[TLS] Review of two ECH issues and PRs

Christopher Wood <caw@heapingbits.net> Sat, 03 October 2020 00:21 UTC

Return-Path: <caw@heapingbits.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B6BEA3A1769 for <tls@ietfa.amsl.com>; Fri, 2 Oct 2020 17:21:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=heapingbits.net header.b=IeuSawj7; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=FQSLX5vL
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IU-ixUnHrOLW for <tls@ietfa.amsl.com>; Fri, 2 Oct 2020 17:21:22 -0700 (PDT)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 097F13A1768 for <TLS@ietf.org>; Fri, 2 Oct 2020 17:21:21 -0700 (PDT)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 426695C0085 for <TLS@ietf.org>; Fri, 2 Oct 2020 20:21:21 -0400 (EDT)
Received: from imap4 ([10.202.2.54]) by compute4.internal (MEProxy); Fri, 02 Oct 2020 20:21:21 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=heapingbits.net; h=mime-version:message-id:date:from:to:subject:content-type; s= fm2; bh=kyDMyZX+n0B+JmnzRmYxQgIdVWCP3Ii4ifcUB5pM5Vg=; b=IeuSawj7 MOFAmi4Br2ybDEqAyp1EPqRXoi3yhENrs/BE5fjcuQ1YjNUIBxKFebYimnsHVUQO wGqb/KQaPc75p3o+qu0OCs2m+jDhfKrNB4RnD9ZPjnRTFQGC0aV4qpSXa/L7m8su I+FEePobHkthKXd9WL5TuoSbOOtCUiXIgnSianq8OOFjrJ1na29z9mZ+H5KJfrVy t9hDLkF0esP5e0FjHSByh+vI+t7i8QZUNMoXG+QBHAV5A+zwIB3oeySB2o8HRejg UiBDkxtB0kpKcWGMA7v8iHnWo8TUAf/iGHZ6yZ5+d5c8gT5qc9yAQse1ut/gX0eN 3/TrbjKp/7+Y0Q==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; bh=kyDMyZX+n0B+JmnzRmYxQgIdVWCP3 Ii4ifcUB5pM5Vg=; b=FQSLX5vLZo5v30ihsQV+q2oVILDoVjSE+Tkmgxx8jHG4l ztpHtrivcota04QOLKaNnX3OC7H6Hs0LXE/wvQMEGGtyzvj0PHoUBm7XN+uVK7xV YFU5gt3RPcJlE98WHmVEb4gba5t1eL09BbTOFvsu/W2pTR2dn4hXGxmgyjOkj3dx OH8WVH8oPscruyoO7KFIpytF2HRqQo/4+ZFHFGDO7Dvf8E4njWIjYurO8fogJ1fM zCFw6wqmUuQ4GO2jNN9NOy4RtzPyg4ntcn2Yo8pHFIyF9WGeQBtkNAMyIjecimpr y/ApN/Y7n15993d/l5BDYCD3Hdl3MjGAPn3EgoiSQ==
X-ME-Sender: <xms:AMR3X_ECkFcJ-aCYwEjZ49Fkbmy7HK0lBjotz-X0UxC9VUPr3o-dBQ> <xme:AMR3X8XiF6cy8x9NFsklz-lkqD_RuhmsgUUH1Yhdir6fQ8IdUv0OrWIQb39LACU-s usfJa8GWOBB_uYodEo>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrfeejgdefgecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkfffhvffutgesthdtredtre ertdenucfhrhhomhepfdevhhhrihhsthhophhhvghrucghohhougdfuceotggrfieshhgv rghpihhnghgsihhtshdrnhgvtheqnecuggftrfgrthhtvghrnhepfeelkeehfeffhfehie eijeeggfektdffteejkeeltdehffetueekvdettdefjeegnecuffhomhgrihhnpehgihht hhhusgdrtghomhenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfh hrohhmpegtrgifsehhvggrphhinhhgsghithhsrdhnvght
X-ME-Proxy: <xmx:AMR3XxLk5HVy95wslrRmtI8Ts0ulDGYvNPoBs2W5wG3MJkgqhNJKwg> <xmx:AMR3X9Gz2PiYGkub9YkjhLTzKYlDHtlVUK0M04wAUrZ-3RzYwEggNQ> <xmx:AMR3X1UawuQMYPuG1-M6UFEhYKYIoErdyFsYa-HGD2MA6wCGHbUZOw> <xmx:AcR3X9h6iWOH1dW8Vg1y1b2cii5Op6_K39l2a1Q_f0YwK1mMmlzEAA>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id B39933C058E; Fri, 2 Oct 2020 20:21:20 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-382-ge235179-fm-20200928.002-ge2351794
Mime-Version: 1.0
Message-Id: <30f5f465-0559-4f71-9f75-b5aa578ae9cc@www.fastmail.com>
Date: Fri, 02 Oct 2020 17:21:00 -0700
From: Christopher Wood <caw@heapingbits.net>
To: "TLS@ietf.org" <TLS@ietf.org>
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/i_fdzxDbxa8CZYjdDtjivkLBgwE>
Subject: [TLS] Review of two ECH issues and PRs
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 03 Oct 2020 00:21:24 -0000

Hi folks,

Below are two issues we can probably resolve before publishing -08 of ECH. Proposed resolutions in the form of a PR accompany each issue. Please have a look and let us know if you support the proposed resolutions, and, if not, please indicate what you think should be done differently. Hopefully we can converge on these quickly!

Trial decryption after HelloRetryRequest
- Issue: https://github.com/tlswg/draft-ietf-tls-esni/issues/233
- PR: https://github.com/tlswg/draft-ietf-tls-esni/pull/316

Simplifying session resumption text (related to "do not stick out")
- Issue: https://github.com/tlswg/draft-ietf-tls-esni/issues/285
- PR: https://github.com/tlswg/draft-ietf-tls-esni/issues/285

Thanks,
Chris