Re: [TLS] Updated DTLS draft
Martin Thomson <martin.thomson@gmail.com> Fri, 17 March 2017 00:04 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A1474129B7E for <tls@ietfa.amsl.com>; Thu, 16 Mar 2017 17:04:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DFfqencGlMDe for <tls@ietfa.amsl.com>; Thu, 16 Mar 2017 17:04:05 -0700 (PDT)
Received: from mail-qk0-x235.google.com (mail-qk0-x235.google.com [IPv6:2607:f8b0:400d:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 07004129B69 for <tls@ietf.org>; Thu, 16 Mar 2017 17:03:56 -0700 (PDT)
Received: by mail-qk0-x235.google.com with SMTP id 1so53150438qkl.3 for <tls@ietf.org>; Thu, 16 Mar 2017 17:03:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=MkMbhqO903xiTVyE6AVcixjLqpOH+KojuqHzT/FDJWc=; b=ksjIqR+SfQ34VzlPYmSiwOGmGir1zr/46o7pS1ckNmL2WxqiWkbx0g9YeHTfWEc5Eo RhmN6DF1WBE0swJLbILKHFkAPOb2/Vb5nHi5IVAA6McCSkVMqvYtVIP2endP8UYi67o6 8Oadn2oQ1j28BNOtB1Vp0pZXiYzkgNybfL9HedwzD7gDpy84fHNcY2lfFsa/l6e1xigN LGPzCwnUXrH2j0PPDm7tsNANNFnsfkC7wL4nC62LhFtloVHSmAJw7bnUDPvru+/uULwo e2p7xVAbY2NjKBTutTQtyL2BOFfE9aPob0YZyNRgimUqNuUsLtg6k03gNXkN4AmU/Ptw ZeFQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=MkMbhqO903xiTVyE6AVcixjLqpOH+KojuqHzT/FDJWc=; b=RDaO6UFKFa3/jTK9Mtm5QDUyID9+mqdr5WG1OePMLGB3DzQ1Gnvq8AgmfDku9cvIb0 DjbDihZ2RXQm4tSadSsEoqkLC+Kd+c3bu/PwcAx9o90AFUy4mT0SBfU4o7bYM6MJYgf7 Fxfw8H/+xRPO1z9se5EB8xjse3z01XClucL6tvnJ/BgUQ5iMQyEjQEiIozLXdPTSWdzg pYT2l0/0dqQJzv2+KYg05Ax3k6TorMvyuUtdE3E4e1hZAIe5mLuGzN4lDpbDF7fGNw0G 7QVtfJH/d/rtuMneutV9cq9djdjFpC9P3fvFm45OEqBpjh6kne9mUxbMo67TqUbOxIaK SYrQ==
X-Gm-Message-State: AFeK/H0drrtOVBDgqgYO5zgX8QfstEEWzPH37eGauhMgVElJca167N80iNf9Fv4hMcYkSu8rubUs1FGrJf7I1g==
X-Received: by 10.55.122.134 with SMTP id v128mr9099843qkc.115.1489709035232; Thu, 16 Mar 2017 17:03:55 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.140.27.194 with HTTP; Thu, 16 Mar 2017 17:03:54 -0700 (PDT)
In-Reply-To: <CAMoSCWbtzm49uyg8qTgEnhcRox5Bx4vi=rQ56GcDG9fj_RmL8w@mail.gmail.com>
References: <CABcZeBPjry16=zpwajosiKtiA3ADeFsgZdkN+cFBdg6iTjQrfQ@mail.gmail.com> <CAMoSCWbtzm49uyg8qTgEnhcRox5Bx4vi=rQ56GcDG9fj_RmL8w@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Fri, 17 Mar 2017 11:03:54 +1100
Message-ID: <CABkgnnVEPstEUMfh1umbS8=10ubei9Ka22H6uuBjcGvR_rwpfA@mail.gmail.com>
To: Matt Caswell <frodo@baggins.org>
Cc: Eric Rescorla <ekr@rtfm.com>, "tls@ietf.org" <tls@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/dFS8tRutMdzfMrEbvV0pnaMogow>
Subject: Re: [TLS] Updated DTLS draft
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 17 Mar 2017 00:04:08 -0000
On 17 March 2017 at 10:58, Matt Caswell <frodo@baggins.org> wrote: > In DTLS1.3 the cookie is now (potentially) much larger and appears much later in > the ClientHello, making it much more likely that it will not fall > fully within the > first fragment. This could mean a fully stateless solution is impossible. I think that it is feasible to simply require that ClientHello be contained in a single datagram. QUIC does this and when we did the sums it wasn't completely unreasonable, even assuming several key shares and a big-ish cookie. And then we made it possible to make the cookie even smaller in -19. That assumes that you are willing to assume a 1k MTU, which I know IPv4 doesn't guarantee. I'd be OK with adding a caveat on that point in the form of "Consequently, DTLS might not work with a small MTU".
- [TLS] Updated DTLS draft Eric Rescorla
- Re: [TLS] Updated DTLS draft Matt Caswell
- Re: [TLS] Updated DTLS draft Martin Thomson
- Re: [TLS] Updated DTLS draft Matt Caswell
- Re: [TLS] Updated DTLS draft Eric Rescorla
- Re: [TLS] Updated DTLS draft Ilari Liusvaara
- Re: [TLS] Updated DTLS draft Martin Thomson