[TLS] Epochs for ACKs
Hanno Becker <Hanno.Becker@arm.com> Tue, 14 April 2020 08:13 UTC
Return-Path: <Hanno.Becker@arm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 472933A0408 for <tls@ietfa.amsl.com>; Tue, 14 Apr 2020 01:13:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=IsbIikfA; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=IsbIikfA
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9k5a7HEmAlET for <tls@ietfa.amsl.com>; Tue, 14 Apr 2020 01:13:31 -0700 (PDT)
Received: from EUR04-DB3-obe.outbound.protection.outlook.com (mail-eopbgr60071.outbound.protection.outlook.com [40.107.6.71]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 280E13A0404 for <tls@ietf.org>; Tue, 14 Apr 2020 01:13:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BofMFLTb2Z9xnoaUOem/+FEzyV2EahAaSa2ZljukZMg=; b=IsbIikfAZzGypzm9c9vxtY9Ym6EC8TZD0HS7OCOVXgJqc0rZLpxSvFjalPV2FWXiu0EXBKWNnlsNH4hbvO1ZfCE+8Rkb0i7z/te6Q72Is/QSFgRNSbjU3tmGLH9i8QUm0F4xKgAX6ud9tDApMBqOOIHgFbBbvpTxXSNwRlW38u0=
Received: from DB6PR07CA0173.eurprd07.prod.outlook.com (2603:10a6:6:43::27) by AM0PR08MB4388.eurprd08.prod.outlook.com (2603:10a6:208:13e::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2900.20; Tue, 14 Apr 2020 08:13:28 +0000
Received: from DB5EUR03FT045.eop-EUR03.prod.protection.outlook.com (2603:10a6:6:43:cafe::6) by DB6PR07CA0173.outlook.office365.com (2603:10a6:6:43::27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2921.12 via Frontend Transport; Tue, 14 Apr 2020 08:13:28 +0000
Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by DB5EUR03FT045.mail.protection.outlook.com (10.152.21.164) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2900.18 via Frontend Transport; Tue, 14 Apr 2020 08:13:27 +0000
Received: ("Tessian outbound 55454527ea3b:v50"); Tue, 14 Apr 2020 08:13:27 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: 8e8e6a6da40d2d06
X-CR-MTA-TID: 64aa7808
Received: from bbde79b6848b.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 50793117-F821-4DA0-8607-0EFBEA3EA6CA.1; Tue, 14 Apr 2020 08:13:22 +0000
Received: from EUR05-VI1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id bbde79b6848b.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Tue, 14 Apr 2020 08:13:22 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VwGiKRMfAzLuPAN+PXxrRRgM9X4PFChGaG4EQ0HNUbTkAfOD5l3LBRu5NP2bWjfS0Rn8qJlVBp7x0QMBVgTsXRuPDIw7n7QKUBnBC+kJ9I1Yitwb1tdeK2pcRqq4ltKuHBBoRobOHcyTDW0m+oSVItt0G+6tzDgQ8+pBoOnb1LFo5cL+TNmM8Lx0GeSY44y+T6bhQOeUbFkaCZVyEbXhb6IESkFBemGpMEQuy7tiw9u8CRZwNKNhGHzhsQaJPDcS0MVXR9IxX6lM4pyKci6F3LZ5g/CoBxst0rD52UcJukRfjQElpykYklE5gMvkMUvjwEusQ4ETQtdEbDvkD6mQHg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BofMFLTb2Z9xnoaUOem/+FEzyV2EahAaSa2ZljukZMg=; b=n9ZzvDSjHFkZFIFxuE847YNq8waSZedXa2m7r4JRgLprQ7efFRegP/7N2jdAhEiXr9cL25kRpGZ62YUm2ZcSPhsOdVGAZvMcF8L5NxyU/5YnF7eFwyNYjBkthexw+TVNSwwt4F5W9RdkvC7ioFyJZi2LiL0wAJByeXonx7TFubB98QWZZbYltpfSyrXM5lvCXN9DgjV5gp2CFskoT91naFE4X8E2Y7O5RD5tAM7LnUvUJJQ7mwywMPNePpEjmiYQ++sAe4h9mIO8ePE3fy+OEF3AJ+5jLC/WrqX9V4YldeeHkMouoTdDoKno4l7kD2MOUvJQfMW00aGKPLF97gaWqQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=BofMFLTb2Z9xnoaUOem/+FEzyV2EahAaSa2ZljukZMg=; b=IsbIikfAZzGypzm9c9vxtY9Ym6EC8TZD0HS7OCOVXgJqc0rZLpxSvFjalPV2FWXiu0EXBKWNnlsNH4hbvO1ZfCE+8Rkb0i7z/te6Q72Is/QSFgRNSbjU3tmGLH9i8QUm0F4xKgAX6ud9tDApMBqOOIHgFbBbvpTxXSNwRlW38u0=
Received: from AM6PR08MB3318.eurprd08.prod.outlook.com (2603:10a6:209:45::15) by AM6PR08MB5256.eurprd08.prod.outlook.com (2603:10a6:20b:e7::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2900.26; Tue, 14 Apr 2020 08:13:20 +0000
Received: from AM6PR08MB3318.eurprd08.prod.outlook.com ([fe80::1579:b7d9:f543:200d]) by AM6PR08MB3318.eurprd08.prod.outlook.com ([fe80::1579:b7d9:f543:200d%5]) with mapi id 15.20.2900.028; Tue, 14 Apr 2020 08:13:20 +0000
From: Hanno Becker <Hanno.Becker@arm.com>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] Epochs for ACKs
Thread-Index: AQHWEjKVvSYAqKGPhk+YiefphRO+/A==
Date: Tue, 14 Apr 2020 08:13:20 +0000
Message-ID: <AM6PR08MB331888C090D386EBC440A0A99BDA0@AM6PR08MB3318.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Hanno.Becker@arm.com;
x-originating-ip: [86.177.220.146]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 15d5fa0b-6aef-4499-4da3-08d7e04bb622
x-ms-traffictypediagnostic: AM6PR08MB5256:|AM0PR08MB4388:
X-Microsoft-Antispam-PRVS: <AM0PR08MB43888B43D4C579A7AC06CC2E9BDA0@AM0PR08MB4388.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:8882;OLM:10000;
x-forefront-prvs: 0373D94D15
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM6PR08MB3318.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(10009020)(4636009)(39860400002)(136003)(346002)(376002)(396003)(366004)(186003)(5660300002)(19627405001)(81156014)(6916009)(71200400001)(8676002)(86362001)(8936002)(2906002)(76116006)(52536014)(316002)(66946007)(478600001)(33656002)(55016002)(66446008)(64756008)(7696005)(66556008)(6506007)(9686003)(26005)(66476007); DIR:OUT; SFP:1101;
received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts)
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: yJGOVIIGdhqxtOCCDYsyRx1mi6d0P0tRs/qZF/ZNFW7HR2G4AE6JCh5TFX7RoSrlVUQut6+9Rfhl8DjyUvjZGSnix7dsrz/HUxKuBoRTppBiI0V4ona5udcLJSoaKOXBGNg7MX5kkM32iPmtChq9/vkZbkXhbxLa1QlH07bDV0oYp2tZYstdd70bRawhvpuQ1unQODN/1pxv010KM/QEWP5N84IWl9KI2BLjzp3l2wv1ilRbeVwUfkrJj6Uk0+TxaxxrorxEhny0XT5qIwNnpm/vmFe9sYPxH9glfkfuXk/UOSruZEC96by8z5wdGRhwfwQCCaLNVbcvWlN6J6NbTEflpSRisOv75Ps4OyNcb3Vh2ZSyr5fJnCexC/CHkx+qndhVxI6QWfL5gWzwuFRdEMz+ntQEU+DH5pCkWmF5Q+THuigkg8vLV/9As3iHsPMU
x-ms-exchange-antispam-messagedata: zvdFQPLIbSs5TN4jL7WFNiLxaAxMfNUqMwaC6IuIsJPvzJsXZz+QKWT2Ap9/s6469zG42UAvbKnXH4qS+gqrEmKSySY5xbDz6L27rVanhcfyqoMpyfWhDrZp532AdkJMvyxnENcY8NJfamtjYBreQQ==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_AM6PR08MB331888C090D386EBC440A0A99BDA0AM6PR08MB3318eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB5256
Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Hanno.Becker@arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: DB5EUR03FT045.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFTY:; SFS:(10009020)(4636009)(346002)(39860400002)(136003)(376002)(396003)(46966005)(33656002)(86362001)(478600001)(26826003)(186003)(26005)(7696005)(2906002)(70206006)(70586007)(336012)(6916009)(316002)(82740400003)(81156014)(6506007)(81166007)(55016002)(8936002)(47076004)(356005)(8676002)(19627405001)(5660300002)(52536014)(9686003); DIR:OUT; SFP:1101;
X-MS-Office365-Filtering-Correlation-Id-Prvs: 4381182b-20ef-4702-afd0-08d7e04bb1c0
X-Forefront-PRVS: 0373D94D15
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: tpWKKaXtn6kCe8gO8RSOLCcuPV2kyNUIc5biPHq0lPq4+Z3kubQNLQQijkbiSLo+8bukcpG0+1x4eaIFXsJB1c8rpVIk6hx7wCrqSFNZ53abGNqZ1wOdO5r4DeFP/Bri2aocbgEaTJBsBk+BLePVARNzjh+droMqrvOM+zM/kkptYmO6Wd0eNHkDPybJgUYLwOmTQZqxrkNGXfPo3WtPCwBkQFERHGfDDKN8sGGGCVwYprvL0IE7vWLr0I/AXIFwDvgZPNRzrHlytt5rvbQbqDwOCWwZMGFGzxmmfU1EZdtOgKadkBtued/K8x9ahAiBNVmi/rQPvlh9qifpiVMTUV2og8e7rCdz0Z/5b49Sun15c60CuGElSxOuaF+tB1e8MzxT39RmzQz56C5hSGE2JqLq6mIMp/cRthyFWkf4ywqCQQ1rvFWYvg8VOZ7Nkc14nyUEss8Wpp7hDIR1I6d5CMq4z49mXMpV7jiOAkJN33ecoOpmxY0OS4c5hCKrKiPuQrg7tqBD6NAoE+e/IGGY0g==
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 14 Apr 2020 08:13:27.8704 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 15d5fa0b-6aef-4499-4da3-08d7e04bb622
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB4388
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/DQ7B9vfe8n0EaRfw4jCvqZJZyfo>
Subject: [TLS] Epochs for ACKs
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 14 Apr 2020 08:13:33 -0000
Hi all, On ACK protection, DTLS 1.3 Draft 37 says in Section 7: ACK records MUST be sent with an epoch that is equal to or higher than the record which is being acknowledged. Implementations SHOULD simply use the current key. Since the update of incoming and outgoing keying material is independent, I don't know how this can be enforced: After a sequence of key updates, the incoming epoch might be 42 while the outgoing epoch is 17. What problems arise if one replaces the paragraph by the following: ACK records MUST be sent with the current key, irrespective of the epoch that is used to protect the record that is being acknowledged. It appears that the paragraph is particularly relevant for the case of ACKing a ServerHello, which as far as I understand shall happen with epoch 1. Since 'current key' doesn't appear unambiguously defined at the point of the client processing the ServerHello, it might be worth spelling out this case explicitly. Best, Hanno IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.
- [TLS] Epochs for ACKs Hanno Becker
- Re: [TLS] Epochs for ACKs Eric Rescorla
- Re: [TLS] Epochs for ACKs Hanno Becker