IETF Logo Mail Archive

Re: [TLS] Last Call: <draft-ietf-tls-dtls-connection-id-10.txt> (Connection Identifiers for DTLS 1.2) to Proposed Standard

Achim Kraus <achimkraus@gmx.net> Fri, 12 March 2021 19:33 UTC

Return-Path: <achimkraus@gmx.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A12323A091B; Fri, 12 Mar 2021 11:33:19 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Geu4CHrZqtNn; Fri, 12 Mar 2021 11:33:17 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 253D53A0907; Fri, 12 Mar 2021 11:33:16 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1615577592; bh=6d1TrHxdFHoAQ36afVva2zqcbE3ARYODDWJp9y0JZGk=; h=X-UI-Sender-Class:Subject:To:Cc:References:From:Date:In-Reply-To; b=Qdx+jBBQieaxCfMCBr7pv+vyDK3ztF0N+TcGwzt4P53zdj35TrTUpPbDe+mLJJ4K/ 60vkUWlPF+26D1HvlNw9OzTaw8Hyd2bSx2P/vuQilEpxUwsNhpTuZ71CMuKAenHlMz aSld6nTb9PETej9GmeuVaJ7aDBQe0z1lFV2SEHgg=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [192.168.178.10] ([88.152.185.135]) by mail.gmx.net (mrgmx105 [212.227.17.168]) with ESMTPSA (Nemesis) id 1MF3HU-1lVrCi1ICG-00FRmq; Fri, 12 Mar 2021 20:33:12 +0100
To: tom petch <daedulus@btconnect.com>, Hannes Tschofenig <Hannes.Tschofenig@arm.com>, Thomas Fossati <Thomas.Fossati@arm.com>, "last-call@ietf.org" <last-call@ietf.org>
Cc: "draft-ietf-tls-dtls-connection-id@ietf.org" <draft-ietf-tls-dtls-connection-id@ietf.org>, "tls@ietf.org" <tls@ietf.org>, "tls-chairs@ietf.org" <tls-chairs@ietf.org>
References: <161520236528.11780.2852731535612070466@ietfa.amsl.com> <604B44A4.6070400@btconnect.com> <94E09812-812E-4373-A2DC-ECF489F0C5FF@arm.com> <VI1PR08MB26399313BD59836403213536FA6F9@VI1PR08MB2639.eurprd08.prod.outlook.com> <32ed5871-b315-de65-ec58-a5e67176f133@gmx.net> <604BA4CA.8040502@btconnect.com>
From: Achim Kraus <achimkraus@gmx.net>
Message-ID: <b5b0f33b-93c5-7763-b3cb-e3724cc72a22@gmx.net>
Date: Fri, 12 Mar 2021 20:33:11 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <604BA4CA.8040502@btconnect.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: de-AT-frami
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:GQtxGfCEe9q/QWxyZmNg8aHdJPVMrn6zl9WtLEbP72GvgDxcKkN aqsgpZKf3qwtDSP5q+5lj7/jA+2wwKx4OW4bJiram0LDLUVYkPha99bzc6JKSK2jmcYIG6m NvtPNl+dsWqUsA7x6EnYJYXf99ccRwUmZHMRyyMFu1G5Sr2SL+/yyQziajIZH8FZA/MHIWP v/pYOZAAUDsMT8aL5XzeQ==
X-UI-Out-Filterresults: notjunk:1;V03:K0:4fwoo8GKaZE=:+iCirPelZBZwV4+5N9t8K1 eS2cWfuTl/bqB5iQAfwx3L9AfD353PHGAKkLfqX7VMnThZgo3WwbDc17pfvSvc+lvFM1X/2fq g3/8/qkb/ihL6vwSZNm4Df6XDY2WgEHnfYIyaV+DwptksaLtIQ95IuilGbuhx3zFZAdW8nldC GaFPxf4jPd6ES3Yyt5TM2tqpaT+/lo5Kf/yZAyMX9qr4x3SnNWayiJqIA8fklAKSmFWxD49cE i0kZgVKmC0j5aPVYnhn6RfqUTvb8rbIZjZhH8GR3DkI/DsfW6QciPhos9rwrnaGrGxT7j2lZ4 Zdxg0Q0M0LG5uNqRnTpGXeZYnp8SQU49acCxiTVY629m97Z06+jKKxq7d9pwalVZHnvDakyhR jWNWLBH/JZr/zw+wK/IMjzS1u9jfAqak3WptKpceX8uldaFZJBTU3cmRNxqQqqWhazrn+7iU3 KBwPO8QG3N1n1VPrcFgejI3GcbYMM1wF7hLpObejY/UTWMKcp9uyI+tWUqTpzQvSdv7WeqiGv +3P/iHp368YWsXSLKaHwRIlGJ/N15JWoA0gngy9kauHkTBUZ+f1aXx4ga+orVCUtzN25om/O3 HWlpGvgkdu/peVW1jRuDHLKzj1JQ15mFXrT3cWIZck9fJsJpoTPJRWAC6Jee909eoVcGywKOG Ei6zCxIrPzbzNxxy9XiEwdIL8Dfnw3ckTfCTYejCl6dSrTpUvqhmjOD9kqEpULs8mPw7fGKNa 6lUS9qc2Z4rCpmyTVFxdlhwrwrNJqU4HCIKxZEx7aNXenoBYiJwsACgbsemdSQCGAEs4WjzR0 JYKqMBWFMtG7kTg2Ooe5ghdQBlr3TDfUa9C9EHGAwQhk5inrwMSgLJu3Xios1M9856cniytYH G66pOMVFxX2+bmYS3Tqg==
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/ijLVCv9B8qAjsfhdhfl4wIfFEys>
Subject: Re: [TLS] Last Call: <draft-ietf-tls-dtls-connection-id-10.txt> (Connection Identifiers for DTLS 1.2) to Proposed Standard
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Mar 2021 19:33:20 -0000

Hi Tom,

 > I think that I cannot make sense of that 'alternately'.  The subsequent
 > paragraphs seem to rule it out as an option.  On a first read I thought
 > that a zero length CID was a valid option for Application Data and
 > wanted to know which form of header and MAC was appropriate but my
 > understanding of the later paragraphs became that a zero length CID can
 > only appear in Hello; but I do think that this needs fixing.
 >
 > I did track the WG discussion last October and did not see anything very
 > clear then.

That was a discussion in 2019, see
https://github.com/tlswg/dtls-conn-id/issues/43 and follow the refered PRs.

The outcome:
If the CID is empty, RFC6347 record format is used. That's equivalent to
"empty CID is only used in the extensions of the Hellos".

Best regards
Achim Kraus

Am 12.03.21 um 18:28 schrieb tom petch:
>
> On 12/03/2021 16:18, Achim Kraus wrote:
>> Hi Tom, Hannes, Thomas,
>>
>> "A zero-length value indicates that the server will send with the
>> client's CID but does not wish the client to include a CID (or again,
>> alternately, to use a zero-length CID)."
>>
>> My feeling is, the text in the paragraphs following that seems to
>> introduce first the idea of a "zero-length CID", and later use that only
>> to negate the use of tls_cid record. It may be more straight forward, if
>> the use of a "zero-length CID" is limited to the ClientHello and the
>> ServerHello extensions. And later the use of a tls_cid record is then
>> only for negotiated non-empty CID.
>>
>> WDYT?
>
> I think that I cannot make sense of that 'alternately'.  The subsequent
> paragraphs seem to rule it out as an option.  On a first read I thought
> that a zero length CID was a valid option for Application Data and
> wanted to know which form of header and MAC was appropriate but my
> understanding of the later paragraphs became that a zero length CID can
> only appear in Hello; but I do think that this needs fixing.
>
> I did track the WG discussion last October and did not see anything very
> clear then.
>
> Tom Petch
>
>
>> best regards
>> Achim Kraus
>>
>>
>> Am 12.03.21 um 12:58 schrieb Hannes Tschofenig:
>>> Hi Tom,
>>>
>>> I added a few PRs to address your review (see
>>> https://github.com/tlswg/dtls-conn-id/pulls).
>>>
>>> Regarding the zero-length CID I believe the current version in the
>>> repo at https://github.com/tlswg/dtls-conn-id might have already
>>> address your remark.
>>>
>>> In general, the zero-length CID in the ClientHello / ServerHello
>>> allows us to use CIDs unidirectionally.
>>>
>>> Ciao
>>> Hannes
>>>
>>> -----Original Message-----
>>> From: TLS <tls-bounces@ietf.org> On Behalf Of Thomas Fossati
>>> Sent: Friday, March 12, 2021 11:58 AM
>>> To: tom petch <daedulus@btconnect.com>; last-call@ietf.org
>>> Cc: tls@ietf.org; tls-chairs@ietf.org;
>>> draft-ietf-tls-dtls-connection-id@ietf.org
>>> Subject: Re: [TLS] Last Call:
>>> <draft-ietf-tls-dtls-connection-id-10.txt> (Connection Identifiers for
>>> DTLS 1.2) to Proposed Standard
>>>
>>> Hi Tom,
>>>
>>> Thanks very much!
>>>
>>> Your review is tracked in the issues below.
>>>
>>> On 12/03/2021, 10:39, "tom petch" <daedulus@btconnect.com> wrote:
>>>>
>>>> Some editorial quirks
>>>>
>>>> s.2
>>>> lacks the boiler plate of RFC8174
>>>
>>> https://github.com/tlswg/dtls-conn-id/issues/88
>>>
>>>> s.3
>>>> I found this unclear until I had understood it all (or perhaps I do
>>>> not understand it)
>>>>
>>>> "...or again, alternately, to use a zero-length CID)."
>>>> This suggests that a zero length CID is valid in Application Data
>>>> which later text seems to contradict; otherwise I cannot see what
>>>> this is saying.
>>>>
>>>> "  If DTLS peers have negotiated the use of a CIDs using the
>>>> ClientHello and the ServerHello messages "
>>>> arguably sending a zero CID and receiving a zero CID is a successful
>>>> Hello negotiation perhaps " If DTLS peers have negotiated the use of a
>>>> non-zero CID in at least one direction, using the ClientHello and the
>>>> ServerHello messages"
>>>>
>>>> "The DTLS peers determine whether incoming and outgoing messages
>>>> need.."
>>>> seems not to cater for unidirectional CIDs; perhaps "The DTLS peers
>>>> determine whether incoming or outgoing, or both, messages need.. "
>>>
>>> https://github.com/tlswg/dtls-conn-id/issues/89
>>>
>>>> s.4
>>>> /always recieve CIDs/always receive CIDs/
>>>>
>>>>
>>>> s.5.1
>>>> "the with Encrypt-then-MAC processing described in [RFC7366]."
>>>> I do not understand why 'with' is needed
>>>>
>>>> s.5.2
>>>> ditto
>>>>
>>>> s.8
>>>> /this aspects SHOULD refuse/these aspects SHOULD refuse/
>>>
>>> https://github.com/tlswg/dtls-conn-id/issues/90
>>>
>>>> s.10
>>>> I would find this clearer as three sections for the three IANA actions
>>>> 10.1 new column for ExtensionType
>>>> 10.2 new value for ExtensionType
>>>> 10.3 new value for ContentType
>>>>
>>>> "   IANA is requested to allocate an entry to the existing TLS
>>>>      "ExtensionType Values" registry, defined in [RFC5246],.."
>>>> well no; whatever you think of RFC8447 the name has changed
>>>> "   IANA is requested to allocate an entry to the existing "TLS
>>>>      ExtensionType Values" registry, defined in [RFC5246],.."
>>>> or, if you are picky (which I am not),
>>>>      IANA is requested to allocate an entry to the existing "TLS
>>>>      "ExtensionType Values" registry, defined in [RFC5246], and
>>>>      renamed by RFC8447
>>>>
>>>> An extra column is added but I cannot see what value should be placed
>>>> in that column for existing entries.
>>>>
>>>> "The tls12_cid ContentType is only applicable to DTLS 1.2."
>>>> Good information but I struggle to see what IANA will do with it; I
>>>> see nowhere for it to go.
>>>
>>> https://github.com/tlswg/dtls-conn-id/issues/91
>>>
>>>
>>> cheers, t
>>>
>>>> Tom Petch
>>>>
>>>>
>>>> On 08/03/2021 11:19, The IESG wrote:
>>>>
>>>>
>>>>>
>>>>> The IESG has received a request from the Transport Layer Security WG
>>>>> (tls) to consider the following document: - 'Connection Identifiers
>>>>> for DTLS 1.2'
>>>>>     <draft-ietf-tls-dtls-connection-id-10.txt> as Proposed Standard
>>>>>
>>>>> The IESG plans to make a decision in the next few weeks, and
>>>>> solicits final comments on this action. Please send substantive
>>>>> comments to the last-call@ietf.org mailing lists by 2021-03-28.
>>>>> Exceptionally, comments may be sent to iesg@ietf.org instead. In
>>>>> either case, please retain the beginning of the Subject line to
>>>>> allow automated sorting.
>>>>>
>>>>> Abstract
>>>>>
>>>>>
>>>>>      This document specifies the Connection ID (CID) construct for the
>>>>>      Datagram Transport Layer Security (DTLS) protocol version 1.2.
>>>>>
>>>>>      A CID is an identifier carried in the record layer header that
>>>>> gives
>>>>>      the recipient additional information for selecting the
>>>>> appropriate
>>>>>      security association.  In "classical" DTLS, selecting a security
>>>>>      association of an incoming DTLS record is accomplished with the
>>>>> help
>>>>>      of the 5-tuple.  If the source IP address and/or source port
>>>>> changes
>>>>>      during the lifetime of an ongoing DTLS session then the
>>>>> receiver will
>>>>>      be unable to locate the correct security context.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> The file can be obtained via
>>>>> https://datatracker.ietf.org/doc/draft-ietf-tls-dtls-connection-id/
>>>>>
>>>>>
>>>>>
>>>>> No IPR declarations have been submitted directly on this I-D.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> IETF-Announce mailing list
>>>>> IETF-Announce@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/ietf-announce
>>>>> .
>>>>>
>>>>
>>>
>>> IMPORTANT NOTICE: The contents of this email and any attachments are
>>> confidential and may also be privileged. If you are not the intended
>>> recipient, please notify the sender immediately and do not disclose
>>> the contents to any other person, use it for any purpose, or store or
>>> copy the information in any medium. Thank you.
>>> _______________________________________________
>>> TLS mailing list
>>> TLS@ietf.org
>>> https://www.ietf.org/mailman/listinfo/tls
>>> IMPORTANT NOTICE: The contents of this email and any attachments are
>>> confidential and may also be privileged. If you are not the intended
>>> recipient, please notify the sender immediately and do not disclose
>>> the contents to any other person, use it for any purpose, or store or
>>> copy the information in any medium. Thank you.
>>>
>>> _______________________________________________
>>> TLS mailing list
>>> TLS@ietf.org
>>> https://www.ietf.org/mailman/listinfo/tls
>>>
>>
>> .
>>

v2.23.0 | Report a Bug | By Email