Re: [TLS] (no subject)
Eric Rescorla <ekr@rtfm.com> Thu, 23 February 2017 16:16 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 74164129864 for <tls@ietfa.amsl.com>; Thu, 23 Feb 2017 08:16:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iFG4oYK2ZVg7 for <tls@ietfa.amsl.com>; Thu, 23 Feb 2017 08:16:58 -0800 (PST)
Received: from mail-yw0-x231.google.com (mail-yw0-x231.google.com [IPv6:2607:f8b0:4002:c05::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C92B11299EB for <tls@ietf.org>; Thu, 23 Feb 2017 08:16:57 -0800 (PST)
Received: by mail-yw0-x231.google.com with SMTP id p77so18924247ywg.1 for <tls@ietf.org>; Thu, 23 Feb 2017 08:16:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=7bg5ZYWNU0TMcZdHeJqG2vHFDhGpSD3OPePNNav4qjU=; b=vomur2vn+SghyCBFZQL8U+LKs7Vr2MhZ1k0jxitAETs05rrk6NILVZVwq61qEvtGuD STOt2VeYetfN5B55RRSecSy26nG5KkyYREOiKjQ+BNLtjbfxhPuVpFFrm47E0XORQwRm wmyYT0CouSBM6TCoSDhJNrWiW4ui7QG4EWjvRlPZ5em6tXghE5/HqqnZRb/+yavIU6s7 sVBL8a/cUKUxy5tPPjOSRZgc2QeU1rrAiJE5h5v0T7UqE/wPXrE/1mLclfOPkbrLMXQj qN0X8oszJ676jQ5WscN53vko6XbOfil1uVRmFeGSAvmfjjjgUlTnl8mnMe6yM9SdiQqN /wCg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=7bg5ZYWNU0TMcZdHeJqG2vHFDhGpSD3OPePNNav4qjU=; b=NKQxFAr7GFF3r8Z8O2biQc5Egt3ACvSAogVZVlbrm8Cl0y2RfcmH3OvlNP3GrbPvcU 4TBNSTFjhhJbbqHVCCk/G/0cX7Y4fvR+7HX982Nvt3gGSe0AKZBPOY+UwmZ3t7RResjU BKfPd5vj4/O77cGf3eK9UyYMyXqfQPEYbm+vdcCihEBp2sYvf+PSlN5j3qQuCnTEQWsC 4q1pximJnJqqarm0VFTveLZ2nimEc6OFQFrvd8J6/dergb2GdaEh1Els01CmxFvwyPez M9L8bc/6DVGXSGJuJGPBD5wJpfc/UnjYhFjxz7H/4rDPerISq2PSrBc1gXgGbPeY8G3+ HriQ==
X-Gm-Message-State: AMke39maY3b4ke17D2nhZuUTk3DiWRmeCeE6JDXc5IPgKBvCYyYA/8An3oKujJ9IN/1YZe0zHQi01yC/6cOzkg==
X-Received: by 10.129.137.129 with SMTP id z123mr30570944ywf.327.1487866617047; Thu, 23 Feb 2017 08:16:57 -0800 (PST)
MIME-Version: 1.0
Received: by 10.129.154.210 with HTTP; Thu, 23 Feb 2017 08:16:16 -0800 (PST)
In-Reply-To: <929120a9-96db-751f-abcc-2982d8640b62@drh-consultancy.co.uk>
References: <CABcZeBN_orTCuVoqg_KRQqRBvMXNzp=yT64W=d2M3D8r2=uoKg@mail.gmail.com> <929120a9-96db-751f-abcc-2982d8640b62@drh-consultancy.co.uk>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 23 Feb 2017 08:16:16 -0800
Message-ID: <CABcZeBMKudZvRMr7fd1oKkEMBSn7hY9Oq+vaauVENo+e5CxDjg@mail.gmail.com>
To: Dr Stephen Henson <lists@drh-consultancy.co.uk>
Content-Type: multipart/alternative; boundary="94eb2c06bf382ed74f054934f19e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/i84dJGP_XIRKdbhn1fyh8Ihd7tY>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] (no subject)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Feb 2017 16:16:59 -0000
On Thu, Feb 23, 2017 at 8:08 AM, Dr Stephen Henson < lists@drh-consultancy.co.uk> wrote: > On 09/02/2017 21:17, Eric Rescorla wrote: > > Hi folks, > > > > We need to close on an issue about the size of the > > state in the HelloRetryRequest. Because we continue the transcript > > after HRR, if you want a stateless HRR the server needs to incorporate > > the hash state into the cookie. However, this has two issues: > > > > 1. The "API" for conventional hashes isn't designed to be checkpointed > > at arbitrary points (though PKCS#11 at least does have support > > for this.) > > 2. The state is bigger than you would like b/c you need to store both > > the compression function and the "remainder" of bytes that don't > > fit in [0] > > > > Does the handling of Post-Handshake authentication pose a similar issue? > That is > the need to keep the hash context of the handshake and then append > additional > data to generate or check the CertificateVerify message? > It's a slight inconvenience, but not a real issue because you don't need to send the state over the wire. So you just need a forkable hash implementation, which you needed anyway because of the way the rest of the hashing works. -Ekr > Steve. > -- > Dr Stephen N. Henson. > Core developer of the OpenSSL project: http://www.openssl.org/ > Freelance consultant see: http://www.drh-consultancy.co.uk/ > Email: shenson@drh-consultancy.co.uk, PGP key: via homepage. >
- [TLS] (no subject) Eric Rescorla
- Re: [TLS] (no subject) Kyle Nekritz
- Re: [TLS] (no subject) Dr Stephen Henson
- Re: [TLS] (no subject) Eric Rescorla
- Re: [TLS] (no subject) Eric Rescorla
- Re: [TLS] (no subject) Hubert Kario
- Re: [TLS] (no subject) Ilari Liusvaara
- Re: [TLS] (no subject) Eric Rescorla