Re: [TLS] WGLC for draft-ietf-tls-ticketrequests
"Martin Thomson" <mt@lowentropy.net> Tue, 21 January 2020 05:04 UTC
Return-Path: <mt@lowentropy.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 84A62120048 for <tls@ietfa.amsl.com>; Mon, 20 Jan 2020 21:04:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=RAcjn9gR; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=ApKPDTJ5
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N5wXhS1O4jjV for <tls@ietfa.amsl.com>; Mon, 20 Jan 2020 21:04:13 -0800 (PST)
Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0812F120045 for <tls@ietf.org>; Mon, 20 Jan 2020 21:04:12 -0800 (PST)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id 040F121F85 for <tls@ietf.org>; Tue, 21 Jan 2020 00:04:12 -0500 (EST)
Received: from imap2 ([10.202.2.52]) by compute1.internal (MEProxy); Tue, 21 Jan 2020 00:04:12 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type; s=fm1; bh=ntl2dFBnG2KyRBN2+l/eDqHF+BRdPC/ epio64iH9YxY=; b=RAcjn9gRqFGcSjb0fi3busl1QBVOCeiYTI2ySxQSd9bF9Dj G+aveVMiPceX3QehY/NXlEW0sO2xiIYzegwTF3ILwyahnug4fGFXl3yQePtboNOd t2FiuhUOS2A3GuijhNMiIl9+mERjSr9RaE3akDzNsjjEjI1gsQQ02Cg8HhgnGoKo OqjLVYNUlH3WXKJPCerteFTtNce1BwFlzGZkOvlLLkWCSAKTFwRN1pFtQ+LwTZt7 xbRSQNUv+EjuF3fgMUIByouueClwOaKXvhNbYHaGRXo4HaZZ4JP7oDdANqMj7M3q +l1QzBLsGDNwXu6U1TbUBBk69hC3ia6Eu+OH2VQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=ntl2dF BnG2KyRBN2+l/eDqHF+BRdPC/epio64iH9YxY=; b=ApKPDTJ5lnvFP1w3Z13KVu ojB5aY9Icji0wl6cfJeb0u8pHKTjMQiCwVjQVRW4lOLtBEH0enlcODnzZBgdN4Ah ti2OFbTPrzy4hTfWB2YMJcS8I6hsj/vNWzdmpUbdKdJawsN1vyldNimeTdIr9eGo mpBpAD85HmbbRu5GVrZth9qQjCCmUpgdhWiQWlxRc7GAEmC1zNjUnbUMqezaOQF7 UNpLs9k28mEwcXflTLqSgaeqBiSiCsScpjFxsGDf7HdHJLD5j7rXbf2dhY4SdhV/ b0YmJQPevBJ5lwwwn/mPb0NXFOhLZDnxzb47XDFVBJTrU3Gbr8Z32Q+f9854FIjg ==
X-ME-Sender: <xms:S4YmXlHdVHpRFNR2qxgE3TDsFNferv8F1RR5-8y9lGXt8GRSjyxWig>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedugedrudejgdejjecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkjghffffhvffutgesthdtre dtreertdenucfhrhhomhepfdforghrthhinhcuvfhhohhmshhonhdfuceomhhtsehlohif vghnthhrohhphidrnhgvtheqnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpe hmrghilhhfrhhomhepmhhtsehlohifvghnthhrohhphidrnhgvth
X-ME-Proxy: <xmx:S4YmXun2yTr90N_dbgYq15zyMr-TRH6ExTDCJQq_IrQ411sBPa5HeQ> <xmx:S4YmXiJkSuqd71r1wTRvFunCPL-LGngcRcpCbrFNXvQzm6uqqar1uA> <xmx:S4YmXvY3-nFJolAx4BHNOU32JUFTQtOOxYO1JUoEbG5-HvwzSnGaPw> <xmx:S4YmXtNx8Gkw_Pe9gcuwhW3dFH73FjEF--UlD7osmPegEzLIfqiyDw>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 79C1DE00B0; Tue, 21 Jan 2020 00:04:11 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.7-754-g09d1619-fmstable-20200113v1
Mime-Version: 1.0
Message-Id: <fd37bd2a-c799-4bf4-95b3-65943681683b@www.fastmail.com>
In-Reply-To: <CAPDSy+6DFJ+OYRtYK6eEiUt1noiik4KxqrGFx0ro_RL2Mft_VA@mail.gmail.com>
References: <20191116103855.GQ20609@akamai.com> <20191116110425.GR34850@straasha.imrryr.org> <556d2210-4af7-b398-fbd7-eab2685d7c62@wizmail.org> <20191116210617.GS34850@straasha.imrryr.org> <20191116235952.GR20609@akamai.com> <20191117002249.GV34850@straasha.imrryr.org> <CADZyTkmaUVj=sFdgg93MuM2au0B=1M1k3yCA1XDoaAneVDmnNw@mail.gmail.com> <14690874-E301-4BC0-B385-00DEBCBA94C2@apple.com> <20191120034812.GQ34850@straasha.imrryr.org> <5FBFE820-8C53-4B32-9520-343279C1A6CC@apple.com> <20191120064819.GR34850@straasha.imrryr.org> <CAPDSy+6DFJ+OYRtYK6eEiUt1noiik4KxqrGFx0ro_RL2Mft_VA@mail.gmail.com>
Date: Tue, 21 Jan 2020 16:03:46 +1100
From: Martin Thomson <mt@lowentropy.net>
To: tls@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/hQLI6GuB-Uzl7jKDDOe056mQVOA>
Subject: Re: [TLS] WGLC for draft-ietf-tls-ticketrequests
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jan 2020 05:04:15 -0000
On Thu, Nov 21, 2019, at 14:19, David Schinazi wrote: > Regarding Viktor's suggestion, I personally believe it would increase the > complexity of the proposal, and I don't see use-cases compelling enough > to warrant that complexity. I would rather keep this proposal as simple as > possible. I see that I didn't respond to this. I support David's view. Even the suggestion that clients that resume only request one assumes that clients only want one. The client probably knows better than we do. I would rather say nothing about the number and keep it simple. 0 means 0, 1 means 1, N means N. FWIW, the cost of oversupply is often marginal, depending on circumstances. In a client-speaks-first protocol with no client certificate, the server can occupy the first round trip with tickets and generally gain a performance advantage (as sending more will increase the congestion window in most cases). Otherwise, there are usually quiescent periods that can be exploited for sending tickets. And tickets are small, and cheap to generate. With one exception: if you are relying on client authentication and packing that into tickets, I'm sorry.
- [TLS] WGLC for draft-ietf-tls-ticketrequests Sean Turner
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Salz, Rich
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Martin Thomson
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Daniel Migault
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Christopher Wood
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Christopher Wood
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Daniel Migault
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Christopher Wood
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Daniel Migault
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Christopher Wood
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Christopher Wood
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Daniel Migault
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Hubert Kario
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Christopher Wood
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Daniel Migault
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Hubert Kario
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Daniel Migault
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Hubert Kario
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Daniel Migault
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Benjamin Kaduk
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Jeremy Harris
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Benjamin Kaduk
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Daniel Migault
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Tommy Pauly
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Tommy Pauly
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests David Schinazi
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Rob Sayre
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Christopher Wood
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Martin Thomson
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests David Schinazi
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Rob Sayre
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests David Schinazi
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Rob Sayre
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Benjamin Kaduk
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Rob Sayre
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Benjamin Kaduk
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Rob Sayre
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Sean Turner
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Nico Williams
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Hubert Kario
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Daniel Migault
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Daniel Migault
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Martin Thomson
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Martin Thomson
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Eric Rescorla
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Salz, Rich
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Salz, Rich
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Eric Rescorla
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Daniel Migault
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Nico Williams
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Watson Ladd
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Nico Williams
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Nico Williams
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Hubert Kario
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Watson Ladd
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Nico Williams
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Tommy Pauly
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Nico Williams
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Salz, Rich
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Rob Sayre
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Nico Williams
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Rob Sayre
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Nico Williams
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Rob Sayre
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Nico Williams
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Nico Williams
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Daniel Migault
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Tommy Pauly
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Tommy Pauly
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Nico Williams
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Rob Sayre
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Stephen Farrell
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Daniel Migault
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Salz, Rich
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Rob Sayre
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Salz, Rich
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Rob Sayre
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Salz, Rich
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Tommy Pauly
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Watson Ladd
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Watson Ladd
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Tommy Pauly
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Eric Rescorla
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Eric Rescorla
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Eric Rescorla
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Nico Williams
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Tommy Pauly
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Daniel Migault
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Bill Frantz
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Rob Sayre
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Eric Rescorla
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Tommy Pauly
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Eric Rescorla
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Rob Sayre
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Ben Schwartz
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Ben Schwartz
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Daniel Migault
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Rob Sayre
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Hubert Kario
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Jeremy Harris
- Re: [TLS] WGLC for draft-ietf-tls-ticketrequests Viktor Dukhovni