Re: [TLS] Data volume limits

Bill Frantz <frantz@pwpconsult.com> Wed, 16 December 2015 04:02 UTC

Return-Path: <frantz@pwpconsult.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 928CC1A6F80 for <tls@ietfa.amsl.com>; Tue, 15 Dec 2015 20:02:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.1
X-Spam-Level:
X-Spam-Status: No, score=0.1 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yswXsqkJRUKn for <tls@ietfa.amsl.com>; Tue, 15 Dec 2015 20:02:09 -0800 (PST)
Received: from elasmtp-mealy.atl.sa.earthlink.net (elasmtp-mealy.atl.sa.earthlink.net [209.86.89.69]) by ietfa.amsl.com (Postfix) with ESMTP id 29F891A6F82 for <tls@ietf.org>; Tue, 15 Dec 2015 20:02:09 -0800 (PST)
Received: from [173.75.83.132] (helo=Williams-MacBook-Pro.local) by elasmtp-mealy.atl.sa.earthlink.net with esmtpa (Exim 4.67) (envelope-from <frantz@pwpconsult.com>) id 1a93Hw-0001TA-85 for tls@ietf.org; Tue, 15 Dec 2015 23:02:04 -0500
Date: Tue, 15 Dec 2015 20:01:58 -0800
From: Bill Frantz <frantz@pwpconsult.com>
To: tls@ietf.org
X-Priority: 3
In-Reply-To: <5670DDB7.5020809@cs.tcd.ie>
Message-ID: <r422Ps-10112i-A7598D6B042F444AA21AABEA3552ADF5@Williams-MacBook-Pro.local>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: quoted-printable
X-Mailer: Mailsmith 2.3.1 (422)
X-ELNK-Trace: 3a5e54fa03f1b3e21aa676d7e74259b7b3291a7d08dfec7985c10378a241431b7a615688ece6093c350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 173.75.83.132
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/DezYKrfOj2hVPhLtPwh-JWWgxBM>
Subject: Re: [TLS] Data volume limits
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Dec 2015 04:02:10 -0000

So we have to trade off the risks of too much data vs. the risks 
of a complex rekey protocol vs. the risks having the big data 
applications build new connections every 2**36 or so bytes.

If we don't have rekeying, then the big data applications are 
the only ones at risk. If we do, it may be a wedge which can 
compromise all users.

Cheers - Bill

-------------------------------------------------------------------------
Bill Frantz        | Re: Hardware Management Modes: | Periwinkle
(408)356-8506      | If there's a mode, there's a   | 16345 
Englewood Ave
www.pwpconsult.com | failure mode. - Jerry Leichter | Los Gatos, 
CA 95032