IETF Logo Mail Archive

Re: [TLS] TLS 1.3 - method to request uncached shared secrets

Dave Garrett <davemgarrett@gmail.com> Sun, 19 July 2015 20:58 UTC

Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 882B31B2C45 for <tls@ietfa.amsl.com>; Sun, 19 Jul 2015 13:58:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8_4cLVGhW1Or for <tls@ietfa.amsl.com>; Sun, 19 Jul 2015 13:58:05 -0700 (PDT)
Received: from mail-qg0-x22e.google.com (mail-qg0-x22e.google.com [IPv6:2607:f8b0:400d:c04::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 409261B2C44 for <tls@ietf.org>; Sun, 19 Jul 2015 13:58:05 -0700 (PDT)
Received: by qgy5 with SMTP id 5so65791850qgy.3 for <tls@ietf.org>; Sun, 19 Jul 2015 13:58:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=d2ec9tKZwx9FL0lApltyra0dXk/rrod8q2eflfkDcHM=; b=wTXoFozF86VNRxz0W9S9v+1q0MwouaUrIDRkw/b58mn/mr4mQ9H+ixR1PFe9hbhXqZ 7gjmr8P7lXwQNsjJjgbNPAXmGf61qFi561Aebc8UjGNTW0lwzBUpu4xpYpJjAJmo3/D6 C6jAXNjXs4oRvSSY9FgP6hBn6TmhqQfzWYn74cY135Pgic/cKuHPSOm8gxvBNukyaBE9 Mnj2hRZ0WRr/+oCdTvtCGadmICpE+lUiaOdyt98OJXDrRGFXooqcW5IV10EXOlfTLqqL dmDVEuq27JjK3fkELBUuZuJkHHMcTeZIaOLgFtbxZgecSeev12TQTOSyQaxkLNkReTeE bD0Q==
X-Received: by 10.140.238.76 with SMTP id j73mr2260611qhc.41.1437339484533; Sun, 19 Jul 2015 13:58:04 -0700 (PDT)
Received: from dave-laptop.localnet (pool-96-245-254-195.phlapa.fios.verizon.net. [96.245.254.195]) by smtp.gmail.com with ESMTPSA id j60sm9748019qge.38.2015.07.19.13.58.04 (version=TLSv1 cipher=RC4-SHA bits=128/128); Sun, 19 Jul 2015 13:58:04 -0700 (PDT)
From: Dave Garrett <davemgarrett@gmail.com>
To: Brian Smith <brian@briansmith.org>
Date: Sun, 19 Jul 2015 16:58:02 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
References: <201507180037.56413.davemgarrett@gmail.com> <CAFewVt7tuJBpKggc2MND4m_LxLHb+iGupOAVAKRJBRPZMDVo3g@mail.gmail.com> <CABcZeBNpvf-rqYeevWxErhe3Queq76+jmvXZFssoDu7quNah_Q@mail.gmail.com>
In-Reply-To: <CABcZeBNpvf-rqYeevWxErhe3Queq76+jmvXZFssoDu7quNah_Q@mail.gmail.com>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <201507191658.02625.davemgarrett@gmail.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/hGot4igu6fXc5DH-OFaPopCwjvg>
Cc: tls@ietf.org
Subject: Re: [TLS] TLS 1.3 - method to request uncached shared secrets
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 19 Jul 2015 20:58:06 -0000

On Sunday, July 19, 2015 04:49:10 pm Eric Rescorla wrote:
> On Sun, Jul 19, 2015 at 10:40 PM, Brian Smith <brian@briansmith.org> wrote:
> > Great. I was misunderstanding. Here's the part that is not is still not
> > clear to me: Is the SessionTicket extension still to be used or not? It
> > seems not, AFAICT. If the SessionTicket extension were to be used, then
> > everything would work perfectly as Viktor suggested in his message: the
> > absense of the SessionTicket extension in the ClientHello would be the way
> > that a client can indicate that it doesn't want the session to be cached.
> 
> No, it's not used.

This draft spec explicitly obsoletes RFC 5077. (listed up top)
https://tools.ietf.org/html/rfc5077#section-3.2


Dave

v2.23.0 | Report a Bug | By Email