IETF Logo Mail Archive

[TLS] Connection ID in TLS

John Mattsson <john.mattsson@ericsson.com> Tue, 20 March 2018 16:38 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D566F1270A7 for <tls@ietfa.amsl.com>; Tue, 20 Mar 2018 09:38:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.679
X-Spam-Level:
X-Spam-Status: No, score=0.679 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, GB_SUMOF=5, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com header.b=T1R6g9sf; dkim=pass (1024-bit key) header.d=ericsson.com header.b=P9odunyu
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GfKXMDzddlc6 for <tls@ietfa.amsl.com>; Tue, 20 Mar 2018 09:38:40 -0700 (PDT)
Received: from sesbmg22.ericsson.net (sesbmg22.ericsson.net [193.180.251.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1FD05127601 for <TLS@ietf.org>; Tue, 20 Mar 2018 09:38:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/simple; q=dns/txt; i=@ericsson.com; t=1521563918; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=55yFOyRlz/7re/N5d5Fkn6gBdpdplU8NhfBzbLWlufQ=; b=T1R6g9sftJJW7YwTNlen9SSWj3JiD3FnORBvMCJAs+XIuyZBb4wWl0f+xjaD/lRk 21bqijyrFOhizQyrKfo+dp2O0InH8vimq5LrZWVMgigBLFcL/fp9TGckD186yVVk G/GY7b1X9GHxAJkMQWSof9aac6LMsLBdlqnn6myiXuo=;
X-AuditID: c1b4fb30-6ebff7000000095a-05-5ab1390e1927
Received: from ESESSHC003.ericsson.se (Unknown_Domain [153.88.183.27]) by sesbmg22.ericsson.net (Symantec Mail Security) with SMTP id A7.EC.02394.E0931BA5; Tue, 20 Mar 2018 17:38:38 +0100 (CET)
Received: from ESESSMB505.ericsson.se (153.88.183.166) by ESESSHC003.ericsson.se (153.88.183.27) with Microsoft SMTP Server (TLS) id 14.3.382.0; Tue, 20 Mar 2018 17:38:37 +0100
Received: from ESESBMB504.ericsson.se (153.88.183.171) by ESESSMB505.ericsson.se (153.88.183.166) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1034.26; Tue, 20 Mar 2018 17:38:37 +0100
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (153.88.183.157) by ESESBMB504.ericsson.se (153.88.183.171) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1034.26 via Frontend Transport; Tue, 20 Mar 2018 17:38:37 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=55yFOyRlz/7re/N5d5Fkn6gBdpdplU8NhfBzbLWlufQ=; b=P9odunyu4TAynMsAUtk8HtdBUjMKBMFnJ3snYmmkVSU2ftKtl4meWIdNgRt4Q0oMR8hDTlRkH/OHp3+tm3vD01twHVEBvZd+Uarvk0ygPzWUsVONIfPFkRs33c/1sI6/5H/31JLIPhZgI6QtTGitJXEdavagI6wwXZvLnyMfbMM=
Received: from HE1PR0701MB2011.eurprd07.prod.outlook.com (10.167.189.149) by HE1PR0701MB2187.eurprd07.prod.outlook.com (10.168.36.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.609.6; Tue, 20 Mar 2018 16:38:36 +0000
Received: from HE1PR0701MB2011.eurprd07.prod.outlook.com ([fe80::7d80:1860:283c:5ef2]) by HE1PR0701MB2011.eurprd07.prod.outlook.com ([fe80::7d80:1860:283c:5ef2%3]) with mapi id 15.20.0609.009; Tue, 20 Mar 2018 16:38:36 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: "TLS@ietf.org" <TLS@ietf.org>
Thread-Topic: Connection ID in TLS
Thread-Index: AQHTwGnkwvAZxp1gyEKT8PsOGHiqCg==
Date: Tue, 20 Mar 2018 16:38:36 +0000
Message-ID: <1C32782E-02E4-4743-9E26-E5C0593C1BCF@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.a.0.180210
authentication-results: spf=none (sender IP is ) smtp.mailfrom=john.mattsson@ericsson.com;
x-originating-ip: [80.5.95.90]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; HE1PR0701MB2187; 7:gGlnqSl1rTWl0DlAf+bURBXh7oJuprF0WdVO7KEBWG0YBYczOip6U+uNPJWZdo6fC0+/BD0kwln6JQSHpPDuTcpSMZgfG+ZNDmeL7SfDO3E1nStRcHgHPUUuNm07+RJFxEg8p52c0OodyiHeHk8dTospEew/JWhyiZAt83FivWnPUvoQNLav23y1OtEl+VWgkCen3n+kFFnUsUooasBZm+JgDhr8YpzYEk2G4ZDObAQFuAJOmLcAJRBPHikW6Dib
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 490b2e26-265d-4623-e65e-08d58e810736
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:HE1PR0701MB2187;
x-ms-traffictypediagnostic: HE1PR0701MB2187:
x-microsoft-antispam-prvs: <HE1PR0701MB218734F50908DFAF1330479889AB0@HE1PR0701MB2187.eurprd07.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(192374486261705);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(93006095)(93001095)(3231221)(944501244)(52105095)(10201501046)(6041310)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123562045)(20161123558120)(6072148)(201708071742011); SRVR:HE1PR0701MB2187; BCL:0; PCL:0; RULEID:; SRVR:HE1PR0701MB2187;
x-forefront-prvs: 061725F016
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(376002)(366004)(39860400002)(346002)(39380400002)(199004)(189003)(97736004)(6512007)(68736007)(5640700003)(7736002)(26005)(3480700004)(305945005)(81166006)(5250100002)(6306002)(8936002)(5660300001)(2501003)(25786009)(102836004)(6506007)(66066001)(14454004)(551984002)(186003)(83716003)(86362001)(59450400001)(106356001)(6486002)(966005)(478600001)(3846002)(6916009)(2351001)(82746002)(33656002)(8676002)(6436002)(3660700001)(2900100001)(58126008)(36756003)(99286004)(53936002)(3280700002)(81156014)(316002)(6116002)(2906002)(105586002); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR0701MB2187; H:HE1PR0701MB2011.eurprd07.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: PJUx9rgyPTRkzEgOuaozPTThSgNOemb4w2QLYbvHC+Q0GZZuX9vEIJCBNjr9wgoD0Vay1eXrpM/I6Uhe6bB0eCj2CYlZwCrqAQba1hfI+v2cg0xgw4+3ZWoZcJF4qdYLYZt8+hHpcwyhyPmEloeq+wSqwfSuCLw2chIIR8FJoVFZp1c1JQIX3B1RH8derrOxBfshlWxMHMSCL6Xt4tJKbRjIui51XZwt6s66+q2ug8b98ZjvCpW1C6Tw5Zbr+/B/mFvXz0oNnL5rYoP3aowLoanGV9rmvw1U43zhpxDedovXkSPwBR02ln4IXt1uk+BBYUXhqNc3Vuda5ZGHvKNVTw==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-ID: <2F2F845415F9A849A89FC1A75C3D384E@eurprd07.prod.outlook.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 490b2e26-265d-4623-e65e-08d58e810736
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Mar 2018 16:38:36.4663 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0701MB2187
X-OriginatorOrg: ericsson.com
X-Brightmail-Tracker: H4sIAAAAAAAAA02Sa0iTYRTHe96LezeaPU5tJ81si8AydYmS0k3LQD8E+SETI3Ll6wV12rZG GoQhFk1JC3VMy5WsrChyeU2H4sKmkq1CTCWK0C5Ls9gqE8Xa62vQt985/3P+5xw4DCm5SAcw OSotq1Yp8+ReIsqY2hEY5h1rSVP8WgyIcTn0KA4lms3zxCGUJtqVwebl6Fh1xJ50UXbV9TlU 2Co8c8X5li5B1UI9EjKAo6BqdJTUIxEjwU8Q9LT3e/FBK4LKjgcUVyXBcwi+tYXywi0Cpo3N BBdQ2EVAzchTmldqCJiv1K8EHxE0/H4h4Pq9sAKuW0s8xgzjh2XgcudyaV8cBM43LYhjPywH l3FphcPhUrNleTSFN0NjrWOZxXgv9DQPEBwjvBbmhu4vM4mlMDFlIviDMJitDpJnf3BOLtEc +3s8S12vBXzvMSgrM9B8zQYY/nDVi+cgeGUqR9z+gNsJKGtoQrwQBt9rakhuf8AHobLCh68Z QlD2+cuK0TaoLZ0W8FwA1pszK6Y7wfm8m+Yb7pJQb1+geGE9GCoMVBVS1P13RJ1nBom3wMOu CD6dCCO9bgHPMqguf7/MYuwDg8Yp6gai7yF/Das5kZ8VGRnOqnNOajQFqnAVq32EPO/R17qg 6ETOT/E2hBkkXy3WySxpElqp0xTl2xAwpNxPnLPRkxJnKIuKWXXBcfXpPFZjQ4EMJZeKB5PE aRKcpdSyuSxbyKr/qQQjDChBO2KOnMscf5lkiEqVHp0ZGwuZjLUkVMfZbfs6Z8/+qHYqnO7E FFOGfWLNYW/t47ZeQVyj+VlL952B5OjekEm33Xuc7kpJmK39eTnYcOq2y7Hpa3r5XHL9uqlu 05/z+w9USJWS4Mx+30yfRZMuvq9P2xHdtMpdPHxhd1vou2sys1VOabKV27eSao3yLxQDSeEa AwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/bIzVJsCJlRb3z6c1iXLvJd9mzoI>
Subject: [TLS] Connection ID in TLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Mar 2018 16:38:42 -0000

I think Connection ID is an important enabler for end-to-end security with (D)TLS. There seems to be important use cases for connection ID in TLS as well, see https://www.ietf.org/mailman/listinfo/atlas. At the Monday afternoon TLS session, it was stated that Connection ID in TLS was unemployable in the wild due to middleboxes. Couldn't that be solved by placing the cid field after the length field? E.g.

   struct {
      ContentType opaque_type = application_data; /* 23 */
      ProtocolVersion legacy_record_version = 0x0303; /* TLS v1.2 */
      uint16 length;
      opaque cid[cid_length];               // New field
      opaque encrypted_record[TLSCiphertext.length];
   } TLSCiphertext;

   length  The sum of cid_length and TLSCiphertext.length

(Also draft-ietf-tls-dtls-connection-id-00 says obsoletes RFC6347, should be updates).

Cheers,
John

v2.23.0 | Report a Bug | By Email