4o9/CNQvvkUn8Anr72LV2WHvPe9reBGDmQ2xb+qQ+52xbwVjANCqLDm4d3OHzptj3lHb DiYyTJrOMQ5VkiM3FNs8H+qHOJGYY8qlgGpwAv61tudWGulO/U3pYBIW11slOeEakKH8 vArKQtyP7EJqEZ4ylw14YDdTGOGhnQROFFCQPpUKIN9tXSq4hrLTgXh1Nxh4AckMMuD8 vGBJXx4M96i/cmJRI0ZaB6WstLsHjcPaecYFedB3APg2rLYds5nnzZyS2o1tLUNdM2hC AUVQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=tSQyqYnMAtiKDIWFhrV2jWxbaq+g+Lc+asMSct1wp2Y=; b=RWRWO5bmP9rj/M7YxWfWfvIv8ENY/eLrnNLD2HdZDxD4mAYFMmS6qp4FuWPGuqBNVw 6z8KA/bvg0M+ijuFtPvjFFAJisO32iTzl45X0TiPaUBFrTWzaH4RE1FjiNenms7AnHef QbBZ/5YhM13k3Gl1M7izcx0B9JfUGIOVyvQpJvYVLMfAfDp9dGn37kWIRN4Rc4N02Ox9 lkNnQLbexwDNakIrN2yEFwVOC1k/mQ6UhzA0pNHJG7NeWMqWH4g0J3Y3QgP3ewB3YtC9 azxYCc4cOVNaEKoFHnZAYjJj2UvUIv8hxWRe1B6zoxYcjcbXfyUgY1jmIB6YWXqSYwrU RTaA==
X-Gm-Message-State: AOAM532RdelmiSC6OkpWrDszfjVTVzVgSiWvn2xHJSaQXu1ZaEm8GoeV ahg762hoSEIE0w+2CBxEDZJB+E9mgX+FXz2znrfb3Q==
X-Google-Smtp-Source: ABdhPJynmk9D2ZofpLyNJxf71ZMqJS9K8vxT1NPF0vijYBmGXx/r0UGvYV+KNFAwHr4N06kRBDF/Y/D30Fa0RqtjgEM=
X-Received: by 2002:a19:6410:: with SMTP id y16mr4857298lfb.113.1612449029861; Thu, 04 Feb 2021 06:30:29 -0800 (PST)
MIME-Version: 1.0
References: <e669002f-caff-1e6e-e28b-d09157eb0c07@ericsson.com> <6241F0B6-C722-449E-AC3A-183DE330E7B5@deployingradius.com> <9ddd1593-3131-f5cc-d0db-74bf3db697bf@ericsson.com> <3CB58153-8CCA-4B1E-B530-BA67A6035310@deployingradius.com> <CAOgPGoA3U+XpZMY7J+KGovNx6MtAdEzRaGW33xVJdQNWSi4LVg@mail.gmail.com> <770e6a49-52fc-4e8b-91af-48f85e581fbb@www.fastmail.com> <CAOgPGoBGOMXH-kMhQSujWxnACdmBL845u0ouE0fUYc4rWtUrZg@mail.gmail.com> <ca4c526e-79a0-4fa7-abda-2b626795f068@www.fastmail.com> <3409F71E-4CE4-46BB-8079-BFBE9BE83C9A@deployingradius.com> <66157321-55DC-4831-8EF2-D75934D9024C@deployingradius.com> <20210129183220.GI21@kduck.mit.edu> <1A830492-3404-4BCC-844B-D7D950458BD9@deployingradius.com> <CABcZeBMAtmPfG0rctvO8UvnhPqY1etk=SxnonP_t6ysNxH7hVA@mail.gmail.com> <470E0468-E1D8-486E-A2CA-2F042EE8F2C2@ericsson.com>
In-Reply-To: <470E0468-E1D8-486E-A2CA-2F042EE8F2C2@ericsson.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 04 Feb 2021 06:29:53 -0800
Message-ID: <CABcZeBNGtyGKLGCvbBDg=3JWpuCD7trBX5Du=FOs1yVD0kzoWw@mail.gmail.com>
To: John Mattsson <john.mattsson@ericsson.com>
Cc: EMU WG <emu@ietf.org>, Benjamin Kaduk <kaduk@mit.edu>, "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000a4cbd805ba838bbc"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/DE5frUUqE40vA2IHdtFDlwyi7c4>
Subject: Re: [TLS] [Emu] Fwd: Benjamin Kaduk's Discuss on draft-ietf-emu-eap-tls13-13: (with DISCUSS and COMMENT)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Feb 2021 14:30:43 -0000

On Thu, Feb 4, 2021 at 12:57 AM John Mattsson <john.mattsson@ericsson.com>
wrote:

> Hi,
>
>
>
> I think the idea of a new TLS extension to make TLS 1.3 and EAP-TLS
> interact better is a very promising idea. This would probably take some
> time to get specified and implemented so it is probably a future
> optimization/simplification rather that something EAP-TLS 1.3 should wait
> for.
>
>
>
> An extension that "I do not send any post-handshake messages" would work
> and remove the need for a commitment message.
>
>
>
> ------------------------------------
>
> NoPostHandShake Extension
>
> ------------------------------------
>
>
>
> Clients MAY send this extension in ClientHello. It contains no data.
>
>
>
> Servers MAY send this extension in EncryptedExtentions. It contains no
> data.
>
>
>
> When the "NoPostHandShake" extension is negotiated, the server MUST NOT
> send any post handshake messages.
>
>
>
> -------------------------------------
>
>
>
> However, this would also stop the client from doing resumption which is
> also very important. EAP-TLS fragments TLS into a large number of
> round-trips, and database lookup to authorize clients is often slow, so
> resumption is essential to get good performance.
>
>
>
> The current Post-Handshake NewSessionTicket is not well-suited for EAP-TLS
> as is introduces the demand for the commitment message as well as
> introducing an extra round-trip.
>

I don't really understand what EAP needs here, but it seems to me that the
commitment message (or the close_notify) is serving two purposes:

1. Saying that the handshake completed successfully
2. Saying that there will be no more messages

I understand from the discussion that knowing that there will be no more
messages is useful. Do you think that the client knowing that the handshake
completed is unnecessary?

-Ekr

v2.23.0 | Report a Bug | By Email