Re: [TLS] Encryption of TLS 1.3 content type

Watson Ladd <watsonbladd@gmail.com> Sat, 26 July 2014 17:43 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4ACA31B283A for <tls@ietfa.amsl.com>; Sat, 26 Jul 2014 10:43:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RTvKBLmKMAau for <tls@ietfa.amsl.com>; Sat, 26 Jul 2014 10:43:20 -0700 (PDT)
Received: from mail-yh0-x229.google.com (mail-yh0-x229.google.com [IPv6:2607:f8b0:4002:c01::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE2301A03AB for <tls@ietf.org>; Sat, 26 Jul 2014 10:43:20 -0700 (PDT)
Received: by mail-yh0-f41.google.com with SMTP id b6so3857088yha.0 for <tls@ietf.org>; Sat, 26 Jul 2014 10:43:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=IP/gRt17qtsyrNl5P7yUJQ6yaGkUAGcaSNiR7wWNh+c=; b=hFSUdYU3HhcS5BBUrCnN+RCD6hH562GgOALpuuMdjTd8PhH5AITt+CVprwe3+Uhcb5 3M3tbWA2O2X3l8h8aq1mBQhz6FWbuVam+GqD7EVilkeLJspylV7VBGGOIETFNndNKljm 6N28YK29wKK/Jk8fXD70lSbEGlbjKfQf/SlgtLjCeOkzRWf8fwcc9MlOa0ZOjGXIHyFO fQZ7UlLH48Iz68s6Ww2QVUvbapQToYUC1lA4U0TKxNnTAV0K69nqG0lHEsdfydMA+Msf FaWMlLkoyXV+u94Hn76T8WH9GLh+MhxwvHPiLi63n6LFkkWculSncZnRcavfrW1HDYTv /b8A==
MIME-Version: 1.0
X-Received: by 10.236.45.10 with SMTP id o10mr34597150yhb.49.1406396600037; Sat, 26 Jul 2014 10:43:20 -0700 (PDT)
Received: by 10.170.202.8 with HTTP; Sat, 26 Jul 2014 10:43:19 -0700 (PDT)
In-Reply-To: <DD255E31-FA87-40CE-AF13-0F43A7DD54CF@cisco.com>
References: <DD255E31-FA87-40CE-AF13-0F43A7DD54CF@cisco.com>
Date: Sat, 26 Jul 2014 10:43:19 -0700
Message-ID: <CACsn0cnt-ry182AjOyTTZGteifs7VyRPYHaj-xDCBOf0D53w9A@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/LPlhjtjYJ9H8lBRFibdZUrl3Keg
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Encryption of TLS 1.3 content type
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Jul 2014 17:43:22 -0000

This is a change with no rationale: the content type leaks extremely
limited information. It complicates implementations that wish to keep
a high degree of codepath similarity between TLS 1.2 and TLS 1.3.

On Fri, Jul 25, 2014 at 10:37 AM, Joseph Salowey (jsalowey)
<jsalowey@cisco.com> wrote:
> At the interim meeting on July 20, 2014 there was general consensus to support the encryption of TLS 1.3 content type.  The favored approach was to remove the content type and version from the TLS record layer header and add the content type to the encrypted data.   The proposal is to update the draft to document this approach and try to run some tests to see if this causes much grief with middle boxes.  If you object to this proposal please respond to the list by Friday, August 01, 2014.
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls



-- 
"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin