[TLS] review comments on draft-rescorla-tls-dtls13-01
"Kaduk, Ben" <bkaduk@akamai.com> Wed, 29 March 2017 02:25 UTC
Return-Path: <bkaduk@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B95C612762F for <tls@ietfa.amsl.com>; Tue, 28 Mar 2017 19:25:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LnihNbB9FoeM for <tls@ietfa.amsl.com>; Tue, 28 Mar 2017 19:25:14 -0700 (PDT)
Received: from mx0b-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 488DC1273E2 for <tls@ietf.org>; Tue, 28 Mar 2017 19:25:14 -0700 (PDT)
Received: from pps.filterd (m0050093.ppops.net [127.0.0.1]) by m0050093.ppops.net-00190b01. (8.16.0.20/8.16.0.20) with SMTP id v2T2HPUo012045 for <tls@ietf.org>; Wed, 29 Mar 2017 03:25:12 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : content-type : content-id : content-transfer-encoding : mime-version; s=jan2016.eng; bh=S3ONGuA8DfIsOoFuC32+5PXO35CIOq6SHo0LZKo5/TI=; b=QDkHLlMMjvdrwj/Bkx656G0wUpGmDXY5TNsQNKTpUVdNngszizZPXHLsrFB3q0bQFYoP Kfg0xew1UytLPv2XcOBTFzYkDN3tNk9/nDKhwdB0M2/pOIAswF5j8Y5WXmJKMykujJ/Z fQfOL+WNMRhk/uA8LnTTKWpm4IOh+yJ9wCuaPk1nZaJDhwdsAybRzSXxuF5hg1f0cvkX 4ytNzpP/AY7UzfiKIC7nrg84C0dZanaNeeOXCqUE9b/UzdUfAezgD66f4WESaFApPt1Z tVwxI3azkMgDwRMJhh8yopzF8MSFC8hErOKY2PnMYTSM+/t1L/V0tGNCQfCoG853yA9S Yw==
Received: from prod-mail-ppoint2 (a184-51-33-19.deploy.static.akamaitechnologies.com [184.51.33.19] (may be forged)) by m0050093.ppops.net-00190b01. with ESMTP id 29fsyu38ux-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <tls@ietf.org>; Wed, 29 Mar 2017 03:25:11 +0100
Received: from pps.filterd (prod-mail-ppoint2.akamai.com [127.0.0.1]) by prod-mail-ppoint2.akamai.com (8.16.0.17/8.16.0.17) with SMTP id v2T2Mpp2022476 for <tls@ietf.org>; Tue, 28 Mar 2017 22:25:10 -0400
Received: from email.msg.corp.akamai.com ([172.27.25.30]) by prod-mail-ppoint2.akamai.com with ESMTP id 29fsx689cs-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <tls@ietf.org>; Tue, 28 Mar 2017 22:25:10 -0400
Received: from ustx2ex-dag1mb6.msg.corp.akamai.com (172.27.27.107) by ustx2ex-dag1mb6.msg.corp.akamai.com (172.27.27.107) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Tue, 28 Mar 2017 19:25:08 -0700
Received: from ustx2ex-dag1mb6.msg.corp.akamai.com ([172.27.27.107]) by ustx2ex-dag1mb6.msg.corp.akamai.com ([172.27.27.107]) with mapi id 15.00.1178.000; Tue, 28 Mar 2017 19:25:08 -0700
From: "Kaduk, Ben" <bkaduk@akamai.com>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: review comments on draft-rescorla-tls-dtls13-01
Thread-Index: AQHSqDOvx+onzIw55EeoPXm5ZpiTwA==
Date: Wed, 29 Mar 2017 02:25:08 +0000
Message-ID: <886102B6-C2CE-4257-BEB9-11F72000DE50@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.43.146]
Content-Type: text/plain; charset="utf-8"
Content-ID: <61578964F93ABE4B9FD1F0D4DDB96C07@akamai.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-03-28_21:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1702020001 definitions=main-1703290018
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-03-28_21:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1702020001 definitions=main-1703290018
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/P65KjSumaJ6Jg5UwkEGeMXXK6_Q>
Subject: [TLS] review comments on draft-rescorla-tls-dtls13-01
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Mar 2017 02:25:16 -0000
A few things I noticed while reading the draft to prepare for today’s session: We talk in a couple places about datagram protocols being “vulnerable” or “susceptible” to DoS attacks, which leads me to at least partially read that as meaning that the protocol’s own service will be disrupted; as we know, this is not the whole story, as the reflection/amplification part can facilitate DoS attacks targeted at other services/networks. So perhaps some rewording is in order. We should catch up to the ClientHello1 being included in the transcript hash as the synthetic message_hash message, so the full transcript of it need not be stored in the HelloRetryRequest. On page 20, second paragraph, please be clear that it is the message_seq vs. the record sequence_number that must match next_receive_seq. I also made a note of the different key update behavior of this draft vs. draft-ietf-tls-tls13-19, with the epoch change and lockstep rekeying between peers. That was in the presentation as well, but I haven’t had my thoughts settle into which flavor I prefer, yet, though the explicit KeyUpdate does have some advantages. -Ben
- Re: [TLS] review comments on draft-rescorla-tls-d… Hannes Tschofenig
- [TLS] review comments on draft-rescorla-tls-dtls1… Kaduk, Ben