[TLS] Earlier exporters
Eric Rescorla <ekr@rtfm.com> Fri, 07 October 2016 15:11 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AECD112965A for <tls@ietfa.amsl.com>; Fri, 7 Oct 2016 08:11:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RxNSUg2r_X9F for <tls@ietfa.amsl.com>; Fri, 7 Oct 2016 08:11:31 -0700 (PDT)
Received: from mail-yw0-x22f.google.com (mail-yw0-x22f.google.com [IPv6:2607:f8b0:4002:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 01EE9129635 for <tls@ietf.org>; Fri, 7 Oct 2016 08:11:31 -0700 (PDT)
Received: by mail-yw0-x22f.google.com with SMTP id u124so33867089ywg.3 for <tls@ietf.org>; Fri, 07 Oct 2016 08:11:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:from:date:message-id:subject:to; bh=D1LzwZCdJiNhD7b0b3hu8hmXI7p8Iko09aOlxKEOy3M=; b=zfC9hioZz9kDvd1tDjZxuxXhuVLGqA9vx59kVgisz0fyhgnHasy+z6Qg7MEmm3YIIY Y11bCh9kEPx1fT0rgD5+8+4wkIfXAlL+P4X3cEbaAal00jJzodzoCaOoBapAhi0AeunB e7A7VZ3QM9Ea5sKH1istsZDWK8p530O1mPd6WeX/Kw88DepOOOLUwVl7GnDf8zrcRAVV jjay/t+SQLY8bQU5UvDQp96z6uEJyABwUcB3nnDSJJZqAXwT4V1SuSYhHbhx+6iJfsNX 3Q/HRTluvYkB4u9tUjeqlpwXCFwzAfFFyqLfEZ7GK4ITt5HZ4d2Uj4km/j0vDBT3X1aq edBA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=D1LzwZCdJiNhD7b0b3hu8hmXI7p8Iko09aOlxKEOy3M=; b=inMl+uKyPcpVoHQ7n6QcgADd/h6RTkUdrBPl4IIMbKmUo5ChlBhaNaWohhgycwaOoa Zi9d/FUUrt5V+Vh4Y5H2FKbodG9D5/0CNpiw2+avoLb1Fl7v4DjuyuFaFoKwNVPXog+7 hqL2iJ7XKaNTl5I1u7ZRrF9BPqXhoESNkR12WUhSQICbuMYbAJx8GJr43PWUkz71GmGc OX0+3EVSuGBgveSRGATN7dpnqTw8monYAr0aswHt35AyHVd/sKzXnQolRq3KwlbZdgcl K0oF0d74LlPXku+hu/lUOwm8E+yA093GpaWusJvDNETmXAh/YhJPnfDHVaGPS7C+4b48 FojA==
X-Gm-Message-State: AA6/9RkLgleyaRfcn/hK9O3fb9FyfCzynHeOboge8HJxym0wLyThwEJn7UVLn74shFlZRg5UFpVL+n8iIICFeg==
X-Received: by 10.129.83.193 with SMTP id h184mr16013630ywb.52.1475853089988; Fri, 07 Oct 2016 08:11:29 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.129.75.212 with HTTP; Fri, 7 Oct 2016 08:10:49 -0700 (PDT)
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 07 Oct 2016 08:10:49 -0700
Message-ID: <CABcZeBOBmeEW+Ty5W68giBg5MZC11QR9oxMP00CD5zStb2=0fg@mail.gmail.com>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="001a114d6f1c2bd07a053e47d358"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/l39CKcWMKvI2USahR7Ai6J7DhQA>
Subject: [TLS] Earlier exporters
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Oct 2016 15:11:33 -0000
Please see the following PR: https://github.com/tlswg/tls13-spec/pull/673 This includes various changes to make exporters/resumption work better. Basically: 1. Add a 0-RTT exporter and change the transcript for the regular exporter so it only includes the transcript up to ServerFinished. This gives it parity with the rest of the traffic keys. If we need an exporter with the full transcript we can always add it later 2. Point out that you can predict ClientFinished for NST when not doing Client auth. This lets you issue tickets on the server's first flight, while still ensuring that if you do client auth you still bind resumption to the client's full transcript. These are pretty straightforward changes, so absent objections I'll merge them early next week. -Ekr
- [TLS] Earlier exporters Eric Rescorla
- Re: [TLS] Earlier exporters Nick Harper
- Re: [TLS] Earlier exporters Eric Rescorla
- Re: [TLS] Earlier exporters Eric Rescorla
- Re: [TLS] Earlier exporters Nick Harper