Re: [TLS] Encryption of TLS 1.3 content type
Watson Ladd <watsonbladd@gmail.com> Sat, 26 July 2014 17:43 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4ACA31B283A for <tls@ietfa.amsl.com>; Sat, 26 Jul 2014 10:43:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RTvKBLmKMAau for <tls@ietfa.amsl.com>; Sat, 26 Jul 2014 10:43:20 -0700 (PDT)
Received: from mail-yh0-x229.google.com (mail-yh0-x229.google.com [IPv6:2607:f8b0:4002:c01::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BE2301A03AB for <tls@ietf.org>; Sat, 26 Jul 2014 10:43:20 -0700 (PDT)
Received: by mail-yh0-f41.google.com with SMTP id b6so3857088yha.0 for <tls@ietf.org>; Sat, 26 Jul 2014 10:43:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=IP/gRt17qtsyrNl5P7yUJQ6yaGkUAGcaSNiR7wWNh+c=; b=hFSUdYU3HhcS5BBUrCnN+RCD6hH562GgOALpuuMdjTd8PhH5AITt+CVprwe3+Uhcb5 3M3tbWA2O2X3l8h8aq1mBQhz6FWbuVam+GqD7EVilkeLJspylV7VBGGOIETFNndNKljm 6N28YK29wKK/Jk8fXD70lSbEGlbjKfQf/SlgtLjCeOkzRWf8fwcc9MlOa0ZOjGXIHyFO fQZ7UlLH48Iz68s6Ww2QVUvbapQToYUC1lA4U0TKxNnTAV0K69nqG0lHEsdfydMA+Msf FaWMlLkoyXV+u94Hn76T8WH9GLh+MhxwvHPiLi63n6LFkkWculSncZnRcavfrW1HDYTv /b8A==
MIME-Version: 1.0
X-Received: by 10.236.45.10 with SMTP id o10mr34597150yhb.49.1406396600037; Sat, 26 Jul 2014 10:43:20 -0700 (PDT)
Received: by 10.170.202.8 with HTTP; Sat, 26 Jul 2014 10:43:19 -0700 (PDT)
In-Reply-To: <DD255E31-FA87-40CE-AF13-0F43A7DD54CF@cisco.com>
References: <DD255E31-FA87-40CE-AF13-0F43A7DD54CF@cisco.com>
Date: Sat, 26 Jul 2014 10:43:19 -0700
Message-ID: <CACsn0cnt-ry182AjOyTTZGteifs7VyRPYHaj-xDCBOf0D53w9A@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/LPlhjtjYJ9H8lBRFibdZUrl3Keg
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Encryption of TLS 1.3 content type
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 26 Jul 2014 17:43:22 -0000
This is a change with no rationale: the content type leaks extremely limited information. It complicates implementations that wish to keep a high degree of codepath similarity between TLS 1.2 and TLS 1.3. On Fri, Jul 25, 2014 at 10:37 AM, Joseph Salowey (jsalowey) <jsalowey@cisco.com> wrote: > At the interim meeting on July 20, 2014 there was general consensus to support the encryption of TLS 1.3 content type. The favored approach was to remove the content type and version from the TLS record layer header and add the content type to the encrypted data. The proposal is to update the draft to document this approach and try to run some tests to see if this causes much grief with middle boxes. If you object to this proposal please respond to the list by Friday, August 01, 2014. > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls -- "Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety." -- Benjamin Franklin
- [TLS] Encryption of TLS 1.3 content type Joseph Salowey (jsalowey)
- Re: [TLS] Encryption of TLS 1.3 content type Yoav Nir
- Re: [TLS] Encryption of TLS 1.3 content type Fabrice Gautier
- Re: [TLS] Encryption of TLS 1.3 content type Eric Rescorla
- Re: [TLS] Encryption of TLS 1.3 content type Watson Ladd
- Re: [TLS] Encryption of TLS 1.3 content type Colm MacCárthaigh
- Re: [TLS] Encryption of TLS 1.3 content type Peter Gutmann
- Re: [TLS] Encryption of TLS 1.3 content type Yoav Nir
- Re: [TLS] Encryption of TLS 1.3 content type Nikos Mavrogiannopoulos
- Re: [TLS] Encryption of TLS 1.3 content type Yoav Nir
- Re: [TLS] Encryption of TLS 1.3 content type Daniel Kahn Gillmor
- Re: [TLS] Encryption of TLS 1.3 content type Martin Rex
- Re: [TLS] Encryption of TLS 1.3 content type Colm MacCárthaigh
- Re: [TLS] Encryption of TLS 1.3 content type Nikos Mavrogiannopoulos
- Re: [TLS] Encryption of TLS 1.3 content type Daniel Kahn Gillmor
- Re: [TLS] Encryption of TLS 1.3 content type Nikos Mavrogiannopoulos
- Re: [TLS] Encryption of TLS 1.3 content type Viktor Dukhovni
- Re: [TLS] Encryption of TLS 1.3 content type Brian Sniffen
- Re: [TLS] Encryption of TLS 1.3 content type Stephen Farrell
- Re: [TLS] Encryption of TLS 1.3 content type Michael StJohns
- Re: [TLS] Encryption of TLS 1.3 content type Yoav Nir
- Re: [TLS] Encryption of TLS 1.3 content type Colm MacCárthaigh
- Re: [TLS] Encryption of TLS 1.3 content type Juho Vähä-Herttua
- Re: [TLS] Encryption of TLS 1.3 content type Eric Rescorla
- Re: [TLS] Encryption of TLS 1.3 content type Andy Lutomirski
- Re: [TLS] Encryption of TLS 1.3 content type Peter Gutmann
- Re: [TLS] Encryption of TLS 1.3 content type Alfredo Pironti
- Re: [TLS] Encryption of TLS 1.3 content type Martin Rex
- Re: [TLS] Encryption of TLS 1.3 content type Alfredo Pironti