Re: [TLS] record layer limits of TLS1.3
Nikos Mavrogiannopoulos <nmav@redhat.com> Wed, 23 November 2016 08:30 UTC
Return-Path: <nmav@redhat.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 46E41129635 for <tls@ietfa.amsl.com>; Wed, 23 Nov 2016 00:30:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.399
X-Spam-Level:
X-Spam-Status: No, score=-8.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-1.497, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ziMTL8raDDTw for <tls@ietfa.amsl.com>; Wed, 23 Nov 2016 00:30:09 -0800 (PST)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 46B8E129599 for <tls@ietf.org>; Wed, 23 Nov 2016 00:30:09 -0800 (PST)
Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id DAFEF80F93; Wed, 23 Nov 2016 08:30:08 +0000 (UTC)
Received: from dhcp-10-40-1-102.brq.redhat.com ([10.40.2.184]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id uAN8U6f7004766 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 23 Nov 2016 03:30:08 -0500
Message-ID: <1479889806.2563.15.camel@redhat.com>
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
To: Yoav Nir <ynir.ietf@gmail.com>
Date: Wed, 23 Nov 2016 09:30:06 +0100
In-Reply-To: <B9F508E0-76F0-4252-AA24-38E3205F8BA9@gmail.com>
References: <1479884799.2563.3.camel@redhat.com> <B9F508E0-76F0-4252-AA24-38E3205F8BA9@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Mime-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Wed, 23 Nov 2016 08:30:08 +0000 (UTC)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/aZrse1H_LFHHYgHzvWYBIfp9MqU>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] record layer limits of TLS1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Nov 2016 08:30:10 -0000
On Wed, 2016-11-23 at 10:05 +0200, Yoav Nir wrote: > Hi, Nikos > > On 23 Nov 2016, at 9:06, Nikos Mavrogiannopoulos <nmav@redhat.com> > wrote: > > > > > Hi, > > Up to the current draft of TLS1.3 the record layer is restricted > > to > > sending 2^14 or less. Is the 2^14 number something we want to > > preserve? > > 16kb used to be a lot, but today if one wants to do fast data > > transfers > > most likely he would prefer to use larger blocks. Given that the > > length > > field allows for sizes up to 2^16, shouldn't the draft allow for > > 2^16- > > 1024 as maximum? > > I am not opposed to this, but looking at real browsers and servers, > we see that they tend to set the size of records to fit IP packets. IP packets can carry up to 64kb of data. I believe you may be referring to ethernet MTU sizes. That to my understanding is a way to reduce latency in contrast to cpu costs. An increase to packet size targets bandwidth rather than latency (speed). > The gains from increasing the size of records from the ~1460 bytes > that fit in a packet to nearly 64KB are not all that great, and the > gains from increasing records from 16 KB to 64KB are almost > negligible. At that size the block encryption dominates the CPU time. Do you have measurements to support that? I'm quite surprized by such a general statement because packetization itself is a non-negligible cost especially when encryption is fast (i.e., in most modern CPUs with dedicated instructions). regards, Nikos
- [TLS] record layer limits of TLS1.3 Nikos Mavrogiannopoulos
- Re: [TLS] record layer limits of TLS1.3 Yoav Nir
- Re: [TLS] record layer limits of TLS1.3 Nikos Mavrogiannopoulos
- Re: [TLS] record layer limits of TLS1.3 Judson Wilson
- Re: [TLS] record layer limits of TLS1.3 Nikos Mavrogiannopoulos
- Re: [TLS] record layer limits of TLS1.3 Judson Wilson
- Re: [TLS] record layer limits of TLS1.3 Yoav Nir
- Re: [TLS] record layer limits of TLS1.3 Nikos Mavrogiannopoulos
- Re: [TLS] record layer limits of TLS1.3 Michael Tuexen
- Re: [TLS] record layer limits of TLS1.3 Jeremy Harris
- Re: [TLS] record layer limits of TLS1.3 Watson Ladd
- Re: [TLS] record layer limits of TLS1.3 Hubert Kario
- Re: [TLS] record layer limits of TLS1.3 Yoav Nir
- Re: [TLS] record layer limits of TLS1.3 Vlad Krasnov
- Re: [TLS] record layer limits of TLS1.3 Jeremy Harris
- Re: [TLS] record layer limits of TLS1.3 Benjamin Kaduk