IETF Logo Mail Archive

Re: [TLS] Call for Consensus on removal of renegotiation

Yoav Nir <ynir.ietf@gmail.com> Wed, 25 June 2014 20:39 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D95591A02A3 for <tls@ietfa.amsl.com>; Wed, 25 Jun 2014 13:39:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.7
X-Spam-Level:
X-Spam-Status: No, score=-1.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, MIME_8BIT_HEADER=0.3, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xGMM0KTUtF1a for <tls@ietfa.amsl.com>; Wed, 25 Jun 2014 13:39:13 -0700 (PDT)
Received: from mail-wi0-x235.google.com (mail-wi0-x235.google.com [IPv6:2a00:1450:400c:c05::235]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B23751A0146 for <tls@ietf.org>; Wed, 25 Jun 2014 13:39:12 -0700 (PDT)
Received: by mail-wi0-f181.google.com with SMTP id n3so3158622wiv.8 for <tls@ietf.org>; Wed, 25 Jun 2014 13:39:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=oVINxlKMvhrwLyYTy21I42u0tzFiZHP+B4oypFzMi8g=; b=nbJ/S+0bQg1uN6jYiMBKA1rhnyP7m0M5PT4JaZ21rA/XwH/HTDuL/Krivwi24rFYEz 0AjaiTY1uKS4aD70kF4gppLvAKFjzr/+ieYKp7oHIu29kOWCIiLtPJG8NIR0MtAnIuBr naVIF92Y3U/CIsH6jJHTLQxEM80vFNDpGwLo9KBPhe/0YL6cUQJn/LzPGy3v+jQaD9pr pMuVgUndDjzin8hLdv7RWW5j8Z6faX9ap9vKlFbrs6m1A6orhnbOeY2GT5M13nrcAoy5 +pcluQWrLcHrcG5qXtgkdlYAFNSiremhIwHe6+fzG4XQ4SfaMIqqYY4F8cFjkUm2YUW9 w2+g==
X-Received: by 10.194.71.12 with SMTP id q12mr12524269wju.5.1403728751149; Wed, 25 Jun 2014 13:39:11 -0700 (PDT)
Received: from [192.168.1.104] (bzq-84-109-50-18.red.bezeqint.net. [84.109.50.18]) by mx.google.com with ESMTPSA id di7sm9660213wjb.34.2014.06.25.13.39.10 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 25 Jun 2014 13:39:10 -0700 (PDT)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.2\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <CAAF6GDdkkuB=Eko55vqaPS9Krc0XmiQk0vo2c_q5n6kydpkYuQ@mail.gmail.com>
Date: Wed, 25 Jun 2014 23:39:07 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <B18B3440-8CBF-4B04-B792-F81FBF0CE8AC@gmail.com>
References: <44DA5A30-015D-40F3-90CA-F15076891BBC@cisco.com> <53AB192F.2040001@fifthhorseman.net> <CAAF6GDdkkuB=Eko55vqaPS9Krc0XmiQk0vo2c_q5n6kydpkYuQ@mail.gmail.com>
To: Colm MacCárthaigh <colm@allcosts.net>
X-Mailer: Apple Mail (2.1878.2)
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/LWP7luLDu2petHNLLPCV1AbGQtA
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Call for Consensus on removal of renegotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Jun 2014 20:39:14 -0000

On Jun 25, 2014, at 11:26 PM, Colm MacCárthaigh <colm@allcosts.net> wrote:

> On Wed, Jun 25, 2014 at 11:47 AM, Daniel Kahn Gillmor
> <dkg@fifthhorseman.net> wrote:
>> If we aren't providing an additional facility for re-keying, then i am
>> not OK with removing renegotiation.  TLS needs a way for high-traffic,
>> longstanding connections to stay up without "dead air" (as i think Sean
>> called it earlier).  So i can't choose (1).
> 
> Probably a stupid and ignorant question; but what prevents
> applications with this kind of requirement from creating a new
> connection, negotiating a new key, and then switching to the new
> connection when they're ready?

Nothing. But that would require changing those applications. 

Before: The client opens a connection, calls the TLS library, and then transmits arbitrarily-much data for an arbitrarily-long time. If so much data has been transmitted that rekeying is warranted, The TLS library will do it transparently to the application.

After: The client opens a connection, calls the TLS library, and then transmits information. After a while, either a data count passes some limit, or a timer expires, and the application is informed by the TLS library that this connection can no longer be used. So the client opens a new connection and calls the TLS library again. Simple? Not really, because now we need to add to the application some session mechanism to bind the old and the new connections. Think telnet-over-ssl as an alternative to SSH. You don’t want to lose your environment and what you were just typing, right? This is a requirement from the application that didn’t exist before.

v2.23.0 | Report a Bug | By Email