[TLS] ticket lifetimes
Subodh Iyengar <subodh@fb.com> Tue, 29 January 2019 05:42 UTC
Return-Path: <prvs=7932b70017=subodh@fb.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7F5D6130EDE for <tls@ietfa.amsl.com>; Mon, 28 Jan 2019 21:42:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.395
X-Spam-Level:
X-Spam-Status: No, score=-5.395 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-4.553, DKIMWL_WL_MED=-0.142, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, KHOP_DYNAMIC=2, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fb.com header.b=F7h+LJsJ; dkim=pass (1024-bit key) header.d=fb.onmicrosoft.com header.b=gYbFAglG
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8lontBsYU4kQ for <tls@ietfa.amsl.com>; Mon, 28 Jan 2019 21:42:51 -0800 (PST)
Received: from mx0b-00082601.pphosted.com (mx0b-00082601.pphosted.com [67.231.153.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D526B130EA4 for <tls@ietf.org>; Mon, 28 Jan 2019 21:42:50 -0800 (PST)
Received: from pps.filterd (m0109331.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x0T5gnsk019701 for <tls@ietf.org>; Mon, 28 Jan 2019 21:42:50 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : subject : date : message-id : content-type : mime-version; s=facebook; bh=PQcZFB3iBu56bF7GpO//RTkr8Z04GjaxEvvbnxehZok=; b=F7h+LJsJOAWCh6nDvLya3H0uzn64bVWuX7Wy0CE9N2zpYgBPE7jS3Y4ZgOoS4RyXGSA3 5uL9u85AigkiICedqaxOJlpZi2HDD4lnDMprmKdWqnEgkdwiOGPTqX6HkyoaLgeMdb1l kGo+6xjy0qXHQlT+oSijlKM5CTZU/s3Es84=
Received: from mail.thefacebook.com ([199.201.64.23]) by mx0a-00082601.pphosted.com with ESMTP id 2qaewg89mn-2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <tls@ietf.org>; Mon, 28 Jan 2019 21:42:50 -0800
Received: from prn-hub02.TheFacebook.com (2620:10d:c081:35::126) by prn-hub04.TheFacebook.com (2620:10d:c081:35::128) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3; Mon, 28 Jan 2019 21:42:44 -0800
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (192.168.54.28) by o365-in.thefacebook.com (192.168.16.26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3 via Frontend Transport; Mon, 28 Jan 2019 21:42:44 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.onmicrosoft.com; s=selector1-fb-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PQcZFB3iBu56bF7GpO//RTkr8Z04GjaxEvvbnxehZok=; b=gYbFAglGzf5JZsDIuyTO4vjT+eHq6XZZMgxVvfJLDsENasdnFjAz871Dohrykt6HmxX3PznS2ll/Negm9MByCdn8qLXGbvNPOZKygGN0oUU7p0HkL4ISkePibedPzeQEGiPzqignytqFiYilQoJqFProM5qy5dCDNAU8NXkOVlQ=
Received: from MWHPR15MB1821.namprd15.prod.outlook.com (10.174.255.137) by MWHPR15MB1549.namprd15.prod.outlook.com (10.173.235.22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1558.17; Tue, 29 Jan 2019 05:42:43 +0000
Received: from MWHPR15MB1821.namprd15.prod.outlook.com ([fe80::e4f1:9986:a3d:178b]) by MWHPR15MB1821.namprd15.prod.outlook.com ([fe80::e4f1:9986:a3d:178b%7]) with mapi id 15.20.1558.023; Tue, 29 Jan 2019 05:42:43 +0000
From: Subodh Iyengar <subodh@fb.com>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: ticket lifetimes
Thread-Index: AQHUt5PbJPg1BCv4IU2K+uhv0WevMg==
Date: Tue, 29 Jan 2019 05:42:43 +0000
Message-ID: <MWHPR15MB182191E96C1A065B2396318EB6970@MWHPR15MB1821.namprd15.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [73.93.142.132]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR15MB1549; 20:jqRE+ja44JvhZ/okVvq5Ze6D1H/zHGtwDDAiEJzkZi4tu9GstyLj9/radYzjhA5CMecJrefS0NtfupynrfPrchxC2d4cLD3DNz0FFIcP+bmi/pE0klP6FHLpNcZqCcMc6XR1EyRKUad0VWg9ZZYiS7aYXEBE6sWXtQt/+/C/QWo=
x-ms-office365-filtering-correlation-id: 1176cbcd-b0a6-4bee-93a0-08d685ac970a
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(2017052603328)(7153060)(7193020); SRVR:MWHPR15MB1549;
x-ms-traffictypediagnostic: MWHPR15MB1549:
x-microsoft-antispam-prvs: <MWHPR15MB15498C51A75D05DB8C111A2BB6970@MWHPR15MB1549.namprd15.prod.outlook.com>
x-forefront-prvs: 093290AD39
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(396003)(39860400002)(346002)(366004)(136003)(199004)(189003)(1730700003)(3480700005)(71190400001)(8676002)(186003)(99286004)(81166006)(71200400001)(3846002)(86362001)(7696005)(102836004)(221733001)(476003)(105004)(2351001)(26005)(316002)(6506007)(66066001)(8936002)(486006)(5640700003)(55016002)(81156014)(7736002)(19627405001)(33656002)(256004)(14444005)(105586002)(7116003)(6436002)(106356001)(6916009)(54896002)(68736007)(6116002)(14454004)(53936002)(9686003)(2906002)(2501003)(97736004)(74316002)(25786009)(478600001); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR15MB1549; H:MWHPR15MB1821.namprd15.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: fb.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 2FxADNHbfJJY26BNQwksoRYRF+9QXRvvyvVCxMmINjl0/X8SGvSkIMdjSKAZWmN7BK/ailbL4k63JlSQ8pFg//XmIPCjGcShfvQH98VT8iD6X/gbbMsd+QstDEPiHgcc2uboWv5qvziR+4sRd4C3r+R5FTTNEUuMVgrQdoASncbWdaqwvApEtwHh+/2DszPIxawGgkZIHa2vs4IanzGPWLtpYsChOAqbhdzrsFJlCCaBrAALbJpP2BgWTnD5lksrxoROGQNhYunsaEmo+vxAZBopNrg0glNN+fqfPIEtPkIylZqSyWsbbGObZwf0d64h/vIbZMgXyMgc8V5mkGZJ4MjEAjpfhJgwYm2x8EEyoYNd3rBAnt9tAV+z/uRG7M/INKpuPGm4dPvDFj2IY1WULtg7WjUkGFhj+H8j7wgtPU8=
Content-Type: multipart/alternative; boundary="_000_MWHPR15MB182191E96C1A065B2396318EB6970MWHPR15MB1821namp_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 1176cbcd-b0a6-4bee-93a0-08d685ac970a
X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jan 2019 05:42:43.2244 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR15MB1549
X-OriginatorOrg: fb.com
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-01-29_05:, , signatures=0
X-Proofpoint-Spam-Reason: safe
X-FB-Internal: Safe
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/ZG8exLW2B4Ce_C1Cg833f53A9Vw>
Subject: [TLS] ticket lifetimes
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Jan 2019 05:42:52 -0000
In TLS 1.3 we added a maximum age to the ticket lifetime to be 7 days. This had several original motivations including reducing the time that a ticket is reused (for privacy or PFS). Another major motivation for this was to limit the exposure of servers that use keyless ssl like mechanisms, i.e. if they kept a STEK locally, but the keyless SSL server remotely, then the theft of a STEK would presumably limit the MITM capabilities to the ticket lifetime. However thinking about it some more because of the renewal capability of tickets in TLS 1.3, an entity owning the STEK could just re-issue new tickets forever on a resumed connection. This would look to the client as a new ticket and it would refresh its lifetime on the ticket. Thereby a MITM could intercept connections to users that have been to the server with the STEK. I'm wondering whether it might be useful to define a mechanism to limit the lifetime of all ticket resumption across all resumptions from the original connection instead of just the limited per ticket lifetime. Subodh
- [TLS] ticket lifetimes Subodh Iyengar
- Re: [TLS] ticket lifetimes Christopher Wood
- Re: [TLS] ticket lifetimes Subodh Iyengar
- Re: [TLS] ticket lifetimes Christopher Wood
- Re: [TLS] ticket lifetimes Subodh Iyengar
- Re: [TLS] ticket lifetimes Nick Sullivan
- Re: [TLS] ticket lifetimes David Benjamin
- Re: [TLS] ticket lifetimes Subodh Iyengar
- Re: [TLS] ticket lifetimes David Benjamin
- Re: [TLS] ticket lifetimes Subodh Iyengar
- Re: [TLS] ticket lifetimes David Benjamin
- Re: [TLS] ticket lifetimes Nikos Mavrogiannopoulos