IETF Logo Mail Archive

Re: [TLS] Fate of resumption

Tom Ritter <tom@ritter.vg> Sun, 19 October 2014 23:00 UTC

Return-Path: <tom@ritter.vg>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE1AE1A066C for <tls@ietfa.amsl.com>; Sun, 19 Oct 2014 16:00:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.379
X-Spam-Level:
X-Spam-Status: No, score=-1.379 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bx4JbtbOJKO7 for <tls@ietfa.amsl.com>; Sun, 19 Oct 2014 16:00:48 -0700 (PDT)
Received: from mail-ie0-x22d.google.com (mail-ie0-x22d.google.com [IPv6:2607:f8b0:4001:c03::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0E8C51A0366 for <tls@ietf.org>; Sun, 19 Oct 2014 16:00:47 -0700 (PDT)
Received: by mail-ie0-f173.google.com with SMTP id tp5so3689221ieb.32 for <tls@ietf.org>; Sun, 19 Oct 2014 16:00:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ritter.vg; s=vg; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=FdqudjodQ9hGrOm7MetF0rJzxR8m4gwQeSbI47lwdzQ=; b=qutOJAyjdRMXPP1eWIc4EHCITgxZ9cXvbnRjmxBkrSyTQtMe1lSmT4Gem+cW01YoYq ieP/S30l+5BH3U81JSNrVJTDPxIvvm61hJzKGPlNnb1BZ39TLLDrM2U5NsUAYu7knr19 2ifdqML/czpIr4Y97Fa8Pz7Z/ICwCgij1cBYU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=FdqudjodQ9hGrOm7MetF0rJzxR8m4gwQeSbI47lwdzQ=; b=U2Oo37++0+5iNN/cVRRJzyEzvhAycuiTVpLB9Izh1RvY444GH+PfR1fYXFZA2013tZ xxRgcn9v2bxO1aPvUty2WwA0KqCVya/dQXjVA2FUERlFa1tGxX7I97v9PR/WHVtS/OEJ Mr7x5fJ/2Ou6BMT8/6oDDagF301bEG4xObPMvpDw6QUzY2eboDhDu/4pD6uDJN75cvoh qGSL5vmPl6j96My2qXKMDxFQExZwId1WQS/EAChuOENjbf86550rQF37ITU1p6UXnFnu 5KKp3dKKnWP38TuP/zxgpKUbAyjBAvb7IuLjcbGWhdK2aNlZMTpyJQB+tZ9eHRX7W/vl JStw==
X-Gm-Message-State: ALoCoQnzq/3eG8GwE02gtyt6a/pEaQ03eIQ62/nu4aRypNtAd3/UMLyNmdj8BBft/lO8cxn9PZhr
X-Received: by 10.107.164.77 with SMTP id n74mr24692039ioe.17.1413759647460; Sun, 19 Oct 2014 16:00:47 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.107.17.15 with HTTP; Sun, 19 Oct 2014 16:00:27 -0700 (PDT)
In-Reply-To: <CAKC-DJhHKWPSj9pOvDOuvtteD3VtnQDHBtckEFadasJuZG5Mog@mail.gmail.com>
References: <CABcZeBP4=aXbQSFAhh4EenwRiTrv2LP=r50VeULm4f_0RR4swA@mail.gmail.com> <CAKC-DJhHKWPSj9pOvDOuvtteD3VtnQDHBtckEFadasJuZG5Mog@mail.gmail.com>
From: Tom Ritter <tom@ritter.vg>
Date: Sun, 19 Oct 2014 19:00:27 -0400
Message-ID: <CA+cU71kKB+sFUXHKtfqBZYk0+0aQfZP4Q5X3W1Bke271DdoJng@mail.gmail.com>
To: Erik Nygren <erik+ietf@nygren.org>
Content-Type: text/plain; charset="ISO-8859-1"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/V0nuIYo_Av23jjZ83W7Wr4pIb-o
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Fate of resumption
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Oct 2014 23:00:49 -0000

On 19 October 2014 11:43, Erik Nygren <erik+ietf@nygren.org> wrote:
> One other thing we may wish to consider is the relative safety
> and complexity and interactions of 0RTT vs Resumption for various scenarios,
> such as against replay attacks (when nonces are available and
> when they aren't available).

++ I'm confident a Resumption-like thing will need to be present, but
I'm not clear on the difference between 0RTT and Resumption, and if we
need the latter if we have the former. (Whatever it's called.)

-tom

v2.23.0 | Report a Bug | By Email