Return-Path: X-Original-To: tls@ietfa.amsl.com Delivered-To: tls@ietfa.amsl.com Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3B01E3A1587 for ; Wed, 22 Apr 2020 23:49:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=bv4q503u; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=bv4q503u Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kAccKNacabQN for ; Wed, 22 Apr 2020 23:49:56 -0700 (PDT) Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00043.outbound.protection.outlook.com [40.107.0.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D0753A1584 for ; Wed, 22 Apr 2020 23:49:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=29YfAIx+eLefcC6lbZ8EfbHm3Aw3oH841OvtJKqZP+4=; b=bv4q503u1BLTQ9q3vJQnemoBy5qlnzOXOSsuhr0jf1Z5pDQfZMToXHHaiJg5Lv6r8lQbAmrhqmIoIAfDdTpBwEB8UvP4J0saOLgAcK8FnFoC4ciALfwoTWMY2XhDFSpIsq7lfLzYmK+mG/u5g0af87Ul2qX1y1P3m8nBmi8ZfBc= Received: from AM6P193CA0069.EURP193.PROD.OUTLOOK.COM (2603:10a6:209:8e::46) by AM0PR08MB4180.eurprd08.prod.outlook.com (2603:10a6:208:12d::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2937.13; Thu, 23 Apr 2020 06:49:52 +0000 Received: from VE1EUR03FT037.eop-EUR03.prod.protection.outlook.com (2603:10a6:209:8e:cafe::bc) by AM6P193CA0069.outlook.office365.com (2603:10a6:209:8e::46) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2937.13 via Frontend Transport; Thu, 23 Apr 2020 06:49:52 +0000 Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by VE1EUR03FT037.mail.protection.outlook.com (10.152.19.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2937.19 via Frontend Transport; Thu, 23 Apr 2020 06:49:52 +0000 Received: ("Tessian outbound 3a3e6dcbad0e:v53"); Thu, 23 Apr 2020 06:49:51 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: 6730849d6fef137d X-CR-MTA-TID: 64aa7808 Received: from af7dabb82c06.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 3B505821-00EF-47AE-89EC-870F9C63AA20.1; Thu, 23 Apr 2020 06:49:46 +0000 Received: from EUR01-VE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id af7dabb82c06.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Thu, 23 Apr 2020 06:49:46 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GGsabEx4VB5xmjhTj21AdpYy4CTqjn3j0WXwFJjof8V112xSGvW3MFNToznmfAdL0GZ7YNZz8O2mZ/zpreHJuqoPXNMkOegTBCI482J2vcL48mbI7rLuNLrV+chuo0Qpp8vhJK5o7eGb4GlJXcm0CSngvox96wnusm41r4pqCfCU6VnJb1rZTNiG5e9o8CDg5xZt8BEm3v8GySnonxnVV4LDQWf6iL2U3P5fC8ROG1uhuzAn8Qa1sFkZelQzTCYdf1iy5e+gJrS7Xn24G9nwzmxWXoaQcYSW3lwX9nEedqysiDty/rsSyvqXLv71y5SieHgFqMo+5d6L3rIUYlwaGA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=29YfAIx+eLefcC6lbZ8EfbHm3Aw3oH841OvtJKqZP+4=; b=XrxB6Z4SwxmRQLtX2KcPB5/5qhvANtN0nrmVLxFZZxlVXn0dMmAYFuCwhwdJXofbOw1wHu1vLwKaC9eFdHTbAT9sx8oXu/T7sJhg7Zh5PBLhN03h61lW+WMIOhcStmDdyPdLB4GNLe2fUAdDUF0HmJqFRptzD8+YVHliYzrbjDLeoP4OKeR37L6khaCfQi/VclHLGDkIXlPH9Iyxg5XxQuxNYoCxOmum8xiE1ERwL80SZZpSVMrJCS7G+J4vCIE7AVrybOZ21k/13nBsz7kW87DqFswLCqeX9IMhd4KhhmNtcDWmL7QFm92H8runT6H7sXhPH3y7VPBNdTIsb+Cs4w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=29YfAIx+eLefcC6lbZ8EfbHm3Aw3oH841OvtJKqZP+4=; b=bv4q503u1BLTQ9q3vJQnemoBy5qlnzOXOSsuhr0jf1Z5pDQfZMToXHHaiJg5Lv6r8lQbAmrhqmIoIAfDdTpBwEB8UvP4J0saOLgAcK8FnFoC4ciALfwoTWMY2XhDFSpIsq7lfLzYmK+mG/u5g0af87Ul2qX1y1P3m8nBmi8ZfBc= Received: from AM6PR08MB3318.eurprd08.prod.outlook.com (2603:10a6:209:45::15) by AM6PR08MB4949.eurprd08.prod.outlook.com (2603:10a6:20b:ee::25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2937.13; Thu, 23 Apr 2020 06:49:44 +0000 Received: from AM6PR08MB3318.eurprd08.prod.outlook.com ([fe80::1579:b7d9:f543:200d]) by AM6PR08MB3318.eurprd08.prod.outlook.com ([fe80::1579:b7d9:f543:200d%5]) with mapi id 15.20.2937.012; Thu, 23 Apr 2020 06:49:44 +0000 From: Hanno Becker To: Christopher Wood , "tls@ietf.org" Thread-Topic: [TLS] On the two types of ACKs in DTLS 1.3 Thread-Index: AQHWCa+c/6zqL3NX202z6YHPiVC69KiF6cOAgAB387Q= Date: Thu, 23 Apr 2020 06:49:44 +0000 Message-ID: References: , In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: Authentication-Results-Original: spf=none (sender IP is ) smtp.mailfrom=Hanno.Becker@arm.com; x-originating-ip: [86.177.220.146] x-ms-publictraffictype: Email X-MS-Office365-Filtering-HT: Tenant X-MS-Office365-Filtering-Correlation-Id: 753a8e44-5346-4b63-9307-08d7e7528655 x-ms-traffictypediagnostic: AM6PR08MB4949:|AM0PR08MB4180: X-Microsoft-Antispam-PRVS: x-checkrecipientrouted: true nodisclaimer: true x-ms-oob-tlc-oobclassifiers: OLM:10000;OLM:10000; x-forefront-prvs: 03827AF76E X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM6PR08MB3318.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(366004)(376002)(346002)(39860400002)(396003)(136003)(86362001)(2906002)(8676002)(76116006)(66446008)(66556008)(66946007)(66476007)(64756008)(71200400001)(52536014)(5660300002)(81156014)(8936002)(966005)(19627405001)(9686003)(6506007)(186003)(26005)(478600001)(7696005)(55016002)(316002)(53546011)(33656002)(110136005); DIR:OUT; SFP:1101; received-spf: None (protection.outlook.com: arm.com does not designate permitted sender hosts) X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: picA5+7BedKI+354bfjvtJBuWg8F+BDgxkhtBe04WOGJxlFYfmcL6Z5ZkpX0lumu6cpyq1CZI4MB4FOq/kI/ZH/HWV2r6YlCzCN6qQbzUJUMqtSjWwrT64PPZEoFTxaAXdMd976csDMSTVIAffkt6OGNK4nezlSLRwM+LK++2U39KL/m5Wr24jneMrL1I49dFZIODPoKQkfyFXiU8Z/uBoKYvbckul9rJPPA9/JPTn6gRWOMyJrb4hyAiDRslDqKAWyQIIlqRnBwZ1kJ36ghFe405QEm5AoxNfGPHT9O+kXW3EcqGy6nBrneww+i4II6YvH2JXnhWi9pyakthHNAhltYF8TifZ0ZisRoNHUj2cvp4MSWzeN6g9FjTiUTj243ynARtCthEWTPogOBpLEulxZGuMAvUuuZ7pIXxsIJTn1BTwA+bGuDPSMdzoz8LcS35Zhp0Dz89Rsc2tGzClAH3lC4pgcyAk2rGhzurTbrRDWW1PBCSED8BMobabfTr4dtI6EsZ71oPCRbrrhSKuW1Pg== x-ms-exchange-antispam-messagedata: ZD7u9wFh7QnodewXO3nKX/ZS8JnswfCpijx6jsZowIh5LaTheBMe63ujgc8QtGwuu+pFptJlIdKZ5ThwpTH+z6lSZzLJHBBfKk4gkMyJfcWUGo7cEVutMwb4C9WLqsmY1olb2Z1WQHPqez2qDeabuQ== x-ms-exchange-transport-forked: True Content-Type: multipart/alternative; boundary="_000_AM6PR08MB33181AE7A270DBF7AF08BD789BD30AM6PR08MB3318eurp_" MIME-Version: 1.0 X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR08MB4949 Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Hanno.Becker@arm.com; X-EOPAttributedMessage: 0 X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT037.eop-EUR03.prod.protection.outlook.com X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFTY:; SFS:(4636009)(346002)(376002)(39860400002)(136003)(396003)(46966005)(82740400003)(316002)(966005)(110136005)(33656002)(478600001)(336012)(9686003)(36906005)(55016002)(186003)(19627405001)(8936002)(81156014)(52536014)(47076004)(70206006)(7696005)(8676002)(70586007)(81166007)(82310400002)(356005)(86362001)(26005)(30864003)(6506007)(5660300002)(2906002)(53546011); DIR:OUT; SFP:1101; X-MS-Office365-Filtering-Correlation-Id-Prvs: c3917dc9-dff6-4961-dd1b-08d7e75281cc X-Forefront-PRVS: 03827AF76E X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: jTmW2laGflTV3RJItSRu1/oSAQ9ztfZm/YFw/nv8jdlhySN+7C5xbI9DgxhSAS0VbEhPjhSs4Z4MpiShk1I6w6rmxZiURFLeRAhZcGm8HkMXZ6jEVFdC+cUgy+IS6GOmTIj+uBrFKSRS2OE2W9xEMgkGIcg4gHUV1Q6xINYAZwp472/P8x5AMAd5bXf6OTfuHs5Jp4r2+n2owt2BnA5qOize6zz7KwZE6DylOvF3vLaTFxDFPoiC2rSowSCCFctUeML7G6r0E53RAK14/zeheeBz+BDKUBNCTjFaKoTzy6OPYDIymBdA+53TCrAC8waoy8d+apw/e/k+M+YfStxYXwm319s7iDxwig2tMMwk/ebdaipO+JGu1BZCAyh5VFteGLA8T/S7NCbDZV9lLoP1q9XhuJj0Qw1AWVlOwscLOotSxK10xp9jNge2z+/45ASA+cbHp2BrAVtRwMUenKVlqrHKGGtpOvbN+1PlMTk1JBuo7Ryj01hdo14zs9k+apIAFY8TB+I+eN4bMzCpz+RLI0fAufqnlQUp8UsPjUww44ofDCvv4rTUKy8q+NliS/j/eyf+iSIhKf4NkhqOmhopEw== X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Apr 2020 06:49:52.1924 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 753a8e44-5346-4b63-9307-08d7e7528655 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB4180 Archived-At: Subject: Re: [TLS] On the two types of ACKs in DTLS 1.3 X-BeenThere: tls@ietf.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Apr 2020 06:50:00 -0000 --_000_AM6PR08MB33181AE7A270DBF7AF08BD789BD30AM6PR08MB3318eurp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Chris, Thanks for your reply. No, the PR does not address the issue described belo= w, because it keeps the use of a single kind of ACK for the two different purp= oses (a) retransmission requests [optional] and (b) acknowledgement of completio= n [mandatory]. However, it clearly describes this double-use of ACKs, which a= lready is a good thing IMO. However, as mentioned, given the late stage of standardization, I merely wa= nted to have this point raised and perhaps discussed, but didn't expect a change in= the end. Unfortunately, there doesn't seem to be much interest in this, so I think o= ne can put this to the records. Cheers, Hanno ________________________________ From: TLS on behalf of Christopher Wood Sent: Thursday, April 23, 2020 12:34 AM To: TLS@ietf.org Subject: Re: [TLS] On the two types of ACKs in DTLS 1.3 Hi Hanno, I believe this (now merged) PR addresses your concerns: https://github.com/tlswg/dtls13-spec/pull/140 Best, Chris On Fri, Apr 3, 2020, at 5:08 AM, Hanno Becker wrote: > Hi all, > > I am aware that we're late into the standardization of DTLS 1.3, and > likely too late for any intrusive change, but I'd still like to share > another comment on the proposed ACKing scheme and its implication on > complexity of migration from DTLS 1.2 to DTLS 1.3, in addition to the > aspect discussed earlier regarding handshake-level vs. record-level ACKs > (https://mailarchive.ietf.org/arch/msg/tls/O0pghTnz_8q1AiHSeMSzxZg30RM/) > > As it stands, there are two quite different kinds of ACKs sharing > the same wire-format: > > 1. ACKs as 'retransmission requests' > > Consider the following two excerpts from the draft: > > A: > "When an implementation receives a partial flight, it SHOULD generate > an ACK that covers the messages from that flight which it has > received so far." > > B: > "Upon receipt > of an ACK for only some messages from a flight, an implementation > SHOULD retransmit the remaining messages or fragments." > > This means that ACKs should be sent only on signs of disruption, > and that receivers of partial ACKs are supposed to immediately > retransmit. > > In particular, this precludes recurring use of ACKs where an ACK > is generated for each message as it comes in and is processed: > Indeed, implementations behaving this way would trigger multiple > retransmissions on the peer, provided the peer obeys (B), even > if there's not a single packet-loss or reordering occurring. > > In this sense, the above ACKs are 'negative' and should not be > seen at all during a disruption-free handshake. > > Note, also, that handshakes will continue to progress if this > kind of ACKs is entirely ignored, which amounts to falling back > to how DTLS 1.2 handles retransmissions, purely on the basis > of timeouts and implicit acknowledgement. > > 2. ACKs as 'acknowledgement of completion' > > In contrast to the previous kind of ACK, those ACKs are 'positive' > in that they indicate completion of a handshake, and they are > mandatory in that a handshake will not complete unless they are > used. In particular, an implementation MUST support those kinds > of ACKs. > > At the moment, both kinds of ACKs are handled in the same way on the wire= , > and in order to even distinguish them an implementation has to maintain > accurate knowledge of the sequence numbers of records it has sent. > > In particular, even if implementations decide to not make use of > type-1 ACKs -- that is, retransmission requests -- it doesn't buy > them anything in terms of code-size and simplicity, because they > still have to implement type-2 ACKs, and detecting those requires > implementing record sequence number bookkeeping. > > I believe that this will harden migration of DTLS 1.2 stacks to DTLS 1.3, > because it makes the minimal difference between a compliant DTLS 1.3 > implementation and a pair of "DTLS 1.2 + TLS 1.3 logic" quite large. > > In contrast, if retransmission requests and completion-ACKs were treated > differently, and in particular easily distinguishable on the wire, then > migration from a pair of DTLS 1.2 + TLS 1.3 stack to a minimal compliant > DTLS 1.3 would only require implementing 'completion-ACKs', which, since > they convey only a single bit of information, can in principle have a > much simpler wire-format than what we have for ACKs today. > > I would be interested in comments from implementors, esp. for stacks > targeting embedded / constrained environments. > > Cheers, > Hanno > > IMPORTANT NOTICE: The contents of this email and any attachments are > confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy > the information in any medium. Thank you. > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls IMPORTANT NOTICE: The contents of this email and any attachments are confid= ential and may also be privileged. If you are not the intended recipient, p= lease notify the sender immediately and do not disclose the contents to any= other person, use it for any purpose, or store or copy the information in = any medium. Thank you. --_000_AM6PR08MB33181AE7A270DBF7AF08BD789BD30AM6PR08MB3318eurp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
Hi Chris,

Thanks for your reply. No, the PR does not address the issue described belo= w, 
because it keeps the use of a single ki= nd of ACK for the two different purposes 
(a) retransmission requests [optional] = and (b) acknowledgement of completion
[mandatory]. However, it clearly describes this double-use of ACKs, which already 
is a good thing IMO.

However, as mentioned, given the late stage of standardization, I merely wa= nted to
have this point raised and perhaps discussed, but didn't expect a change in= the end.
Unfortunately, there doesn't seem to be much interest in this, so I think o= ne can put this
to the records.

Cheers,
Hanno
From: TLS <tls-bounces@i= etf.org> on behalf of Christopher Wood <caw@heapingbits.net>
Sent: Thursday, April 23, 2020 12:34 AM
To: TLS@ietf.org <tls@ietf.org>
Subject: Re: [TLS] On the two types of ACKs in DTLS 1.3
 
Hi Hanno,

I believe this (now merged) PR addresses your concerns:

   http= s://github.com/tlswg/dtls13-spec/pull/140

Best,
Chris

On Fri, Apr 3, 2020, at 5:08 AM, Hanno Becker wrote:
>  Hi all,
>
> I am aware that we're late into the standardization of DTLS 1.3, and > likely too late for any intrusive change, but I'd still like to share<= br> > another comment on the proposed ACKing scheme and its implication on > complexity of migration from DTLS 1.2 to DTLS 1.3, in addition to the<= br> > aspect discussed earlier regarding handshake-level vs. record-level AC= Ks
> (https://mailarchive.ietf.org/arch/msg/tls/O0pghTnz_8q1AiHSeMS= zxZg30RM/)
>
> As it stands, there are two quite different kinds of ACKs sharing
> the same wire-format:
>
> 1. ACKs as 'retransmission requests'
>
>  Consider the following two excerpts from the draft:
>
>  A:
>  "When an implementation receives a partial flight, it SHOUL= D generate
>  an ACK that covers the messages from that flight which it has >  received so far."
>
>  B:
>  "Upon receipt
>  of an ACK for only some messages from a flight, an implementatio= n
>  SHOULD retransmit the remaining messages or fragments."
>
>  This means that ACKs should be sent only on signs of disruption,=
>  and that receivers of partial ACKs are supposed to immediately >  retransmit.
>
>  In particular, this precludes recurring use of ACKs where an ACK=
>  is generated for each message as it comes in and is processed: >  Indeed, implementations behaving this way would trigger multiple=
>  retransmissions on the peer, provided the peer obeys (B), even >  if there's not a single packet-loss or reordering occurring.
>
>  In this sense, the above ACKs are 'negative' and should not be >  seen at all during a disruption-free handshake.
>
>  Note, also, that handshakes will continue to progress if this >  kind of ACKs is entirely ignored, which amounts to falling back<= br> >  to how DTLS 1.2 handles retransmissions, purely on the basis
>  of timeouts and implicit acknowledgement.
>
> 2. ACKs as 'acknowledgement of completion'
>
>  In contrast to the previous kind of ACK, those ACKs are 'positiv= e'
>  in that they indicate completion of a handshake, and they are >  mandatory in that a handshake will not complete unless they are<= br> >  used. In particular, an implementation MUST support those kinds<= br> >  of ACKs.
>
> At the moment, both kinds of ACKs are handled in the same way on the w= ire,
> and in order to even distinguish them an implementation has to maintai= n
> accurate knowledge of the sequence numbers of records it has sent.
>
> In particular, even if implementations decide to not make use of
> type-1 ACKs -- that is, retransmission requests -- it doesn't buy
> them anything in terms of code-size and simplicity, because they
> still have to implement type-2 ACKs, and detecting those requires
> implementing record sequence number bookkeeping.
>
> I believe that this will harden migration of DTLS 1.2 stacks to DTLS 1= .3,
> because it makes the minimal difference between a compliant DTLS 1.3 > implementation and a pair of "DTLS 1.2 + TLS 1.3 logic" = quite large.
>
> In contrast, if retransmission requests and completion-ACKs were treat= ed
> differently, and in particular easily distinguishable on the wire, the= n
> migration from a pair of DTLS 1.2 + TLS 1.3 stack to a minimal com= pliant
> DTLS 1.3 would only require implementing 'completion-ACKs', which, sin= ce
> they convey only a single bit of information, can in principle have a<= br> > much simpler wire-format than what we have for ACKs today.
>
> I would be interested in comments from implementors, esp. for stacks > targeting embedded / constrained environments.
>
> Cheers,
> Hanno
>
>  IMPORTANT NOTICE: The contents of this email and any attachments= are
> confidential and may also be privileged. If you are not the intended <= br> > recipient, please notify the sender immediately and do not disclose th= e
> contents to any other person, use it for any purpose, or store or copy=
> the information in any medium. Thank you.
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf= .org/mailman/listinfo/tls
>

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/= mailman/listinfo/tls
IMPORTANT NOTICE: The contents of this email and any attachments are confid= ential and may also be privileged. If you are not the intended recipient, p= lease notify the sender immediately and do not disclose the contents to any= other person, use it for any purpose, or store or copy the information in any medium. Thank you. --_000_AM6PR08MB33181AE7A270DBF7AF08BD789BD30AM6PR08MB3318eurp_--