Re: [TLS] Earlier exporters
Nick Harper <nharper@google.com> Fri, 07 October 2016 21:37 UTC
Return-Path: <nharper@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 38646129417 for <tls@ietfa.amsl.com>; Fri, 7 Oct 2016 14:37:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.696
X-Spam-Level:
X-Spam-Status: No, score=-5.696 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-2.996, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hMPbQEVz6B1g for <tls@ietfa.amsl.com>; Fri, 7 Oct 2016 14:37:46 -0700 (PDT)
Received: from mail-yw0-x22e.google.com (mail-yw0-x22e.google.com [IPv6:2607:f8b0:4002:c05::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1BED71293EB for <tls@ietf.org>; Fri, 7 Oct 2016 14:37:46 -0700 (PDT)
Received: by mail-yw0-x22e.google.com with SMTP id t192so19970463ywf.0 for <tls@ietf.org>; Fri, 07 Oct 2016 14:37:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=tPdo7CVC85dx0E7sLp5E9hgrgt+G0FLEM5JJ4ZqyPrI=; b=AN/2L1LlTgEzkjCZqPIyLIDQ+BeBT7emHhaJhVYf19DNuRGT8jw3w7LC60rGEYBsQb NeKdcb5NVxRbpaRKj7emMBaSWwI381ohKIFin7SnjpCPXJPNcLxUmGd4BJuxV/elyKJ6 KwAkV4L3XG+6GtQK77koYMhzA4KTkwjGZGQl6reXuqa04oyXfH83WZn1GSGyr/4L+7p6 pdgJtrSP/2FK5OBufIT0XZbWYufCV8pP89QKBiMhzyBhpm17kTLxQPYQ3aTVnXOKDx8F TG3diBfTs7UBYqNCcUGi5dNCt+wRR8J3OHM04CyaCw6p4SrGSQk/ttatVscXfTu8QCxO F+Jg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=tPdo7CVC85dx0E7sLp5E9hgrgt+G0FLEM5JJ4ZqyPrI=; b=XFCQ7EAEUYQt0t1jWHwubXv2sRw8ldPZD1BJLsYyPOcAGaKgpaFchNi1bJuZmfr2mf xOiq4MUgnzV580e/ZUuPrIup8OzNBt1aMbkzBOZUfGIyocSnYQF1/mQr1uuzAaXW+hAl MfIwz8KN3wAx6k5p2mneygX4DtiE3XsCICFRH/yruiuwYZJvbF+dk7LmKMeDqFJZ0nKc M9jKkutRvL40x9y6X7+xUIMW53M0VBGDMZsx9wKoAWOjyBII1k5pTCgj3Ro7rQkXf4oY 8ZwoDNtZ2EnHbPIuML+Zbb1Kt1PXOz0EtTnMe0qevdNlHuN8d5sLCf6PGmPGQg/5ZhHQ vRZQ==
X-Gm-Message-State: AA6/9RlJiRo2eMiPx9cBn+JCkKQNyepZLDCECS8y+liwPHwoy9a3Mariyi+GPweMUixCQiw/trpHKgYxD2z2TXU0
X-Received: by 10.129.53.206 with SMTP id c197mr16784625ywa.205.1475876265241; Fri, 07 Oct 2016 14:37:45 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.13.253.7 with HTTP; Fri, 7 Oct 2016 14:37:24 -0700 (PDT)
In-Reply-To: <CABcZeBNy2RJadGNQmpnhg3ajf4H1Zmmjya72K6fwC3CHur79uA@mail.gmail.com>
References: <CABcZeBOBmeEW+Ty5W68giBg5MZC11QR9oxMP00CD5zStb2=0fg@mail.gmail.com> <CACdeXiJUxwd-on3EULsf90aqRqrb3v+=jUGgVReBy6efMjyvdQ@mail.gmail.com> <CABcZeBNy2RJadGNQmpnhg3ajf4H1Zmmjya72K6fwC3CHur79uA@mail.gmail.com>
From: Nick Harper <nharper@google.com>
Date: Fri, 07 Oct 2016 14:37:24 -0700
Message-ID: <CACdeXi+nVHEGADVDhOyNAQuYwxRWWnBMErFXSDXBfuPEPHr9qQ@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Content-Type: multipart/alternative; boundary="001a11421a268627ab053e4d38d9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/KqBCWWFJBaBW0t3kVS3TSamv08k>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Earlier exporters
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Oct 2016 21:37:48 -0000
That's my assumption as well. On Fri, Oct 7, 2016 at 2:07 PM, Eric Rescorla <ekr@rtfm.com> wrote: > I was assuming that there were two exporters: > > Export() --> the same API as in 1.2 and computed as described here > Export0RTT -> A new API that computes the early_exporter. > > > -Ekr > > On Fri, Oct 7, 2016 at 1:59 PM, Nick Harper <nharper@google.com> wrote: > >> Does the wording of this PR mean that the value from the exporter changes >> depending on whether it's run before or after exporter_secret can be >> computed? I think it would be better to keep an RFC 5705-style exporter >> that remains constant for the connection. The 0-RTT exporter from an API >> perspective can be a separate thing that a caller has to explicitly choose >> to use. >> >> On Fri, Oct 7, 2016 at 8:10 AM, Eric Rescorla <ekr@rtfm.com> wrote: >> >>> Please see the following PR: >>> https://github.com/tlswg/tls13-spec/pull/673 >>> >>> This includes various changes to make exporters/resumption work better. >>> >>> Basically: >>> 1. Add a 0-RTT exporter and change the transcript for the regular >>> exporter so it >>> only includes the transcript up to ServerFinished. This gives it >>> parity with the >>> rest of the traffic keys. If we need an exporter with the full >>> transcript we can >>> always add it later >>> >>> 2. Point out that you can predict ClientFinished for NST when not doing >>> Client auth. This lets you issue tickets on the server's first >>> flight, while still >>> ensuring that if you do client auth you still bind resumption to the >>> client's >>> full transcript. >>> >>> These are pretty straightforward changes, so absent objections I'll merge >>> them early next week. >>> >>> -Ekr >>> >>> >>> _______________________________________________ >>> TLS mailing list >>> TLS@ietf.org >>> https://www.ietf.org/mailman/listinfo/tls >>> >>> >> >
- [TLS] Earlier exporters Eric Rescorla
- Re: [TLS] Earlier exporters Nick Harper
- Re: [TLS] Earlier exporters Eric Rescorla
- Re: [TLS] Earlier exporters Eric Rescorla
- Re: [TLS] Earlier exporters Nick Harper