Re: [TLS] Heartbeat and padding

Bill Frantz <frantz@pwpconsult.com> Mon, 28 April 2014 23:10 UTC

Return-Path: <frantz@pwpconsult.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0A5FC1A6FB8 for <tls@ietfa.amsl.com>; Mon, 28 Apr 2014 16:10:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.001
X-Spam-Level:
X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W5iD1Eb7sbUX for <tls@ietfa.amsl.com>; Mon, 28 Apr 2014 16:10:19 -0700 (PDT)
Received: from elasmtp-masked.atl.sa.earthlink.net (elasmtp-masked.atl.sa.earthlink.net [209.86.89.68]) by ietfa.amsl.com (Postfix) with ESMTP id AB6491A6F17 for <tls@ietf.org>; Mon, 28 Apr 2014 16:10:18 -0700 (PDT)
Received: from [174.226.66.239] (helo=Williams-MacBook-Pro.local) by elasmtp-masked.atl.sa.earthlink.net with esmtpa (Exim 4.67) (envelope-from <frantz@pwpconsult.com>) id 1Weugh-0000cF-KG; Mon, 28 Apr 2014 19:10:15 -0400
Date: Mon, 28 Apr 2014 16:10:09 -0700
From: Bill Frantz <frantz@pwpconsult.com>
To: "Salz, Rich" <rsalz@akamai.com>
X-Priority: 3
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C7120C61F53E@USMBX1.msg.corp.akamai.com>
Message-ID: <r422Ps-1075i-54C354189F5E4575A21D231C89CC8B57@Williams-MacBook-Pro.local>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Mailsmith 2.3.1 (422)
X-ELNK-Trace: 3a5e54fa03f1b3e21aa676d7e74259b7b3291a7d08dfec79a5da91eb21d8fb029e22345cf65f315a350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 174.226.66.239
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/GEgwlLcKhcnCaQVEio9HifVeE7U
Cc: TLS Mailing List <tls@ietf.org>
Subject: Re: [TLS] Heartbeat and padding
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Apr 2014 23:10:27 -0000

On 4/28/14 at 6:44 AM, rsalz@akamai.com (Salz, Rich) wrote:

>It's not just out of vengeance, honest! But I think TLS 
>heartbeat should be at least be deprecated in 1.3.

I implemented a heartbeat function in the E language 
communication protocol (which ran on top of TCP). Even the 
abstraction level I implemented it at, it was too far away from 
the application level to allow reasonable values for the 
associated frequency and time out.

IMNSHO, the details of the heartbeat function should be 
specified very close to the application user. Only at that level 
can rational decisions be made about how often to heartbeat and 
with what timeout.

My vote goes to eliminating it from TLS.

I'l like to hear arguments on why it should continue to be in DTLS.

Cheers - Bill

-----------------------------------------------------------------------
Bill Frantz        | Privacy is dead, get over    | Periwinkle
(408)356-8506      | it.                          | 16345 
Englewood Ave
www.pwpconsult.com |              - Scott McNealy | Los Gatos, 
CA 95032