Re: [TLS] New Version Notification for draft-wood-tls-ticketrequests-00.txt

Sean Turner <sean@sn3rd.com> Tue, 29 May 2018 15:12 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B662124234 for <tls@ietfa.amsl.com>; Tue, 29 May 2018 08:12:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sn3rd.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cDE4I5o4uuUq for <tls@ietfa.amsl.com>; Tue, 29 May 2018 08:12:49 -0700 (PDT)
Received: from mail-qt0-x232.google.com (mail-qt0-x232.google.com [IPv6:2607:f8b0:400d:c0d::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C852612D949 for <tls@ietf.org>; Tue, 29 May 2018 08:12:48 -0700 (PDT)
Received: by mail-qt0-x232.google.com with SMTP id q6-v6so19068949qtn.3 for <tls@ietf.org>; Tue, 29 May 2018 08:12:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=from:content-transfer-encoding:mime-version:subject:date:references :to:in-reply-to:message-id; bh=AINIA6mDJhqk0eTyQrSn6mgwhL1EWcr47h6Kqg5E7Q4=; b=nFSoCTI/JnVmyUqnR/VfYjHnmt0qnUN9NC1YgRDTDpdw6oSxMRvXpE2SpHBgXG50op tALPOLrSmnMljhF9gRVFgvjggSaSV1FX9YM4vOeM2b7puuaqznSCsKtcqUzg/tiyB2j2 XLNLqYbVQF1meZLH7IpBNeKIeKXNcHj2cKHm0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:date:references:to:in-reply-to:message-id; bh=AINIA6mDJhqk0eTyQrSn6mgwhL1EWcr47h6Kqg5E7Q4=; b=Kuj0Cf4D6w0+lIWDa1JH2WqJL7vXfDCyUMp5ZoQw2VjEEssxhXMLo1oPZ1UvArpori nnIshTbnSaouqSHfI6ZngO2shyiDObj4sg+5S5olhi3opmxWfhPd/y//s28+fwRcbKw7 JZ5zQm0/TzLcIFSOJOMtKOg9Xu4VXvvo+wvEL+QyDuNHyb3UTTJi53IsxlshOprRDQ0T utPeR6aYTHGw1BVjatahEvOKtpYipo1uE6v3rR2Tc3dyG3XnxGRSxvXYkqJqXwGoq1E3 SCVUfjKAhBj31slJKiurVtZJaxXQP489BvmWX41ss7+g5EVq2HWhoDJiNnpv3JTZlUaS Ug4A==
X-Gm-Message-State: ALKqPwd+JpcwVbNjhwCO084gkhhDq94gjOZr4+s5uP7+Dt+BxmR83Ju/ WBdC/OgjsUTFfq55K04/xtVEnrOKvww=
X-Google-Smtp-Source: ADUXVKIrxbtypmHe6gYa2ERcX/ZWV8Hem7/uYcDRuOh+lqbLocZXAq38KDgJ0srKCfHdKCUhjhXWlA==
X-Received: by 2002:a0c:e401:: with SMTP id o1-v6mr9140714qvl.66.1527606767939; Tue, 29 May 2018 08:12:47 -0700 (PDT)
Received: from [172.16.0.18] ([96.231.224.71]) by smtp.gmail.com with ESMTPSA id i52-v6sm11597638qtc.26.2018.05.29.08.12.46 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 29 May 2018 08:12:47 -0700 (PDT)
From: Sean Turner <sean@sn3rd.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 11.3 \(3445.6.18\))
Date: Tue, 29 May 2018 11:12:45 -0400
References: <152358885591.26305.6650636859312248765.idtracker@ietfa.amsl.com> <DB60BB93-D760-4696-8973-D00E1E21ECAB@apple.com>
To: Chris Wood <cawood@apple.com>, TLS WG <tls@ietf.org>
In-Reply-To: <DB60BB93-D760-4696-8973-D00E1E21ECAB@apple.com>
Message-Id: <ECC3CD8E-C82E-4FB4-B759-B7C08953C6F2@sn3rd.com>
X-Mailer: Apple Mail (2.3445.6.18)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/TwgNJGBNLS_GvucxLg3k7oI8hmg>
Subject: Re: [TLS] New Version Notification for draft-wood-tls-ticketrequests-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 May 2018 15:13:00 -0000

As Martin noted, this seems to be a pretty simple idea, but am curious if others feel that way.

Curious about the choice on the limit of 255 identifiers versus something smaller.  If the max ticket age is one week that could theoretically be almost 5 years of tickets right?

spt

PS - Thanks for not code squatting ;)

> On Apr 12, 2018, at 23:15, Chris Wood <cawood@apple.com> wrote:
> 
> Hi everyone,
> 
> Below is a pointer to a new I-D describing an approach for clients to request session tickets via a new post-handshake message. This is useful for applications that perform parallel connection establishment and racing, e.g., via Happy Eyeballs. It should also help reduce ticket waste. More uses and details are given in the document. 
> 
> We would very much appreciate feedback on the mechanism utility and design.
> 
> Best,
> Chris 
> 
> Begin forwarded message:
> 
>> From: internet-drafts@ietf.org
>> Date: April 12, 2018 at 8:07:35 PM PDT
>> To: David Schinazi <dschinazi@apple.com>, Christopher Wood <cawood@apple.com>, Tommy Pauly <tpauly@apple.com>, "Christopher A. Wood" <cawood@apple.com>
>> Subject: New Version Notification for draft-wood-tls-ticketrequests-00.txt
>> 
>> 
>> A new version of I-D, draft-wood-tls-ticketrequests-00.txt
>> has been successfully submitted by Christopher A. Wood and posted to the
>> IETF repository.
>> 
>> Name:        draft-wood-tls-ticketrequests
>> Revision:    00
>> Title:        TLS Ticket Requests
>> Document date:    2018-04-12
>> Group:        Individual Submission
>> Pages:        6
>> URL:            https://www.ietf..org/internet-drafts/draft-wood-tls-ticketrequests-00.txt
>> Status:         https://datatracker.ietf.org/doc/draft-wood-tls-ticketrequests/
>> Htmlized:       https://tools.ietf.org/html/draft-wood-tls-ticketrequests-00
>> Htmlized:       https://datatracker.ietf.org/doc/html/draft-wood-tls-ticketrequests
>> 
>> 
>> Abstract:
>>   TLS session tickets enable stateless connection resumption for
>>   clients without server-side per-client state.  Servers vend session
>>   tickets to clients, at their discretion, upon connection
>>   establishment.  Clients store and use tickets when resuming future
>>   connections.  Moreover, clients should use tickets at most once for
>>   session resumption, especially if such keying material protects early
>>   application data.  Single-use tickets bound the number of parallel
>>   connections a client may initiate by the number of tickets received
>>   from a given server.  To address this limitation, this document
>>   describes a mechanism by which clients may request tickets as needed
>>   during a connection.
>> 
>> 
>> 
>> 
>> Please note that it may take a couple of minutes from the time of submission
>> until the htmlized version and diff are available at tools.ietf.org.
>> 
>> The IETF Secretariat
>> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls