Re: [TLS] TLS 1.3 Application Identifier ?
Pascal Urien <pascal.urien@gmail.com> Wed, 16 July 2014 13:32 UTC
Return-Path: <pascal.urien@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E62321B2A8E for <tls@ietfa.amsl.com>; Wed, 16 Jul 2014 06:32:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XRzc8v2iABeh for <tls@ietfa.amsl.com>; Wed, 16 Jul 2014 06:32:11 -0700 (PDT)
Received: from mail-qg0-x234.google.com (mail-qg0-x234.google.com [IPv6:2607:f8b0:400d:c04::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DCF0A1B2A37 for <tls@ietf.org>; Wed, 16 Jul 2014 06:32:10 -0700 (PDT)
Received: by mail-qg0-f52.google.com with SMTP id f51so714926qge.39 for <tls@ietf.org>; Wed, 16 Jul 2014 06:32:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=bRyLc4R/ypkX/Z4+Vs/VsjxIjR61zJL061oeSjKm7lM=; b=TyMJ6wfUFmPqpoer/XbXpqqkENpGaO3kXvLJqzj75f1i4Uyhf67xI9cWp72WB+XOmu VETtGqEjGDTR9a2t/YdQhlrFF8DkcREI5M9EMP7O/xKY32sdJ4hJ0HV33Xk1JnvqYsYi InW5kUZ1rRDJsSzlDkVrOzM7pg1rbWhVO/hSi+/soO8Z0jtdLH2/ctpTRfhJ6DZaap0a pXcIhn+VIJC/Cwim7mveARQBmNxeSebL9Hk+G98TCMbsRnOqDdYZV8ru10c6Oi9hTRNr 4voxy6Qacyr8JZV0RzM5fdkrtOipwEqkJSjqY1e3rdfAFS6Ye3TOktt8QlZ2+qVCgSD2 VARA==
MIME-Version: 1.0
X-Received: by 10.229.117.136 with SMTP id r8mr17432687qcq.17.1405517530077; Wed, 16 Jul 2014 06:32:10 -0700 (PDT)
Received: by 10.96.194.225 with HTTP; Wed, 16 Jul 2014 06:32:09 -0700 (PDT)
In-Reply-To: <ce96173c-e886-4c90-a567-8fd445ed7169@email.android.com>
References: <CAEQGKXRhAh2BvwY0xCCf-BN6kh37_athgYQ+Ha7LJE0DYvSCVg@mail.gmail.com> <ce96173c-e886-4c90-a567-8fd445ed7169@email.android.com>
Date: Wed, 16 Jul 2014 15:32:09 +0200
Message-ID: <CAEQGKXTby0hwY+Ttxki1CJ7aimkGOgEuxcGcMw2z_HQt3H0-LQ@mail.gmail.com>
From: Pascal Urien <pascal.urien@gmail.com>
To: Alyssa Rowan <akr@akr.io>
Content-Type: multipart/alternative; boundary="001a1133179c1b200904fe4f8d70"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/V4Er-fFSpOsSiwIe69E-Gla8DHA
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] TLS 1.3 Application Identifier ?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Jul 2014 13:32:14 -0000
It could be like ALPN But ALPN is an extension from previous versions of TLS, and is not mandatory Pascal 2014-07-16 11:17 GMT+02:00 Alyssa Rowan <akr@akr.io>: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > On 16 July 2014 09:32:31 BST, Pascal Urien <pascal.urien@gmail.com> wrote: > > >It seems there is no identifier for the application SDU transported by > >TLS > >1.3 (which is obviously a transport protocol) > > > >With the legacy TLS, the application is identified by a TCP or UDP > >port. > >Some TLS extensions have been proposed to solve this issue. > > Perhaps I am misunderstanding: are you not describing ALPN? It seems what > you want is an ALPN identifier for your protocol, am I correct? > > ALPN seems to be proposed as the preferred way to do this for 1.3, is my > understanding. > > There are obvious metadata concerns involving an untrusted intermediary > identifying and demultiplexing different applications transported over TLS > (current ALPN is plaintext) and ways to address this are being explored by > the WG (although this has tension with those who run large-scale traffic > balancers which would prefer to avoid doing crypto for both scale and key > security reasons; I'm not sure that can be cleanly resolved in a > privacy-preserving manner which satisfies everyone). > > - -- > /akr > -----BEGIN PGP SIGNATURE----- > Version: APG v1.1.1 > > iQI3BAEBCgAhBQJTxkMVGhxBbHlzc2EgUm93YW4gPGFrckBha3IuaW8+AAoJEOyE > jtkWi2t6KOoP/jnvQ4WhOW1/1U1AeFn8p/y3qlaBEelH04jasu3PClTNk8c2ddGx > ICv6rE1rv8xIA6m1LrqG5kUVqctnUq2JuH6G6FRg2cu8N7QkImaIIZXZzgpmIXmW > wVTCQ+RN4kmpsYMwdd+ZcwHVORbu09lnG9MI+Bt3Ybv2ck1NLjVz5+o0Iai6HOwu > S0zMl8cjB2husFluuUUkt4Rk56l415hQf8VF4I4zHkIYcx5b5DHBrZRD+COCCuKO > kqzeDSl09HVAGYQfkf1WzubUpq501mi39uHvFAY/NYrY51/e6g0fDQavd795bxXT > rldVix9o8Y6CXSBkK/aKTMgvhoa5GCiBRE3zOAYuSZbpvTUbWwLFDHASkasnQCo1 > yyDgGJXuY8P0dWMKQ0ufOmJ7AgLJnp8EaqjWY1BXAticEPPhQYAtY9oMriuyzd2p > rw7HkHmIwpCb0Cqu705jFSY+x0F3R+QvhDdGg2jHQIxCUF+2L81oD4n/ekqRZK/n > B1CkATZoxq4mLHS7rPDLU9HNqRHbhkkUSFmpiE+4KIIarNRfUp+tJzZtAvazo5hw > iDY+IvQ8mWpUCvvL95LwSSWE4D4PPDMCltcT/6HSBT1080BtaU+r+5HeSAaQRsSq > 94EtgkuczqRbQjvvgc1nqe11ZK3MZx+RQI9+Qu3r1i3151yV/qPczonh > =x0a+ > -----END PGP SIGNATURE----- > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [TLS] TLS 1.3 Application Identifier ? Pascal Urien
- Re: [TLS] TLS 1.3 Application Identifier ? Alyssa Rowan
- Re: [TLS] TLS 1.3 Application Identifier ? Pascal Urien
- Re: [TLS] TLS 1.3 Application Identifier ? Martin Thomson
- Re: [TLS] TLS 1.3 Application Identifier ? Pascal Urien
- Re: [TLS] TLS 1.3 Application Identifier ? Juho Vähä-Herttua
- Re: [TLS] TLS 1.3 Application Identifier ? Mohamad Badra
- Re: [TLS] TLS 1.3 Application Identifier ? Pascal Urien
- Re: [TLS] TLS 1.3 Application Identifier ? Peter Bowen
- Re: [TLS] TLS 1.3 Application Identifier ? Martin Rex
- Re: [TLS] TLS 1.3 Application Identifier ? Watson Ladd
- Re: [TLS] TLS 1.3 Application Identifier ? Paul Lambert
- Re: [TLS] TLS 1.3 Application Identifier ? Pascal Urien
- Re: [TLS] TLS 1.3 Application Identifier ? Watson Ladd
- Re: [TLS] TLS 1.3 Application Identifier ? Pascal Urien
- Re: [TLS] TLS 1.3 Application Identifier ? Alfredo Pironti
- Re: [TLS] TLS 1.3 Application Identifier ? Paul Lambert
- Re: [TLS] TLS 1.3 Application Identifier ? Paul Lambert