IETF Logo Mail Archive

Re: [TLS] Record header size?

Yoav Nir <ynir.ietf@gmail.com> Wed, 18 November 2015 09:08 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 718301B2A86 for <tls@ietfa.amsl.com>; Wed, 18 Nov 2015 01:08:07 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 42tKxfx_lLb9 for <tls@ietfa.amsl.com>; Wed, 18 Nov 2015 01:08:05 -0800 (PST)
Received: from mail-wm0-x22d.google.com (mail-wm0-x22d.google.com [IPv6:2a00:1450:400c:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DAF741B2A8D for <tls@ietf.org>; Wed, 18 Nov 2015 01:08:03 -0800 (PST)
Received: by wmec201 with SMTP id c201so63165029wme.1 for <tls@ietf.org>; Wed, 18 Nov 2015 01:08:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=j7c3MwFcBrlE9w8g5w2/GwpAH65sagvX8G2lqMw7TyU=; b=Vf9Axg2rqOZLSyklrc1bwqWeoxzjn6owQE0YTumlmRx4e/RrvdDNp0vyB0cFAfhBVh VDlcoboB97jUTh1Yv9o1CUQGUI6Ym6Fb9Iw0ie5U5psbfMSATY8uIxWKenalhp3eqJLD ZWInXkQDoeQU1xDeETnFppSSljD9LVljOA9JFnU3u9AyzyNvfDTR0jv+9scIZWtnyksq jRVjUcBtrTRC7MkDzuFQUNfCX0ICnisSXLUA6435RYteKAodzpaoKcLWJ96f8HFLr2Bu BfHyv/KkWQMxzgbNPRPru0reXzcyjPNwE8qht+M2kVaCcH6DEsmglzl3ZKUtcSDzjf2m JCPg==
X-Received: by 10.28.178.4 with SMTP id b4mr2837194wmf.46.1447837682535; Wed, 18 Nov 2015 01:08:02 -0800 (PST)
Received: from [192.168.6.116] (bzq-28-168-31-169.red.bezeqint.net. [31.168.28.169]) by smtp.gmail.com with ESMTPSA id w67sm2199706wmw.17.2015.11.18.01.08.01 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 18 Nov 2015 01:08:01 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 9.1 \(3096.5\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C73F4B679E6@uxcn10-5.UoA.auckland.ac.nz>
Date: Wed, 18 Nov 2015 11:07:59 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <B79F7446-0BBF-4006-A448-E81FF5E7ECD4@gmail.com>
References: <C5F506DC-F814-4C0B-AFAA-86CF790817A7@akamai.com> <CABcZeBP5QPQAXKvM_oEAzex0-vrVWMvOW0yZuamvF5hxAHtmtw@mail.gmail.com> <9A043F3CF02CD34C8E74AC1594475C73F4B679E6@uxcn10-5.UoA.auckland.ac.nz>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
X-Mailer: Apple Mail (2.3096.5)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/NnjToxhXKPPqHm8Jo6-XeStipDM>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Record header size?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Nov 2015 09:08:07 -0000

> On 18 Nov 2015, at 3:32 AM, Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote:
> 
> Eric Rescorla <ekr@rtfm.com> writes:
> 
>> The concern here is backward compatibility with inspection middleboxes which
>> expect the length field to be in a particular place.
> 
> Given that the rest of TLS 1.3 is going to break compatibility with pretty
> much everything everywhere, I can't see this as a big concern, may as well fix
> it at the same time as everything else is being changed.
> 

Stateful firewalls tend to pass only what they understand. They use some measures to avoid tunneling and passing things that are not HTTPS over TCP port 443.

To achieve this, they run sanity checks on the traffic. They try to strike a balance between not getting circumvented and not dropping legitimate traffic. Sometimes they get it wrong. Sometimes they block legitimate but surprising stuff. As an example from 15 years ago, when Mac OS 9.2 came out, it sent data on the third packet of TCP (the ACK - last of the handshake packets). This is allowed by RFC, but was not done by any other platform. This failed the sanity checks of some firewalls, causing that traffic to be blocked. Two results of this event: we fixed our firewalls, but nobody (including Apple) does that anymore.

A sanity check on TLS might involve validating 5-byte record headers with sane length and version fields. A firewall might be out there that verifies this. This is the kind of thing that might be missed in testing, and we’ll only find out when some brave soul deploys TLS 1.3 in Chrome only to find out that it is blocked in 3% of the Internet.

Yoav

v2.23.0 | Report a Bug | By Email