[TLS] TLS 1.3 ServerConfiguration

Ilari Liusvaara <ilariliusvaara@welho.com> Mon, 07 December 2015 11:09 UTC

Return-Path: <ilariliusvaara@welho.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AF7861A21BC for <tls@ietfa.amsl.com>; Mon, 7 Dec 2015 03:09:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C-cSH-Ruo0wM for <tls@ietfa.amsl.com>; Mon, 7 Dec 2015 03:09:53 -0800 (PST)
Received: from filtteri2.pp.htv.fi (filtteri2.pp.htv.fi [213.243.153.185]) by ietfa.amsl.com (Postfix) with ESMTP id AF2B51A21B0 for <tls@ietf.org>; Mon, 7 Dec 2015 03:09:53 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by filtteri2.pp.htv.fi (Postfix) with ESMTP id 963A619C03E for <tls@ietf.org>; Mon, 7 Dec 2015 13:09:51 +0200 (EET)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from smtp5.welho.com ([213.243.153.39]) by localhost (filtteri2.pp.htv.fi [213.243.153.185]) (amavisd-new, port 10024) with ESMTP id rM1Ix6TpzAWS for <tls@ietf.org>; Mon, 7 Dec 2015 13:09:51 +0200 (EET)
Received: from LK-Perkele-V2 (87-92-35-116.bb.dnainternet.fi [87.92.35.116]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp5.welho.com (Postfix) with ESMTPSA id 7006C5BC003 for <tls@ietf.org>; Mon, 7 Dec 2015 13:09:51 +0200 (EET)
Date: Mon, 7 Dec 2015 13:09:48 +0200
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: tls@ietf.org
Message-ID: <20151207110948.GA3801@LK-Perkele-V2.elisa-laajakaista.fi>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
User-Agent: Mutt/1.5.24 (2015-08-30)
Sender: ilariliusvaara@welho.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/Y3TfZb2n-zxmA1Ch7DZnJt6o3PE>
Subject: [TLS] TLS 1.3 ServerConfiguration
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Dec 2015 11:09:55 -0000

This came up while writing serializers/deserializers for various TLS
1.2 and 1.3 stuff... Didn't see issues/pull requests for any of
these...

1) ServerConfiguration has field early_data_type, which is of type
EarlyDataType. I don't see definition of that type anywhere. I
guess it was missed when that type was removed?

2) If ServerConfiguration contains an unknown extension, how should
the client behave? Ignore the unknown extension, ignore the entiere
ServerConfiguration or send a fatal alert?

3) Could the group and server_key fields be combined into a single
field of type KeyShareEntry? The layout would be identical, and
one could clearly reuse KeyShareEntry parsing (especially
considering some groups have 2-byte interrior length fields
as opposed to 1-byte).


BTW: The new TLS 1.3 extensions don't have even test values
assigned. The values I put in were:
- early_data: 13000 (0x32C8)
- pre_shared_key: 13001 (0x32C9)
- key_share: 13002 (0x32CA)
- cookie: 13003 (0x32CB)


-Ilari