Re: [TLS] HELLO_VERIFY_REQUEST during abbreviated handshake (session resumption)

Eric Rescorla <ekr@rtfm.com> Tue, 16 October 2018 20:19 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB736130E3D for <tls@ietfa.amsl.com>; Tue, 16 Oct 2018 13:19:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kkR7u7CxouRD for <tls@ietfa.amsl.com>; Tue, 16 Oct 2018 13:19:06 -0700 (PDT)
Received: from mail-lf1-x12f.google.com (mail-lf1-x12f.google.com [IPv6:2a00:1450:4864:20::12f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 87FB0130E1F for <tls@ietf.org>; Tue, 16 Oct 2018 13:19:06 -0700 (PDT)
Received: by mail-lf1-x12f.google.com with SMTP id y10-v6so18026845lfj.1 for <tls@ietf.org>; Tue, 16 Oct 2018 13:19:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=i9DZ+xs072mM3gnxVMtQ6mElaFqc0dDRkhV8mrkwwTM=; b=q3Es9pYZTgCyeN76SU3ddnaCPetJUwwv91/u6ExJezFz71tN18svc4T0DELTvZcE2j +8DQWdPV9l04xKLrK0wGGRSMzT3I+QtRBITUuyEJTjeWo3Vtv51SK5XF7iUlZp65K0KI 4Mm1u+EvfsG/3hJG9j0mhlqVr2Z9bN5OiCBup0MBSUXLUQf8uTHjHVfjDLKyTbCfkt4v PyKH/fJAtC5sku9dGxDfJPRBerGu7+/lAyGuyI8GKm6r+u9YMVa1paHImzbHWmkc6raK fXo5d2L0RyglFUL9B4yPB/A0g1dbjILiUNziQPGFojnbPr3LiBTA2XnScSUZ+8QE+gMm vVQA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=i9DZ+xs072mM3gnxVMtQ6mElaFqc0dDRkhV8mrkwwTM=; b=NxhakBz6OEziu6NMEbVw4XwoweSTOZ3KxooLJAKAa9rAH7kV1767O4T8IyXfVPosJC bJJAaIU6dLtY1SODKffcg8i/NSiv0Di3gug5scDyD/dnqwy83Uwdfzru8j5gvBbRkQE2 fHs8BEU6VBJXrCk7tkATxBWIk/UUcNtbU4mVsIpcm4U0xfVCGm2lisa2FmBt7ZyTgxYD siT88do0OZ9lWjDlTFn4cVKMTQpnhV8xreoqBHC0pSG+AeP0o1KD2ThEND1nWt4YhOS+ 1FO36f8sh+nw6qEAWxaAQAb6ucinrafOtMMvNPEP/z+5V0umNTwLw254MaCZZcSiiDvw yqHg==
X-Gm-Message-State: ABuFfoigWD2uRNtWgmWq9y6cDVhVo9xu3ZajFJwF/68s7EgNm4TkYi/2 W1flA9QNi6HR5fbemTUKsSp/fYaajTCJB/dpwVQ9CgtR
X-Google-Smtp-Source: ACcGV60MHoyc6jp5lD05pskxUIQzS81jXE7ykA0BQWwg2QSprRaPodI4Yy5ipwtt3HmVlteoxV0rZ+c6I9G3vOrUxaQ=
X-Received: by 2002:a19:5a05:: with SMTP id o5mr2003450lfb.140.1539721144565; Tue, 16 Oct 2018 13:19:04 -0700 (PDT)
MIME-Version: 1.0
References: <6bab54cd-e903-ac3e-a186-077458a2d652@simonbernard.eu>
In-Reply-To: <6bab54cd-e903-ac3e-a186-077458a2d652@simonbernard.eu>
From: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 16 Oct 2018 13:18:27 -0700
Message-ID: <CABcZeBP3U43xy8z7GryVLsioJ4Du+32ajSUQrOxAjqySHTQP3Q@mail.gmail.com>
To: Simon Bernard <contact@simonbernard.eu>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000e015e405785e4305"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/_M1VbGXvB3JwpXF49LPDh8W6Pjg>
Subject: Re: [TLS] HELLO_VERIFY_REQUEST during abbreviated handshake (session resumption)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Oct 2018 20:19:09 -0000

Hi Simon,

I don't think we specified a concrete recommendation, but I think the
answer is probably no. The reason is that:

(a) a resumed handshake is very cheap, so it's not really saving CPU
(b) the server's first flight is small in resumption, so amplification
isn't much of an issue.

Maybe I'm missing something though.

-Ekr




On Wed, Oct 3, 2018 at 7:05 AM Simon Bernard <contact@simonbernard.eu>;
wrote:

> Hi,
>
>     In DTLS 1.2 over UDP, I would like to know what is the
> recommendation about using HELLO_VERIFY_REQUEST during an abbreviated
> handshake.
>
>     Should we send it all the time ? or could we avoid to send it if
> SESSION ID is known ?
>
> Thx,
>
>
> Simon
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>