Re: [TLS] draft-kinnear-tls-client-net-address comments
Tommy Pauly <tpauly@apple.com> Wed, 20 March 2019 13:59 UTC
Return-Path: <tpauly@apple.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 608AE1294B6 for <tls@ietfa.amsl.com>; Wed, 20 Mar 2019 06:59:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Level:
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=apple.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2M4OrHBgqo90 for <tls@ietfa.amsl.com>; Wed, 20 Mar 2019 06:59:57 -0700 (PDT)
Received: from ma1-aaemail-dr-lapp03.apple.com (ma1-aaemail-dr-lapp03.apple.com [17.171.2.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5825B12787F for <tls@ietf.org>; Wed, 20 Mar 2019 06:59:57 -0700 (PDT)
Received: from pps.filterd (ma1-aaemail-dr-lapp03.apple.com [127.0.0.1]) by ma1-aaemail-dr-lapp03.apple.com (8.16.0.27/8.16.0.27) with SMTP id x2KDuLJb025595; Wed, 20 Mar 2019 06:59:56 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=apple.com; h=mime-version : content-transfer-encoding : content-type : sender : subject : from : in-reply-to : date : cc : message-id : references : to; s=20180706; bh=yxsinzZz2rUrZCKy4Qab3iMhFElyPhorhAYpJJun5h4=; b=UfexX86u9ZNTfb2Tkwkk7I2skM72hM9DjrdiXaHoWG6DDIKP0rtj5jL6/JTgq+F2oc1V ns0oyohrvJk8sZ23ZcnqxbPPqCZ9rlvbW9603zfGUUSrXUsSD5SO7nXvMw31dfm5+tjl XFKawtgbUi2vp51Ll4Hwsi7C/KB58aNV+JYnVnKbfkH6VDZj9Px5m3zDgrK8Q5HBo/XM OuFI0HOSgFwDBt0GZIsGyIHZFDz1zq7ihwfxlRgbiPTnZD8qNC60eREDojMlAFYA1iUX mvQ7iD6oawaolxMEz2kdLU0WIZSrESPUVXSeVPOl1pz79AhuCQfSAuKELQJiwGVfkaxi WQ==
Received: from mr2-mtap-s01.rno.apple.com (mr2-mtap-s01.rno.apple.com [17.179.226.133]) by ma1-aaemail-dr-lapp03.apple.com with ESMTP id 2rb98ypjum-3 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Wed, 20 Mar 2019 06:59:56 -0700
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: text/plain; CHARSET="US-ASCII"
Received: from nwk-mmpp-sz10.apple.com (nwk-mmpp-sz10.apple.com [17.128.115.122]) by mr2-mtap-s01.rno.apple.com (Oracle Communications Messaging Server 8.0.2.3.20181024 64bit (built Oct 24 2018)) with ESMTPS id <0POO000EV47VPRD0@mr2-mtap-s01.rno.apple.com>; Wed, 20 Mar 2019 06:59:55 -0700 (PDT)
Received: from process_milters-daemon.nwk-mmpp-sz10.apple.com by nwk-mmpp-sz10.apple.com (Oracle Communications Messaging Server 8.0.2.3.20181024 64bit (built Oct 24 2018)) id <0POO0090044GV300@nwk-mmpp-sz10.apple.com>; Wed, 20 Mar 2019 06:59:55 -0700 (PDT)
X-Va-A:
X-Va-T-CD: c23d783ab285e2e2724c3baee78f3ad6
X-Va-E-CD: 8f866e1c8d145ca5d35e186f96af3199
X-Va-R-CD: d0201f1c82318b49b5effd21a8af2f5d
X-Va-CD: 0
X-Va-ID: e3f20d67-1635-45e4-ab40-044e80462da1
X-V-A:
X-V-T-CD: 01a37c4388be431533d60b3d58eeb299
X-V-E-CD: 8f866e1c8d145ca5d35e186f96af3199
X-V-R-CD: d0201f1c82318b49b5effd21a8af2f5d
X-V-CD: 0
X-V-ID: 9baa0fbc-b6c3-4237-9baf-86b06c857ac8
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-03-20_08:,, signatures=0
Received: from [17.234.16.117] (unknown [17.234.16.117]) by nwk-mmpp-sz10.apple.com (Oracle Communications Messaging Server 8.0.2.3.20181024 64bit (built Oct 24 2018)) with ESMTPSA id <0POO004G047VNS60@nwk-mmpp-sz10.apple.com>; Wed, 20 Mar 2019 06:59:55 -0700 (PDT)
Sender: tpauly@apple.com
From: Tommy Pauly <tpauly@apple.com>
X-Mailer: iPhone Mail (16E216)
In-reply-to: <6c010eff-d2cf-4438-956f-c4ec29ce97e5@www.fastmail.com>
Date: Wed, 20 Mar 2019 06:59:55 -0700
Cc: tls@ietf.org
Message-id: <427D0B01-B96F-46A5-B990-46FE14801BBE@apple.com>
References: <6c010eff-d2cf-4438-956f-c4ec29ce97e5@www.fastmail.com>
To: Martin Thomson <mt@lowentropy.net>
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-03-20_08:, , signatures=0
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/ddB1GuUc1jFNQcsVfzzokODpCw8>
Subject: Re: [TLS] draft-kinnear-tls-client-net-address comments
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2019 14:00:00 -0000
The QUIC and TLS drafts were written together, and are quite similar as you note. The intention is to use the TLS extension over TLS/TCP connections, and the QUIC extension for QUIC/UDP. I agree that QUIC as a protocol benefits more from the extension than TLS does, but applications on top of both can benefit by detecting NATs, for making decisions about long-lived connections and privacy mitigations. Thanks, Tommy > On Mar 20, 2019, at 2:26 AM, Martin Thomson <mt@lowentropy.net> wrote: > > I see a substantially similar draft in draft-pauly-quic-address-extension. I'd like to understand how these might be complementary, or whether the idea is to pursue only one. The QUIC extension seems superior, if you have QUIC. There are a lot more plausible reasons to want this information in QUIC though. > > Nits: > > The format of the extension is not ideal. Wouldn't you want to know which family it came from? I think the intention was to use the length to infer the family. > > The term of art is reflexive address (or reflected address). Thanks, good to know! > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] draft-kinnear-tls-client-net-address commen… Martin Thomson
- Re: [TLS] draft-kinnear-tls-client-net-address co… Tommy Pauly
- Re: [TLS] draft-kinnear-tls-client-net-address co… Ilari Liusvaara
- Re: [TLS] draft-kinnear-tls-client-net-address co… Chris Wood
- Re: [TLS] draft-kinnear-tls-client-net-address co… Stephen Farrell
- Re: [TLS] draft-kinnear-tls-client-net-address co… Jim Schaad
- Re: [TLS] draft-kinnear-tls-client-net-address co… Dan Wing