IETF Logo Mail Archive

Re: [TLS] Record header size?

"Short, Todd" <tshort@akamai.com> Wed, 18 November 2015 12:44 UTC

Return-Path: <tshort@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2E2451A1A6D for <tls@ietfa.amsl.com>; Wed, 18 Nov 2015 04:44:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.286
X-Spam-Level:
X-Spam-Status: No, score=-3.286 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.585, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rNnVZLFqYkyI for <tls@ietfa.amsl.com>; Wed, 18 Nov 2015 04:44:24 -0800 (PST)
Received: from prod-mail-xrelay08.akamai.com (prod-mail-xrelay08.akamai.com [96.6.114.112]) by ietfa.amsl.com (Postfix) with ESMTP id 3F0D71A1A68 for <tls@ietf.org>; Wed, 18 Nov 2015 04:44:23 -0800 (PST)
Received: from prod-mail-xrelay08.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id 4D6AA200014; Wed, 18 Nov 2015 12:44:23 +0000 (GMT)
Received: from prod-mail-relay09.akamai.com (prod-mail-relay09.akamai.com [172.27.22.68]) by prod-mail-xrelay08.akamai.com (Postfix) with ESMTP id 2DB27200011; Wed, 18 Nov 2015 12:44:23 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; s=a1; t=1447850663; bh=8KqCN6ahnTId7wKAqr0NtbRZMrnT8+H4tj7ELbkxajo=; l=2963; h=From:To:CC:Date:References:In-Reply-To:From; b=pVYHnuyOp+h/Fi/EabdT+QZAmR0/4w7vDTIRThe1V6cxjJAH053RLwYHz+yYOcnf2 r/03lRIZWCds62AI3dXbLBbsUnjWsVn3M7bumsEBjYhCdfaMKMnd8wv0YR6dVxqphj aWODmv7TVHNrrTqorudGyw/+/Si/2VPsX3365CXo=
Received: from email.msg.corp.akamai.com (usma1ex-cas2.msg.corp.akamai.com [172.27.123.31]) by prod-mail-relay09.akamai.com (Postfix) with ESMTP id 139F81E080; Wed, 18 Nov 2015 12:44:23 +0000 (GMT)
Received: from USMA1EX-DAG1MB5.msg.corp.akamai.com (172.27.123.105) by usma1ex-dag1mb3.msg.corp.akamai.com (172.27.123.103) with Microsoft SMTP Server (TLS) id 15.0.1076.9; Wed, 18 Nov 2015 07:44:22 -0500
Received: from USMA1EX-DAG1MB5.msg.corp.akamai.com ([172.27.123.105]) by usma1ex-dag1mb5.msg.corp.akamai.com ([172.27.123.105]) with mapi id 15.00.1076.000; Wed, 18 Nov 2015 07:44:22 -0500
From: "Short, Todd" <tshort@akamai.com>
To: Yoav Nir <ynir.ietf@gmail.com>
Thread-Topic: [TLS] Record header size?
Thread-Index: AQHRIUwqfC6IjHws+EWK+zLpB/KhZp6gxqoAgACMgACAAH9MgP//6KPC
Date: Wed, 18 Nov 2015 12:44:21 +0000
Message-ID: <29BB82B3-9E74-46F0-A2C6-9A5D8143DA07@akamai.com>
References: <C5F506DC-F814-4C0B-AFAA-86CF790817A7@akamai.com> <CABcZeBP5QPQAXKvM_oEAzex0-vrVWMvOW0yZuamvF5hxAHtmtw@mail.gmail.com> <9A043F3CF02CD34C8E74AC1594475C73F4B679E6@uxcn10-5.UoA.auckland.ac.nz>, <B79F7446-0BBF-4006-A448-E81FF5E7ECD4@gmail.com>
In-Reply-To: <B79F7446-0BBF-4006-A448-E81FF5E7ECD4@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/iFqjteuipazJrI465Q0rNb8GmvM>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Record header size?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Nov 2015 12:44:26 -0000

DPI, admittedly, is an expensive process that slows down traffic. DPI is even more expensive on a protocol such as TLS where the record headers aren't always in the same place in every packet. DPI is usually off by default on most firewalls. 

The problem you are more likely to encounter are TLS interception proxies that end up using only TLSv1.0 to authenticate a connection. 

Having this controlled by a TLS extension would at least give the client a modicum of control. (Oops, connection failed, let's try it again with a 3.1-compatible header.)

Also, having the "major" version number be 4, should indicate to these DPI engines that this is a new version of TLS, and should use new code or be ignored. Heck, the version in the handshake should be indicative of this.

I think the philosophy some people are going with, if we're going to break backwards compatibility, let's do it big time, so that we only have to do it once, and not make everyone play continuous catchup. 

--
-Todd Short
// tshort@akamai.com
// "One if by land, two if by sea, three if by the Internet."


> On Nov 18, 2015, at 4:09 AM, Yoav Nir <ynir.ietf@gmail.com> wrote:
> 
> 
>> On 18 Nov 2015, at 3:32 AM, Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote:
>> 
>> Eric Rescorla <ekr@rtfm.com> writes:
>> 
>>> The concern here is backward compatibility with inspection middleboxes which
>>> expect the length field to be in a particular place.
>> 
>> Given that the rest of TLS 1.3 is going to break compatibility with pretty
>> much everything everywhere, I can't see this as a big concern, may as well fix
>> it at the same time as everything else is being changed.
> 
> Stateful firewalls tend to pass only what they understand. They use some measures to avoid tunneling and passing things that are not HTTPS over TCP port 443.
> 
> To achieve this, they run sanity checks on the traffic. They try to strike a balance between not getting circumvented and not dropping legitimate traffic. Sometimes they get it wrong. Sometimes they block legitimate but surprising stuff. As an example from 15 years ago, when Mac OS 9.2 came out, it sent data on the third packet of TCP (the ACK - last of the handshake packets). This is allowed by RFC, but was not done by any other platform. This failed the sanity checks of some firewalls, causing that traffic to be blocked. Two results of this event: we fixed our firewalls, but nobody (including Apple) does that anymore.
> 
> A sanity check on TLS might involve validating 5-byte record headers with sane length and version fields. A firewall might be out there that verifies this. This is the kind of thing that might be missed in testing, and we’ll only find out when some brave soul deploys TLS 1.3 in Chrome only to find out that it is blocked in 3% of the Internet.
> 
> Yoav
> 
>

v2.23.0 | Report a Bug | By Email