Re: [TLS] [AVTCORE] WG last call of draft-ietf-avtcore-rfc5764-mux-fixes-05

Ilari Liusvaara <ilariliusvaara@welho.com> Thu, 03 March 2016 17:06 UTC

Return-Path: <ilariliusvaara@welho.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7100A1B29C4 for <tls@ietfa.amsl.com>; Thu, 3 Mar 2016 09:06:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.906
X-Spam-Level:
X-Spam-Status: No, score=-1.906 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.006] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ubZ91AXStrMp for <tls@ietfa.amsl.com>; Thu, 3 Mar 2016 09:06:41 -0800 (PST)
Received: from welho-filter2.welho.com (welho-filter2.welho.com [83.102.41.24]) by ietfa.amsl.com (Postfix) with ESMTP id 0E8251A88B8 for <tls@ietf.org>; Thu, 3 Mar 2016 09:04:49 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by welho-filter2.welho.com (Postfix) with ESMTP id 01FFA183D; Thu, 3 Mar 2016 19:04:48 +0200 (EET)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp1.welho.com ([IPv6:::ffff:83.102.41.84]) by localhost (welho-filter2.welho.com [::ffff:83.102.41.24]) (amavisd-new, port 10024) with ESMTP id zLBAg0ZjCW1m; Thu, 3 Mar 2016 19:04:47 +0200 (EET)
Received: from LK-Perkele-V2 (87-100-151-39.bb.dnainternet.fi [87.100.151.39]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by welho-smtp1.welho.com (Postfix) with ESMTPSA id C6406C4; Thu, 3 Mar 2016 19:04:47 +0200 (EET)
Date: Thu, 3 Mar 2016 19:04:42 +0200
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: "Salz, Rich" <rsalz@akamai.com>
Message-ID: <20160303170442.GB13882@LK-Perkele-V2.elisa-laajakaista.fi>
References: <56A8904D.10307@ericsson.com> <CAOgPGoBU+h6cA9RDxBX2m1AR-3-GnC7OYcfDLTpDepX00g73dA@mail.gmail.com> <201602080117.57742.davemgarrett@gmail.com> <56CA239F.6010107@acm.org> <56D7076A.1020703@ericsson.com> <CAOgPGoB669zcdqMYXd0yD4Tkqx7yuj6dc0y1byv3bw1ZN_qv6Q@mail.gmail.com> <56D76716.1090506@acm.org> <CABkgnnUxeQbVfaWuGwg=5qk-0Urky5uFA_2GxGkKYFKQu=AZfA@mail.gmail.com> <20160303164309.GA13882@LK-Perkele-V2.elisa-laajakaista.fi> <d77f827469d748d68b8f58100a4c627c@usma1ex-dag1mb1.msg.corp.akamai.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <d77f827469d748d68b8f58100a4c627c@usma1ex-dag1mb1.msg.corp.akamai.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
Sender: ilariliusvaara@welho.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/YMrYCzSvsFOjXzSE5skAECCxAjI>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] [AVTCORE] WG last call of draft-ietf-avtcore-rfc5764-mux-fixes-05
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Mar 2016 17:06:47 -0000

On Thu, Mar 03, 2016 at 04:44:30PM +0000, Salz, Rich wrote:
> 
> > The unencrypted headers need to be kept for backward compatiblity.
> 
> Even for a new protocol revision?

Well, actually, it might be possible to compress everything except
ClientHello headers. One should still avoid the 15 and 16 values (and
presumably also 17) if one does.

E.g.:

For ClientHello: 16 03 vv xx xx
For ServerHello: 3F+xx xx
For Alert on *Hello: 3E xx  (Alerts are short)
For encrypted message: 80|xx xx


(If one wanted to get fancy, one could even try to negotiate this via
vv byte (a'la: "record version: TLS 1.3").

-Ilari