IETF Logo Mail Archive

[TLS] Next steps for Large Record Sizes for TLS and DTLS

John Mattsson <john.mattsson@ericsson.com> Wed, 20 March 2024 03:42 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C4697C15152D for <tls@ietfa.amsl.com>; Tue, 19 Mar 2024 20:42:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.108
X-Spam-Level:
X-Spam-Status: No, score=-7.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TwKgXO27blD7 for <tls@ietfa.amsl.com>; Tue, 19 Mar 2024 20:42:19 -0700 (PDT)
Received: from EUR05-AM6-obe.outbound.protection.outlook.com (mail-am6eur05on2114.outbound.protection.outlook.com [40.107.22.114]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D431C151084 for <tls@ietf.org>; Tue, 19 Mar 2024 20:42:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=bPMN4knu2CHyQhn0NYaqJ4IsVegxUoY7scjelm6zKxJLcValS/4x6UH2L6zJY3l4aTN7XD0p4omcxVGM0Bv5IGniM/i4j04zUTMJes5bNCNnzgNks0DKhsMMeoF+vcdlcai0Sd1rHRGUcwUUSgmFGI5dysuJiRde2sM9sI7pl6ALzbv1l+CxOX6hvApjDAxJMa80txqaKCLbtzsVvbHiL8eoHZzW0KpWESSL60dTL3ZfmPKiBJB64gKb5tsN7VwZKRJniv0xBwUEpMmh0kqUJCKz5cn5v809UY0q8AvkE8Q07m6dotJfo7/T2dsqtCdzoA7bivYrBlUXfYjOQnDGxQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xVr4x1JWUjAA4C6jn1AujREYyJhIQdaR4nVR3yOAhkQ=; b=iguJM1VV1ut9eQ4MQtJfMqSbGuBeQOWQ9KY9SobDA8iaBGSgghc1M4GFDUGP9H+MiLzY+nDWwdm2ygjMm2AxLUaH0+RVV14j0iHbdCBS8/8/QLHvWY2Pg4k7frFOz7G/gecr7eRSRhscNAhwi2H169tkqwGOgVO7Ho9oVSqhFR1WmApCVdBF/551M85yVnCU7Ughpb7mBvfvVFDJ0MtWCi1iwRX5ev58qMX7ENd372qJsYr8qDOcQbGtDl75UhOrxoVl/nsBYKmrrCYrcJTHgCZq1TtsTDuvcRBTsHfy4syAB9f/g0gJafFt/5zyAYh0H1gfVtGFsEfqAEHYaEXUJA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xVr4x1JWUjAA4C6jn1AujREYyJhIQdaR4nVR3yOAhkQ=; b=CF66JYtO2lAFDFNmnbkUb4iwu74mpfLELqR9hE95NW8eIrpeOK20EUdB4y6jPt36OCR72CmO0vE4VW9fS7F6e1h3vMUGvMc/SIY12cz6snmzvzImZiPrqGATe+zeFvzKOX6kaHwZtwgD5+zDhxv8o4fYtWkPUjqt1NshRtqq4lCcUsjpq69e83Hm09EJTx+ibP59FBB9ElgJEKXq7Pg3Mg/1JnjS2SO9KmAKHgphQYcEcmb2qsiI9uX/fanquvr2/jZDb8ylh0m66sTLjtmuR0n1VxdmSP8YnPNa39Tqj1dECX2fxINYA8VuwCgjCBuDqvlNIiTujPgD5rUns7eLDA==
Received: from GVXPR07MB9678.eurprd07.prod.outlook.com (2603:10a6:150:114::10) by AS2PR07MB9122.eurprd07.prod.outlook.com (2603:10a6:20b:559::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7386.28; Wed, 20 Mar 2024 03:42:16 +0000
Received: from GVXPR07MB9678.eurprd07.prod.outlook.com ([fe80::b0d0:9785:585a:9568]) by GVXPR07MB9678.eurprd07.prod.outlook.com ([fe80::b0d0:9785:585a:9568%4]) with mapi id 15.20.7386.025; Wed, 20 Mar 2024 03:42:16 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: "TLS@ietf.org" <tls@ietf.org>
Thread-Topic: Next steps for Large Record Sizes for TLS and DTLS
Thread-Index: AQHaeniaeD/NGo8+rkCQgpGaGlBR+A==
Date: Wed, 20 Mar 2024 03:42:16 +0000
Message-ID: <GVXPR07MB967894D717FD064E9690CC4A89332@GVXPR07MB9678.eurprd07.prod.outlook.com>
References: <170958339152.58675.742327505310055736@ietfa.amsl.com>
In-Reply-To: <170958339152.58675.742327505310055736@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: GVXPR07MB9678:EE_|AS2PR07MB9122:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: kPPsBpxVpjT6OBbIsYMHr185AvXOn645yevlegGzql7CdnKB6LIQ2JSV5B05AL/o+Yspb1bvni+VivGCMfjiHLrWugHRAkqobgjb+hpFBeIoJDKqD15qeUiLKOLIgEvC4jACdSxlyx9CGkB7MzPjKMBdqv+ncqhMXbdPML+xCi36e9mzfaJ2NKjVs654+5mV7ofILuAk6ZkZporsEAeTTKpnF7o+DJm0qj5JiWq/xNBngYVevj/+3So6TVJ+X5crLfIVN41RLW7j7yBsEXoTiJgxWSgjwSHPXgjbDjEBg1B/HXMuDlSEEQpopEpISMaMbzGqrTzHZk8k1AQXm71rmgVMNbDYswXQbNcxS14SlKbfI47MNtOGXcpje2CZyXwLJviCg2kkhrL8KOnQV3jQL6Tr+9uslAViycShpj0GJfb0HkVuGXcYhBrkLz4FAiCqZLL1SNoDXmK7/3J+wzyOEucmDQWJKS5TLYlI9A0QkVelI7i3IfLCD0N0YAf3XyNxGBW3dZ/F68YlEMNUd7uDiAvTqo8Ae74H1Dq25PfvmcmoXTO/77KYs2ZDiy91FUAfg6pfiYSXtiGIBJcNCia7KlAmLAT4BDdC9gJT2RjGP+4=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:GVXPR07MB9678.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(366007)(1800799015)(376005); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: EGlA5qhu+8wlm7BRz8bkZNENYOVM1dwGrxJ6MoAU9LOFDKFbq4buOaW7ODWuFd9Q0YOsPU/PzbQu49a6MKhde9JyFPBSHnsEVLKvjWB+gmIIloC7zM7FUAh0PVt1QN0K+5pAuTNATTp2UzLxbJZUyCND4XG3lZBxdKuvICztEJmwUVzrW5Z2munzKU0/+W838yRucsIIfXl7UQHCSMS5x91dGHZYCjBZ7qqxt33ta9ytn/JgxyRgQ9VZro0ImW3DKp/hIyKFYt5SfaRqu7tq4mSKxB+kSjTFd4zTdrkhbrJRmACPJQmaf7OTME6GLqvGSjPZ562u1rj412uHjjAgR7zB1yRRONSWKs0EvCKmriGVd7jB4u9Eq7Fb0BI+jOJK+v+ZCUqTIZntixjBPHWkUH7Ux7+mpID+jIo1ey3nL4CxLXBrya4p+e/AQ0mYeUdGvLE1B2NQhSYL7OOTvtlCwKMgfOVblS4FL/ZF0KYAAckQBXx+ivMzM5LqdQWREvgAzqxZza7rZh5i+05beK5mBkj/9uMcqrfLSzUUfbOmiPFsSsQxndaVkieEiDGp5tqnukza+fysjyn027PWJpaZ+2kAXmDiCFSaT0B6t66psWfgj8P3tC/TTk+4194yAT3H+MQPnQZdSJEZY6DBSi3JnNkuHw+Sv87GuDbXhK0GSUe0Ao3SDqqXxugpvQDhQUUgUlmE02zC804RZYTVvuItCZjBJ0EgvHhnPIE5uanFa05XkGQ2WU4vHE6EHJ/NKKjuD/MG0Zz/Kht4W/yR2pApdza8U2GQPbYf0icLKkm1de/S/dPU/2ghrtMCrNPYRbPDNVJOUdBZdS8P2wzm42Iek7bZusJM9uALzAw1Wf3Yqd4woYEhTnHOmYoJS9iOQJoZGcQXnHSRsbYhgN7e6K/K3dQCLYxD6eCuW/Vo2IgYUWCX8mEQrzkI/q9ba+PHynIj2l6qXGQjVr3QQKNoAyISrCDDi6fYHFxgheaam/SL4DzV6+dE46HncLtBc1qSdf8HD62fMR1CiVbSg0eV/D2DlyQDp1IY1hCIbm+FdgPB3WHGtSnbGU8y4Jmct/6ifZaHTAPDS68fFfkVTPlzMTyhJaF3jaCzjXKEtflzys5idbI2KO6iXdZRLDw3X9exo/3bEYESJiC2TGRdasA9+eT3Yl8suxfLAuc8UxA75159abjzG1I/b2trtIyN06q/ycxfcVOkaBLa6T2FyJGyPtRcOLsGU8p3Uxwlyz8Ok0lXYGIinddLyWdNXgadE6p20GOYACJCxxQ1BE0bhCmoCn02I0BMElEwjIRC8viloxhwlUdS72n9SP+ZYQpWFJeK/+24465PxFJlvN1F5OI5UxyHeKusabtYvnz6NHUJjNT1yVKkMQUgv7Toz33w+/p1pJAqu2PxYNpFkZsuToE+oJOeglW5kOKRkZCBMDHZq0huttUd1xZxha4Z4jkMYrTU0FpX2YKZoYenz+qAM+wyzvmTlA1IiMoFMNppJCt3KDI0/hWsKPk8qT17xfbuwb9pgLpmt1UvxFSSKa5HrNR8mnT0ydFRGT5ssG42UlTAii7U9CrNpVsAQkoYwJijC5xLmG+NOKc22xdER0i84rSJdcGfn7nN5uuADtoUgV4ONtJ9OpXJhMWTKd6LgaZAd1TxsG3RkGGlTFic416PwlDc9g/2Mw==
Content-Type: multipart/alternative; boundary="_000_GVXPR07MB967894D717FD064E9690CC4A89332GVXPR07MB9678eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GVXPR07MB9678.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 39b3ec02-9c16-48a2-14f1-08dc488fbca3
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Mar 2024 03:42:16.1771 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: y3nEvVoJIFolz/IEI2Hy15vXObdyjdAUilEju0pCt3o/txRR/DByJlhjLKi/BWBwRkeJnMQSlVP5IvfK1csWNIxndRtHushjPrTm1bkZ/LE=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS2PR07MB9122
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/ZnGzqIWOkpm_F6zaqAxxtReHpVg>
Subject: [TLS] Next steps for Large Record Sizes for TLS and DTLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2024 03:42:23 -0000

Hi,

My summary from the TLS WG session yesterday:

- Let’s adopt and figure out the final details later.
- Show performance data.
- Should be new extension, i.e., not used together with "record size limit".
- The new extension should redefine the meaning of the uint16 length field in the TLSCiphertext to allow records larger than 2^16 bytes.

Simple suggestion:

In the new extension the client and server negotiate an uint8 value n. Client suggest a value n_max. Server selects n where 0 <= n <= n_max or rejects the extension. Agreeing on a value n means:

- The length field in the record means 2^n * length bytes instead of length bytes. I.e., left shifted similar to the TCP window scale option.
- The client and server are willing to receive records of size 2^n * (2^16 - 1) bytes.
- Up to 2^n - 1 bytes of padding might be required.
- AEAD limits are reduced with a factor 2^(n+2).

Thought?

Cheers,
John Preuß Mattsson

From: internet-drafts@ietf.org <internet-drafts@ietf.org>
Date: Tuesday, 5 March 2024 at 06:16
To: John Mattsson <john.mattsson@ericsson.com>, Michael Tüxen <tuexen@fh-muenster.de>, Hannes Tschofenig <Hannes.Tschofenig@gmx.net>, Hannes Tschofenig <Hannes.Tschofenig@gmx.net>, John Mattsson <john.mattsson@ericsson.com>, Michael Tuexen <tuexen@fh-muenster.de>
Subject: New Version Notification for draft-mattsson-tls-super-jumbo-record-limit-02.txt
A new version of Internet-Draft
draft-mattsson-tls-super-jumbo-record-limit-02.txt has been successfully
submitted by John Preuß Mattsson and posted to the
IETF repository.

Name:     draft-mattsson-tls-super-jumbo-record-limit
Revision: 02
Title:    Large Record Sizes for TLS and DTLS
Date:     2024-03-04
Group:    Individual Submission
Pages:    6
URL:      https://www.ietf.org/archive/id/draft-mattsson-tls-super-jumbo-record-limit-02.txt
Status:   https://datatracker.ietf.org/doc/draft-mattsson-tls-super-jumbo-record-limit/
HTML:     https://www.ietf.org/archive/id/draft-mattsson-tls-super-jumbo-record-limit-02.html
HTMLized: https://datatracker.ietf.org/doc/html/draft-mattsson-tls-super-jumbo-record-limit
Diff:     https://author-tools.ietf.org/iddiff?url2=draft-mattsson-tls-super-jumbo-record-limit-02

Abstract:

   RFC 8449 defines a record size limit extension for TLS and DTLS
   allowing endpoints to negotiate a record size limit smaller than the
   protocol-defined maximum record size, which is around 2^14 bytes.
   This document specifies a TLS flag extension to be used in
   combination with the record size limit extension allowing endpoints
   to use a record size limit larger than the protocol-defined maximum
   record size, but not more than about 2^16 bytes.



The IETF Secretariat

v2.23.0 | Report a Bug | By Email