Re: [TLS] Future interoperability issues for HRR for new extensions; Was: UPDATED Last Call: <draft-ietf-tls-tls13-24.txt> (The Transport Layer Security (TLS) Protocol Version 1.3) to Proposed Standard
Benjamin Kaduk <bkaduk@akamai.com> Wed, 21 February 2018 14:11 UTC
Return-Path: <bkaduk@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 71691126D05 for <tls@ietfa.amsl.com>; Wed, 21 Feb 2018 06:11:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LaIITRGF34ub for <tls@ietfa.amsl.com>; Wed, 21 Feb 2018 06:11:01 -0800 (PST)
Received: from mx0a-00190b01.pphosted.com (mx0a-00190b01.pphosted.com [IPv6:2620:100:9001:583::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 79A32127077 for <tls@ietf.org>; Wed, 21 Feb 2018 06:11:01 -0800 (PST)
Received: from pps.filterd (m0050095.ppops.net [127.0.0.1]) by mx0a-00190b01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w1LE8I0P011506; Wed, 21 Feb 2018 14:11:01 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=subject : to : references : from : message-id : date : mime-version : in-reply-to : content-type : content-transfer-encoding; s=jan2016.eng; bh=srmZ8FhZQK8rnYHWe+pMNEfC3LbYI/2nzXo888bPcSQ=; b=naGoCKTYixy9evHsK4uep+yjME2b/UoeFVEf4Bij75yg3aiGuO9bYz3psoH5sxT3YeOq TRlDDCVYxE6HFJcvQDZ1FmkA54+AZB0SLacl0sJ5NbYUv9hZZZXWGo6aknOANdGpfHcA 5L8sLSS+avMBgUP4WF2N3p43NiGbQU1vfgV+PuDLe7re/F/mqy7/0ziP3ufD1Ny5wr3p 7Tlsxoll9KvJlJ92YdA5uyFgvE2mFuAeNNAmWrZlhJhHCPayAJ+xPHPp622PLMyvtr1/ 0Kqsqrfsn+I65psgrbv1s6lDM6a4J3L0Xa56Gmb+41C+YEesE4TxGp27vbfgBCMdwZp3 1A==
Received: from prod-mail-ppoint4 ([96.6.114.87]) by m0050095.ppops.net-00190b01. with ESMTP id 2g6ct6w8e3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 21 Feb 2018 14:11:01 +0000
Received: from pps.filterd (prod-mail-ppoint4.akamai.com [127.0.0.1]) by prod-mail-ppoint4.akamai.com (8.16.0.21/8.16.0.21) with SMTP id w1LE5YZ6000439; Wed, 21 Feb 2018 09:11:00 -0500
Received: from prod-mail-relay14.akamai.com ([172.27.17.39]) by prod-mail-ppoint4.akamai.com with ESMTP id 2g6gm1jh8x-1; Wed, 21 Feb 2018 09:11:00 -0500
Received: from [172.19.17.86] (bos-lpczi.kendall.corp.akamai.com [172.19.17.86]) by prod-mail-relay14.akamai.com (Postfix) with ESMTP id B46E3827E7; Wed, 21 Feb 2018 14:10:59 +0000 (GMT)
To: Hubert Kario <hkario@redhat.com>, tls@ietf.org
References: <151880080195.1349.14035524657942875385.idtracker@ietfa.amsl.com> <8306658.5F4S3bOxA1@pintsize.usersys.redhat.com>
From: Benjamin Kaduk <bkaduk@akamai.com>
Message-ID: <aeb31bba-2462-5b30-80f4-71535b315175@akamai.com>
Date: Wed, 21 Feb 2018 08:10:59 -0600
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <8306658.5F4S3bOxA1@pintsize.usersys.redhat.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-02-21_05:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1802210171
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-02-21_05:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 lowpriorityscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1802210172
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/U5rXqfEfdY6fNDp_3NB5TqluWkA>
Subject: Re: [TLS] Future interoperability issues for HRR for new extensions; Was: UPDATED Last Call: <draft-ietf-tls-tls13-24.txt> (The Transport Layer Security (TLS) Protocol Version 1.3) to Proposed Standard
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Feb 2018 14:11:02 -0000
On 02/21/2018 05:46 AM, Hubert Kario wrote: > On Friday, 16 February 2018 18:06:41 CET The IESG wrote: >> The IESG has received a request from the Transport Layer Security WG (tls) >> to consider the following document: - 'The Transport Layer Security (TLS) >> Protocol Version 1.3' >> <draft-ietf-tls-tls13-24.txt> as Proposed Standard > Section 4.1.2 currently states that the only changes allowed to the second > ClientHello message (in HelloRetryRequest case) are: > - replacing key_share > - removing early_data > - adding cookie > - updating pre_shared_key > - adding, removing or changing padding > > What about extensions undefined now? What if in the future we have another > extension like the PSK extension that needs to be updated for the second > ClientHello? > > Do we accept that the above list is set in stone and will never change (except > for new protocol versions), requiring all future extensions to also require > the same extension payload for first and second ClientHello? > It seems to me that such a hypothetical future extension could include a signaling value in the HRR to indicate that the server understands the new extension, and the semantics of the extension defined such that when the server understands the extension the client may change its value between ClientHello1 and ClientHello2. This might be slightly inefficient if the extension's information flow is only from client to server, but I think it would be a compatible way to allow an extension value to change after HRR. -Ben
- [TLS] UPDATED Last Call: <draft-ietf-tls-tls13-24… The IESG
- Re: [TLS] UPDATED Last Call: <draft-ietf-tls-tls1… Sean Turner
- [TLS] Future interoperability issues for HRR for … Hubert Kario
- Re: [TLS] Future interoperability issues for HRR … Benjamin Kaduk
- [TLS] external PSK identity enumeration Re: UPDAT… Hubert Kario
- Re: [TLS] Future interoperability issues for HRR … Eric Rescorla
- Re: [TLS] external PSK identity enumeration Re: U… Eric Rescorla
- Re: [TLS] external PSK identity enumeration Re: U… Hubert Kario
- Re: [TLS] external PSK identity enumeration Re: U… Eric Rescorla
- Re: [TLS] external PSK identity enumeration Re: U… Martin Thomson
- Re: [TLS] external PSK identity enumeration Re: U… Tony Putman
- Re: [TLS] external PSK identity enumeration Re: U… Hubert Kario
- Re: [TLS] external PSK identity enumeration Re: U… Hubert Kario