IETF Logo Mail Archive

Re: [TLS] draft-ietf-tls-tls13-21 posted

Martin Thomson <martin.thomson@gmail.com> Wed, 05 July 2017 21:15 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA395131762 for <tls@ietfa.amsl.com>; Wed, 5 Jul 2017 14:15:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xsg3HDoyPd_3 for <tls@ietfa.amsl.com>; Wed, 5 Jul 2017 14:15:01 -0700 (PDT)
Received: from mail-lf0-x229.google.com (mail-lf0-x229.google.com [IPv6:2a00:1450:4010:c07::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 24193131A2B for <tls@ietf.org>; Wed, 5 Jul 2017 14:15:01 -0700 (PDT)
Received: by mail-lf0-x229.google.com with SMTP id z78so704324lff.0 for <tls@ietf.org>; Wed, 05 Jul 2017 14:15:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=t72mvSvVr38RwF60e/FB5sKu/ByL2GkcrN/oUM8TNRQ=; b=G/OnsgGFwmKj9xsRYUfLzUqJ27JLYM7s58ZWKf2uaSRtEhtauieU/ILIC9dnLNhM4Z biBNC+VyQHbMDK/pViKsAZo0StSw21xCOrjlS9mJ6SCRPUib20CR4fZ36vzz3S4iGBf6 WyWEuoJED0nqgdSmWDwe33cy4/+XrWBfN9xV0zX3KCj0on0qSD3/HQEKmOxxdqrta46U 3yZGYlxbPwkH6Ke97PoPtOYMZWccmcYUsm7l7wqe1CZj+A7/PBySQR18duUsQ/dwGXcU DDdcSj5yCZVejpMlGIExSQrDae3MiGjaeHl5NVoWCl1R3MYUVmRDC0t+IeXK7qu0YFGQ yh4w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=t72mvSvVr38RwF60e/FB5sKu/ByL2GkcrN/oUM8TNRQ=; b=Z6e+k0DCdstyBCebCRXNIsabOpK40Nc64ujrF6iuos49oyVhJjju4i14svPVePfAcL wLhqza+HdEzWvVPwbOKaSLfoeBke73cfhLFFU5RW4GZUtOgaq2XO1eQt5ut5aLGLoxpX GbPrTI0vh/tNxD6xZfARxQQhG4yDmz7B7JmHzGgh553ydbV/WfVQl3oBE73bGptlYmQD GIedvPMIstrFvdVXL0e48NjZYjtctVCiP0iRE7o6xJcSePLUjdTyv/VYuQFsRmtRdzQa UbWqQkM451ubOsSO5QbXprSI7p4+ZkmTf3o9XjrenYF0ygqqjgFa3ctFBLjvRIoojg0E 5IrQ==
X-Gm-Message-State: AKS2vOzYJ992D/XwgPtfeX/ijJ9FNhrlTqHhlyMJykhO/AclOcJ2gGy3 BtY9LY28p8VAF8m2TBmdfZr4bGpX3y18
X-Received: by 10.25.28.70 with SMTP id c67mr17086078lfc.130.1499289299463; Wed, 05 Jul 2017 14:14:59 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.46.69.84 with HTTP; Wed, 5 Jul 2017 14:14:58 -0700 (PDT)
In-Reply-To: <CABcZeBO3frWHntziM5Kvubfy-jdrhwSFBMbG_uL1_TOX_9gXWQ@mail.gmail.com>
References: <CABcZeBN7vJXZJadNzPR5RbWwZpgM+NgjW7FvuJW+Q5cNUu6_FQ@mail.gmail.com> <CAMoSCWYPwvb6xn40EEKn_g-AD4ZKsUeAbvEScd7P248M7Troow@mail.gmail.com> <20170704105050.zqclbfje2rvly5dm@LK-Perkele-VII> <CAMoSCWa6p_hPhA54tR7CSHsQLbBgwv31R5t5gXCFizXy4u23yg@mail.gmail.com> <CABcZeBO3frWHntziM5Kvubfy-jdrhwSFBMbG_uL1_TOX_9gXWQ@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Thu, 06 Jul 2017 07:14:58 +1000
Message-ID: <CABkgnnU+Eepcu-rMmxd4bQnUrmRVQ7xm9VU3-zB+ep+y8f1a8Q@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: Matt Caswell <frodo@baggins.org>, "tls@ietf.org" <tls@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Xisgyempc5r4JwuOJFF-ujYz65s>
Subject: Re: [TLS] draft-ietf-tls-tls13-21 posted
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Jul 2017 21:15:03 -0000

On 5 July 2017 at 20:35, Eric Rescorla <ekr@rtfm.com> wrote:
> Yes, that might not be a terrible idea. I'd also be open to replacing
> the hashes of 0 with an n-byte length 0 string. It's a tiny paper
> cut (and a wire format change), but would make things slightly simpler .

I think that would be best.  With the change to the transcript hash,
the context would then be:
1. a transcript hash (size = hash function output)
2. 0 (size = 0)
3. ticket nonce (size = 1..255)

Out of interest, why not permit 0 length ticket nonces for those of us
that don't issue multiple tickets?

I think that we should take the hit and make the change.

v2.23.0 | Report a Bug | By Email