Re: [TLS] Making post-handshake messages optional in TLS 1.3 (#676)
Eric Rescorla <ekr@rtfm.com> Tue, 11 October 2016 17:22 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CCEA8129566 for <tls@ietfa.amsl.com>; Tue, 11 Oct 2016 10:22:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8-PEDWmm9y96 for <tls@ietfa.amsl.com>; Tue, 11 Oct 2016 10:22:31 -0700 (PDT)
Received: from mail-yw0-x229.google.com (mail-yw0-x229.google.com [IPv6:2607:f8b0:4002:c05::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B0238129563 for <TLS@ietf.org>; Tue, 11 Oct 2016 10:22:31 -0700 (PDT)
Received: by mail-yw0-x229.google.com with SMTP id t193so17689526ywc.2 for <TLS@ietf.org>; Tue, 11 Oct 2016 10:22:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=71a6WM0FxQnjddScrVmV1mUiDnkHmhqBvboao9wwHMs=; b=fq9WAwEEgB8IwnOTGI9nORc2DuYdrRtzcvDRNAiglXf4SStqY7rbJXZVNUrG2TH6fu 0a6vvRUNoFmRrW/Qc6DQapHKuw1Lbc5zy3nQs4g+LFaEpWiNLunCA4tKXfdfZc884nc9 w7sCSX1AtOAj1UTUekeLdajjU4MDE+EomusIlKMsi3il3GPJPVjKnXUNu8ODbHcv8vCp mYR+CVXrKLjCguCQxzVYn/whU+f3tok3nIqNoUVgfF910E9Pd0j0Iy6AUL90dvlpk2q7 2UXI32leEbGCYu09H/MBCT6Lhg18Ssd22aVm5WbhG3DVa//j8f4voSNHIZMA4og/DrRI 6VRQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=71a6WM0FxQnjddScrVmV1mUiDnkHmhqBvboao9wwHMs=; b=Ga7RRSmvt7BabYQzCGcboTuXOsEpeivBMUwnXo0zkm7bmlNcGvx6IftbPYF0YIMJet 30OBLyd3j1uU9IJ/wra09HSgmV9Wj8TiM+vNdYQQ3PCg6pI16tH4HZzXVqNUZ/8ZcLlD QCpGK/rmhbul3cP+n5lB01c4rAerVDf7MbfwvBQe7xoulw3KnFa3RMaFuMbdxHQTcpHn fM9bnBs/ENiRlgv4+BStt9Y1/o3J8joECfdZdvjrcojfblXPsgohmEI7J6gZlGNmyzDn ZDd1qdVe6jx+baPe/zvkEoAorgt4x0xI5/wwPbDsP42wyUHyw/+9yW6I6bi6KlWwHZV2 MwbA==
X-Gm-Message-State: AA6/9RmBZws9wFLScVOe4dLxKsjC08oTZHNGsnUOop+qSrKVlEflY/FuNikbyv61l+v7HuCAzyJdST9h6T4/lQ==
X-Received: by 10.129.60.10 with SMTP id j10mr4802789ywa.354.1476206550941; Tue, 11 Oct 2016 10:22:30 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.129.75.212 with HTTP; Tue, 11 Oct 2016 10:21:50 -0700 (PDT)
In-Reply-To: <d267aa85-56fc-b7b0-dc1f-3373f3b0c563@gmx.net>
References: <CAOjisRznhk-Fww=EnRg7zXO-zaHWyNgi0g+reRBj+y3ZOhwMhw@mail.gmail.com> <d267aa85-56fc-b7b0-dc1f-3373f3b0c563@gmx.net>
From: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 11 Oct 2016 10:21:50 -0700
Message-ID: <CABcZeBPooVXfF_fG8-QOfS+tkJDmGJ8uHioOkMo-GbUKOmNO0Q@mail.gmail.com>
To: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Content-Type: multipart/alternative; boundary="001a1142702615d1dd053e9a1fec"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/OAHwhI8nspyMOyEK9ztFYMsS2Fs>
Cc: "tls@ietf.org" <TLS@ietf.org>
Subject: Re: [TLS] Making post-handshake messages optional in TLS 1.3 (#676)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Oct 2016 17:22:34 -0000
I think it would be simpler (and deal with most cases) to only allow this for specific application profiles (we would then allow it in HTTP/H2, perhaps with some small -bis RFC). Here is a PR for this: https://github.com/tlswg/tls13-spec/pull/680 Andrei, would this cause you any problem? My impression was that this use case was only about HTTP/H2. Thanks, -Ekr On Tue, Oct 11, 2016 at 9:37 AM, Hannes Tschofenig < hannes.tschofenig@gmx.net> wrote: > Hi Nick, > > given my discussion with Martin in this thread > https://www.ietf.org/mail-archive/web/tls/current/msg21481.html I like > your idea of making the post-handshake messages optional since it allows > me to develop a TLS 1.3 client that is smaller in code size. > > Ciao > Hannes > > > On 10/08/2016 03:03 AM, Nick Sullivan wrote: > > There has been a lot of discussion lately about post-handshake messages > > that do not contain application data and how to handle them. This PR is > > an attempt to make the story more explicit by adding a new > > post_handshake extension to TLS 1.3. > > > > Supporting all types of post-handshake messages can require extra > > complexity and logic, even when the features that these messages enable > > are not needed. Some types of connections/implementations don't need to > > support key updates (some unidirectional connections), session tickets > > (pure PSK implementations) and post-handshake client auth (most > > browsers). These are all currently SHOULDs in the spec and they don't > > need to be. > > > > In order to simplify the logic around dealing with post-handshake > > messages, this proposal makes support for each of these modes explicit > > via a new handshake extension. This change also makes the path to > > introducing other types of post-handshake messages in future drafts more > > explicit. > > > > PR: > > https://github.com/tlswg/tls13-spec/pull/676 > > > > Nick > > > > > > _______________________________________________ > > TLS mailing list > > TLS@ietf.org > > https://www.ietf.org/mailman/listinfo/tls > > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > >
- [TLS] Making post-handshake messages optional in … Nick Sullivan
- Re: [TLS] Making post-handshake messages optional… Ilari Liusvaara
- Re: [TLS] Making post-handshake messages optional… David Benjamin
- Re: [TLS] Making post-handshake messages optional… Nick Sullivan
- Re: [TLS] Making post-handshake messages optional… David Benjamin
- Re: [TLS] Making post-handshake messages optional… Ilari Liusvaara
- Re: [TLS] Making post-handshake messages optional… Eric Rescorla
- Re: [TLS] Making post-handshake messages optional… Nick Sullivan
- Re: [TLS] Making post-handshake messages optional… Benjamin Kaduk
- Re: [TLS] Making post-handshake messages optional… Martin Thomson
- Re: [TLS] Making post-handshake messages optional… Tom Ritter
- Re: [TLS] Making post-handshake messages optional… Hannes Tschofenig
- Re: [TLS] Making post-handshake messages optional… Eric Rescorla
- Re: [TLS] Making post-handshake messages optional… Nick Sullivan
- Re: [TLS] Making post-handshake messages optional… Andrei Popov
- Re: [TLS] Making post-handshake messages optional… Mike Bishop
- Re: [TLS] Making post-handshake messages optional… Daniel Kahn Gillmor
- Re: [TLS] Making post-handshake messages optional… Ilari Liusvaara
- Re: [TLS] Making post-handshake messages optional… Hannes Tschofenig
- Re: [TLS] Making post-handshake messages optional… David Benjamin