Re: [TLS] 0.5 RTT
Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 24 February 2016 01:49 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D8D41AD062 for <tls@ietfa.amsl.com>; Tue, 23 Feb 2016 17:49:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.307
X-Spam-Level:
X-Spam-Status: No, score=-4.307 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.006, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fisRd3_JCW7D for <tls@ietfa.amsl.com>; Tue, 23 Feb 2016 17:49:21 -0800 (PST)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AC86C1ACC85 for <tls@ietf.org>; Tue, 23 Feb 2016 17:49:21 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 6EE14BE56; Wed, 24 Feb 2016 01:49:20 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T5W7fTSzYV4I; Wed, 24 Feb 2016 01:49:19 +0000 (GMT)
Received: from [10.1.1.75] (unknown [216.9.109.44]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id F3A49BE50; Wed, 24 Feb 2016 01:49:17 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1456278559; bh=4FW5WC7XfZK8/qlpxt1pNzYa0VN0zIL6fXiOe/xenMc=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=df6TlbulmAJ6L3gFTCw/dZfv0fYbL81FpsGI6oAl7UCc80mbEHO9IvwuVcUmEVNCO hbHIP10F1GyzbTYDSmzB4EO2bstosxIYTOgTznH+BmaTq2zM78qEp2wsnuP9r3BE0V XIJkVhaaLJ20Prh7S68M0skDmlRaZc70lJBntU9M=
To: Hugo Krawczyk <hugo@ee.technion.ac.il>, Martin Thomson <martin.thomson@gmail.com>
References: <CABkgnnW1LRhSA_i0nL=rDYnUwBZWg5dSys7yk6aDefYWptnpZQ@mail.gmail.com> <8FA1A0FD-B911-474F-AC08-6208A80EB980@gmail.com> <CADi0yUPOEL++R+_Nhy4NTfhzsA6UjbVbMAEiPx1Qg9+vPPHt7g@mail.gmail.com> <CABkgnnUHmtrRNnOyVXdOe-fnAcN7WVKfX=ycXiugV8A77OjQCQ@mail.gmail.com> <15C73D91-9CDD-488E-87AF-4EBB1C8202CB@gmail.com> <CABkgnnVxrpkMqdmV_JkMaEY39BZ=O07xeWcpod2fwRb3W4_sQA@mail.gmail.com> <CADi0yUN5b+CfzM-jH5xNL0dgU2u09OzmcUzV3uOwdEmP3wBr5A@mail.gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <56CD0C1C.9010501@cs.tcd.ie>
Date: Wed, 24 Feb 2016 01:49:16 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <CADi0yUN5b+CfzM-jH5xNL0dgU2u09OzmcUzV3uOwdEmP3wBr5A@mail.gmail.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms030503000405000609090204"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/T1QRzH7Hak9qBFPPpgUj3uMmaLg>
Cc: Karthikeyan Bhargavan <karthik.bhargavan@gmail.com>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] 0.5 RTT
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Feb 2016 01:49:23 -0000
On 23/02/16 22:37, Hugo Krawczyk wrote: > > (In particular, if these semantics may be based on stuff that happens > outside TLS, as Karthik and Watson were pointing out, then maybe we really > put a "Surgeon General" warning on 0.5 data of equal size to that of 0-RTT.) That, and/or also do a significant amount of work to consider other application uses of TLS that aren't well represented by folks who participate in the development of TLS1.3. And also oddities like EAP-TLS about which I at least am mostly ignorant but where I'd bet there's "fun" to be had with 0rtt. And we have to do that recognising that regardless of what the RFC says, if developers can improve performance by calling tls_send0() and not tls_send(), they will do the former. IOW, if we are going to define dangerous implements, (e.g., with replayable data) then I think the onus is mostly on us to know what bad effects those might have before we've done a good job. (We can try do that at IETF LC, but doing so isn't common and is often messy if we end up surprising folks.) Cheers, S.
- [TLS] 0.5 RTT Martin Thomson
- Re: [TLS] 0.5 RTT Karthikeyan Bhargavan
- Re: [TLS] 0.5 RTT Hugo Krawczyk
- Re: [TLS] 0.5 RTT Martin Thomson
- Re: [TLS] 0.5 RTT Karthikeyan Bhargavan
- Re: [TLS] 0.5 RTT Karthikeyan Bhargavan
- Re: [TLS] 0.5 RTT Martin Thomson
- Re: [TLS] 0.5 RTT Hugo Krawczyk
- Re: [TLS] 0.5 RTT Watson Ladd
- Re: [TLS] 0.5 RTT Karthikeyan Bhargavan
- Re: [TLS] 0.5 RTT Martin Thomson
- Re: [TLS] 0.5 RTT Hugo Krawczyk
- Re: [TLS] 0.5 RTT Martin Thomson
- Re: [TLS] 0.5 RTT Stephen Farrell
- Re: [TLS] 0.5 RTT Watson Ladd
- Re: [TLS] 0.5 RTT stephen.farrell
- Re: [TLS] 0.5 RTT Hugo Krawczyk
- Re: [TLS] 0.5 RTT Martin Rex
- Re: [TLS] 0.5 RTT Martin Rex
- Re: [TLS] 0.5 RTT Antoine Delignat-Lavaud
- Re: [TLS] 0.5 RTT Hugo Krawczyk
- Re: [TLS] 0.5 RTT Eric Rescorla
- Re: [TLS] 0.5 RTT Watson Ladd
- Re: [TLS] 0.5 RTT Hugo Krawczyk