IETF Logo Mail Archive

Re: [TLS] consensus call: draft-ietf-tls-ticketrequests

Martin Thomson <mt@lowentropy.net> Wed, 04 March 2020 23:42 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 786AE3A0C06 for <tls@ietfa.amsl.com>; Wed, 4 Mar 2020 15:42:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=oizOzqIP; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=U5iL+A3u
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LrW1R2qhO2Wv for <tls@ietfa.amsl.com>; Wed, 4 Mar 2020 15:42:29 -0800 (PST)
Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A98B3A0C03 for <tls@ietf.org>; Wed, 4 Mar 2020 15:42:29 -0800 (PST)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 4ED8B21B5A for <tls@ietf.org>; Wed, 4 Mar 2020 18:42:28 -0500 (EST)
Received: from imap2 ([10.202.2.52]) by compute2.internal (MEProxy); Wed, 04 Mar 2020 18:42:28 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type:content-transfer-encoding; s=fm1; bh=gdRAJ JJ44Sw+I8TJGNDvOB4r11VIJSsn6Ogw9Vg4dWY=; b=oizOzqIP0ThYi7oIPAhen Yla5Lur7csqowwimfJnyOD2uCmTzSwebk587sxHjuDs3DvU5QG1QJrkL5cQ2OKBO JGNYCMF6Qw5wvYvgrDkpxgp3eHh1YeOp584avOLCKQUowySCJLSyAh5BjwReHv3Q 9WczpdoMp+kORzncW456dn6ILEBzSe/1CHL+49bbLAoN0wE3wafw0f7VhnR3eWDz ELp8qDTuU90tD1nB3edLjvUWIaJhzVMLa/CTb4b/oWMpjLU2/2CgQZ1p9gmdl+3E rCilnCqJi1mb1AqFB0qx1UD5SKtp3rowSkLxSJzpb2X2JlGt5oOboqgZlZ/CTkLS g==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=gdRAJJJ44Sw+I8TJGNDvOB4r11VIJSsn6Ogw9Vg4d WY=; b=U5iL+A3uWROYw7Q6oNp/9+GF4sBYJRRHFXs+GdkQQR3DPzEAioukYXilR NG2dDAk7PRV4lNhOaivd+65cv4G2Q/3hRnEwxTnmLniF9hJodYcXS9YAx2hZR2Y5 cVnXnQyXMpBuVnuS5D3qHYZJZcnE7ZJCwD5yU4c36cCCqJy0GeFgVtDbIgQpe6nn qgvowzgv+Yad1Jt4IB1VqQwbu9aLRrfYlZGanLa9EDHVN9TYLodFc7jYt/aFEZXj Zgs+AyIoWzLhte+tu3OSMWJHSfW3vhla6XnywPHGZ0Bzx1k8pbg6V0MWEm6pGWhw atE8wgxIdZ9KPE66n3Ztz3jH3tPEw==
X-ME-Sender: <xms:4zxgXolPhuKysQJS1CO4t7guZ-8yH9YARp8itoiyIwt7kJTgg6334A>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedruddtledguddvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtgfesth hqredtreerjeenucfhrhhomhepfdforghrthhinhcuvfhhohhmshhonhdfuceomhhtsehl ohifvghnthhrohhphidrnhgvtheqnecuffhomhgrihhnpehivghtfhdrohhrghdpghhith hhuhgsrdgtohhmnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhf rhhomhepmhhtsehlohifvghnthhrohhphidrnhgvth
X-ME-Proxy: <xmx:4zxgXp-_52N3-Chs_qYanvImgdBP77sbUA5TuIcr8DyjHRC6783RAQ> <xmx:4zxgXri5J85OKkHNIMGlm200R4063YRksXbBPwUEFGPqviZDTqUxSw> <xmx:4zxgXjfmkHsvPJuu05Ee9J3l2SLP6eOS9kDy7AX_o_n3aL8yzildtA> <xmx:5DxgXtnqnb0ZO8XzOUqe3eivB8bGbSgR6pK6zSYDTR7-OtipUIkhcw>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id D9D89E00A6; Wed, 4 Mar 2020 18:42:27 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.7-986-gfc2d493-fmstable-20200304v3
Mime-Version: 1.0
Message-Id: <499f4c6f-fa95-44ea-8c44-c985e140c4e0@www.fastmail.com>
In-Reply-To: <0E7E2E43-CC46-488E-981E-BF8417821D85@sn3rd.com>
References: <4E07012F-AB53-4727-A309-D8A15222A433@sn3rd.com> <0E7E2E43-CC46-488E-981E-BF8417821D85@sn3rd.com>
Date: Thu, 05 Mar 2020 10:42:09 +1100
From: Martin Thomson <mt@lowentropy.net>
To: tls@ietf.org
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/DNp_Vxc70jpVO40JJax-KpLyMmY>
Subject: Re: [TLS] consensus call: draft-ietf-tls-ticketrequests
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Mar 2020 23:42:35 -0000

I have a third option (mu?) which differs from previous proposals.

I have been somewhat convinced by the arguments about how resumption is different and can tolerate the complexity of the additional counter.  That is, endpoints can request replacement of consumed tickets (1 for when a connection attempt succeeds, N if they race N connections and only keep one; 1 + M if they want to replace M wasted tickets from M previous failed connection attempts).

The text about reuse in PR 18 is not good, however.  (PR 18 is also very wordy, but that's something I will leave to the editors of the draft.)

I can live with a solution that has two numbers, but only on the understanding that 0 means "no tickets".  That means no text on reuse, except to discourage it.  It means implying that resumption=0 means that the client plans to initiate a full handshake in future rather than explicitly endorsing reuse.  As Russ mentions, we might cite the relevant sections of RFC 8446 when it comes to reuse, but for me that would have to be in the context of saying not to do that.

On Thu, Mar 5, 2020, at 03:06, Sean Turner wrote:
> one more time ...
> 
> All,
> 
> The purpose of this message is to help the chairs judge consensus on 
> the way forward for draft-ietf-tls-ticketrequests. The issue at hand is 
> whether the client-initiated ticket request mechanism [0] should be 
> modified to add support for ticket reuse, see [1] lines 160-214. As we 
> see it, the way forward involves either one draft or two. To that end, 
> we would like your input (YES or NO) on the following question by 2359 
> UTC 18 March 2020:
> 
>  Must the ticket reuse use case be addresses
>  in draft-ietf-tls-ticketrequests?
> 
> Full disclosure: RFC 8446 recommends against ticket reuse to help 
> protect clients from passive observers correlating connections [2]. The 
> PR supports ticket reuse for use cases for a server-to-server 
> connection that has fixed source addresses and no connection racing; if 
> adopted the WG will need to ensure that the security considerations are 
> properly documented.
> 
> Note: There have been at least three threads on this draft [3][4][5]. 
> Please, let’s try to avoid re-litigating the points made therein.
> 
> Joe & Sean
> 
> [0] https://datatracker.ietf.org/doc/draft-ietf-tls-ticketrequests/
> [1] https://github.com/tlswg/draft-ietf-tls-ticketrequest/pull/18
> [2] https://tools.ietf.org/html/rfc8446#appendix-C.4
> [3] https://mailarchive.ietf.org/arch/msg/tls/2cpoaJRushs09EFeTjPr-Ka3FeI/
> [4] https://mailarchive.ietf.org/arch/msg/tls/-7J3gMmpHNw9t3URzxvM-3OaTR8/
> [5] https://mailarchive.ietf.org/arch/msg/tls/FjhqbYYTwzgiV9weeCuxn0tHxPs/
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

v2.23.0 | Report a Bug | By Email