[TLS] ALPN with 0-RTT Data
Kyle Nekritz <knekritz@fb.com> Wed, 12 October 2016 19:49 UTC
Return-Path: <prvs=9093a824df=knekritz@fb.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1DD2F127A90 for <tls@ietfa.amsl.com>; Wed, 12 Oct 2016 12:49:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.721
X-Spam-Level:
X-Spam-Status: No, score=-2.721 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fb.com header.b=O6KjUkhd; dkim=pass (1024-bit key) header.d=fb.onmicrosoft.com header.b=N2HL2Ncl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Cr3SL7slh3k for <tls@ietfa.amsl.com>; Wed, 12 Oct 2016 12:49:40 -0700 (PDT)
Received: from mx0a-00082601.pphosted.com (mx0a-00082601.pphosted.com [67.231.145.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 70FB6129518 for <tls@ietf.org>; Wed, 12 Oct 2016 12:49:40 -0700 (PDT)
Received: from pps.filterd (m0044008.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.17/8.16.0.17) with SMTP id u9CJnatE014628 for <tls@ietf.org>; Wed, 12 Oct 2016 12:49:40 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=fb.com; h=from : to : subject : date : message-id : content-type : content-transfer-encoding : mime-version; s=facebook; bh=J0vdtt74Mh0xKVwaQo0X9r5yjNmJZfZoX4g19ENtUJc=; b=O6KjUkhdSnas6Ru8qDcakxXwwkgzfcACECxWIB3jtjucbMAbL1fNpidHwhgQFzXWXNZx LQuBgBudn2yYnK6JoLXYEDLkuAkw/k3dWYxDLBqAG9vNt5enS0fIgzniIOQH16OTTmwx 3/9trV+td4I7FtCKtJfWlX+pz+IS4gJwcXw=
Received: from maileast.thefacebook.com ([199.201.65.23]) by mx0a-00082601.pphosted.com with ESMTP id 261raxs998-5 (version=TLSv1 cipher=ECDHE-RSA-AES256-SHA bits=256 verify=NOT) for <tls@ietf.org>; Wed, 12 Oct 2016 12:49:40 -0700
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (192.168.183.28) by o365-in.thefacebook.com (192.168.177.23) with Microsoft SMTP Server (TLS) id 14.3.294.0; Wed, 12 Oct 2016 15:49:37 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.onmicrosoft.com; s=selector1-fb-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=J0vdtt74Mh0xKVwaQo0X9r5yjNmJZfZoX4g19ENtUJc=; b=N2HL2NclS0WkTsKOaU4AVAe4PuObFQLVBgL+V7JPVqN/K+o1+rp+y3azhN8aQy8uw6Hwx/vhBVX8U6mxSlZi48XrqliY6Ji/qoulcgy+jT8PXXTxHij0nKz/aVJFduZzBXOP/2p+ZY9R8kxG1j4Tclwpt5JaiCUKkn7E63o4xwU=
Received: from MWHPR15MB1182.namprd15.prod.outlook.com (10.175.2.136) by MWHPR15MB1182.namprd15.prod.outlook.com (10.175.2.136) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.659.11; Wed, 12 Oct 2016 19:49:35 +0000
Received: from MWHPR15MB1182.namprd15.prod.outlook.com ([10.175.2.136]) by MWHPR15MB1182.namprd15.prod.outlook.com ([10.175.2.136]) with mapi id 15.01.0659.020; Wed, 12 Oct 2016 19:49:35 +0000
From: Kyle Nekritz <knekritz@fb.com>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: ALPN with 0-RTT Data
Thread-Index: AdIkwNG9QrjHsFtFQbqjMnydw22iRw==
Date: Wed, 12 Oct 2016 19:49:35 +0000
Message-ID: <MWHPR15MB118283AEF96DAD58FD3F6FF3AFDD0@MWHPR15MB1182.namprd15.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [2620:10d:c091:200::5:ba78]
x-ms-office365-filtering-correlation-id: f84f9e62-63f8-4194-db6d-08d3f2d8e4f1
x-microsoft-exchange-diagnostics: 1; MWHPR15MB1182; 20:lDCZML6sgzZ2X/U8xerB2IsBScx10daEr3N4uHBCkKMGfCkcsLSaual4zHWdiuTDd4d188D/KXUNAtU/dC46iR12+2qkva86oBnUj+Xc7q9/ULmsRy3DXOZGH1vOP22kzy47wXMBjbW9TXN9HT6nw3UzsYdWHZTTSYjSHJB/+cc=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:MWHPR15MB1182;
x-microsoft-antispam-prvs: <MWHPR15MB11827500B81A34BEFE3A6340AFDD0@MWHPR15MB1182.namprd15.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(166708455590820);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046); SRVR:MWHPR15MB1182; BCL:0; PCL:0; RULEID:; SRVR:MWHPR15MB1182;
x-forefront-prvs: 0093C80C01
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(6009001)(7916002)(189002)(199003)(9686002)(87936001)(1730700003)(3280700002)(33656002)(8936002)(101416001)(6916009)(5660300001)(54356999)(76576001)(81166006)(5002640100001)(50986999)(5640700001)(3660700001)(99286002)(110136003)(122556002)(86362001)(81156014)(7696004)(8676002)(105586002)(586003)(6116002)(102836003)(107886002)(2906002)(189998001)(2501003)(7736002)(106356001)(305945005)(2900100001)(10400500002)(11100500001)(68736007)(15975445007)(2351001)(97736004)(77096005)(229853001)(92566002)(74316002)(450100001)(7846002)(19580395003)(3826002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR15MB1182; H:MWHPR15MB1182.namprd15.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: fb.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Oct 2016 19:49:35.4462 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR15MB1182
X-OriginatorOrg: fb.com
X-Proofpoint-Spam-Reason: safe
X-FB-Internal: Safe
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2016-10-12_10:, , signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/UJ2X7d8DQjPMxZBcRl1Xo-yhbBk>
Subject: [TLS] ALPN with 0-RTT Data
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Oct 2016 19:49:42 -0000
Currently the draft specifies that the ALPN must be "the same" as in the connection that established the PSK used with 0-RTT, and that the server must check that the selected ALPN matches what was previously used. I find this unclear if 1) the client should select and offer one (and only one) application protocol 2) the client can offer multiple protocols, but use the most preferred one offered for 0-RTT data 3) the client must send the exact same ALPN extension as in the previous connection, but must use the ALPN previously selected by the server (even if it was not the client's first offer). To clarify this we can instead * allow the client to offer whatever ALPN extension it wants * define that the 0-RTT data uses the client's most preferred application protocol offer (and the server must pick this ALPN if it accepts 0-RTT), similar to using the first PSK offer if multiple are offered * recommend that the client uses the same application protocol that was used on the previous connection. PR: https://github.com/tlswg/tls13-spec/pull/681 Kyle
- [TLS] ALPN with 0-RTT Data Kyle Nekritz
- Re: [TLS] ALPN with 0-RTT Data David Benjamin
- Re: [TLS] ALPN with 0-RTT Data Eric Rescorla
- Re: [TLS] ALPN with 0-RTT Data Kyle Nekritz
- Re: [TLS] ALPN with 0-RTT Data David Benjamin