Re: [TLS] SNI and Resumption/0-RTT
Andrei Popov <Andrei.Popov@microsoft.com> Fri, 21 October 2016 00:43 UTC
Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17338127735 for <tls@ietfa.amsl.com>; Thu, 20 Oct 2016 17:43:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.021
X-Spam-Level:
X-Spam-Status: No, score=-2.021 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y-d5EGpnjanF for <tls@ietfa.amsl.com>; Thu, 20 Oct 2016 17:43:53 -0700 (PDT)
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-by2nam01on0123.outbound.protection.outlook.com [104.47.34.123]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BF3FD124281 for <tls@ietf.org>; Thu, 20 Oct 2016 17:43:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Vn34V4Y76kYl93NG/g85vUKeceVlzraCL1c6RoglrXo=; b=XJ7xzWdqZjaN5yoer8jP6FGCQOv46hdaXF/TxL8QpuelpmElR41n+ivo5lOMEOYpIXWSVEAFC23AXZmOoleXwmZUMN4GTNb4BsM7wJkV4DYIThBG+1UAFh2Y/UIaRHOq54iR2oe6jZS2h/944mB/oUbqfp4FnY/O04amFy3nwVE=
Received: from BY1PR0301MB0838.namprd03.prod.outlook.com (10.160.193.144) by BY1PR0301MB0840.namprd03.prod.outlook.com (10.160.193.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.639.5; Fri, 21 Oct 2016 00:43:50 +0000
Received: from BY1PR0301MB0838.namprd03.prod.outlook.com ([10.160.193.144]) by BY1PR0301MB0838.namprd03.prod.outlook.com ([10.160.193.144]) with mapi id 15.01.0639.019; Fri, 21 Oct 2016 00:43:50 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: Eric Rescorla <ekr@rtfm.com>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] SNI and Resumption/0-RTT
Thread-Index: AQHSKzLpp1if3oZyr0eklNKSlm6JUqCyEPyw
Date: Fri, 21 Oct 2016 00:43:50 +0000
Message-ID: <BY1PR0301MB08382DA7C63232F9DD074D548CD40@BY1PR0301MB0838.namprd03.prod.outlook.com>
References: <CABcZeBNroww_zA0BRsMrZPMCrF42b2OZPsQNZ9w0bjPoF+fSHw@mail.gmail.com>
In-Reply-To: <CABcZeBNroww_zA0BRsMrZPMCrF42b2OZPsQNZ9w0bjPoF+fSHw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Andrei.Popov@microsoft.com;
x-originating-ip: [2001:4898:80e8::1d2]
x-ms-office365-filtering-correlation-id: ac8ab9a3-ddee-454f-2baa-08d3f94b5372
x-microsoft-exchange-diagnostics: 1; BY1PR0301MB0840; 7:s4c4iqwv+z7xAXg+Hh6Zi0Cd0nhyo532BHL2mDuViXf2tVFlyDhgYCVP+MNHD4p2yTgWOO8MB9v9yj8lBkbiBYvvrtDhjkTLW6TAtlkkCH3MbgMiHq7N9nBY4ML4bAo7C3gL5WRbJTDSfnHmTrKbo/BOcUbUddCS0GysffXcxionBk6i6uQSEKRg8eQ2UhPtGaVDrf2E+k/HLQPZ4OVg3dp5G+9HdY70Cfc0KyYDe5w14ZnY7ae8t4+UHIJVVLNyHKpNSF97RAOLuxAFFKckn8tZOsOvjcsRcOcJgcxFcJtF28oFfFqE30sKsKHhBi0wR0DgL0P0gEwe6WHP3mnMzXxyqLjeIhp9IaQK7DrnulE=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY1PR0301MB0840;
x-microsoft-antispam-prvs: <BY1PR0301MB0840EEDA4C716CCE6AC277738CD40@BY1PR0301MB0840.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(166708455590820)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425038)(6040176)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6055026)(61426038)(61427038); SRVR:BY1PR0301MB0840; BCL:0; PCL:0; RULEID:; SRVR:BY1PR0301MB0840;
x-forefront-prvs: 01026E1310
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(7916002)(199003)(377454003)(189002)(2906002)(7696004)(7736002)(2501003)(87936001)(15975445007)(790700001)(5001770100001)(74316002)(7906003)(68736007)(76576001)(7846002)(92566002)(107886002)(11100500001)(19625215002)(97736004)(2950100002)(2900100001)(189998001)(86362001)(77096005)(86612001)(10090500001)(101416001)(19300405004)(9686002)(16236675004)(5002640100001)(76176999)(54356999)(19580405001)(8676002)(50986999)(8936002)(33656002)(81156014)(8990500004)(5660300001)(10400500002)(10290500002)(5005710100001)(586003)(105586002)(122556002)(106356001)(102836003)(99286002)(6116002)(3660700001)(106116001)(19580395003)(81166006)(3280700002)(19617315012)(3826002); DIR:OUT; SFP:1102; SCL:1; SRVR:BY1PR0301MB0840; H:BY1PR0301MB0838.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BY1PR0301MB08382DA7C63232F9DD074D548CD40BY1PR0301MB0838_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Oct 2016 00:43:50.5820 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY1PR0301MB0840
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/lNL7UlEGG0hrjBJJxqVmW1qgMg4>
Subject: Re: [TLS] SNI and Resumption/0-RTT
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Oct 2016 00:43:56 -0000
Ø With that said, it does seem like there might be situations where it Ø would be useful to allow resumption/0-RTT with different SNIs. What are some example situations where resumption with a different SNI is useful? Thanks, Andrei From: TLS [mailto:tls-bounces@ietf.org] On Behalf Of Eric Rescorla Sent: Thursday, October 20, 2016 5:34 PM To: tls@ietf.org Subject: [TLS] SNI and Resumption/0-RTT We used to explicitly say that you had to check SNI for 0-RTT (but didn't say anything about resumption). On the principle that 0-RTT and resumption should be the same I removed that, but it turns out that the document doesn't actually have any rule at all other than the one we've inherited from RFC 6066, which clearly says that you can't resume with a different SNI [0]. Following the discussion in https://github.com/tlswg/tls13-spec/issues/720 I've added a statement to the draft clarifying that the RFC 6066 rule still applies [1] With that said, it does seem like there might be situations where it would be useful to allow resumption/0-RTT with different SNIs. My intuition (partly informed by [2]) is that this is something we should be pretty careful about and have the server opt-in explicitly (if at all) but I'm willing to be wrong about that. Comments? -Ekr [0] https://tools.ietf.org/rfcmarkup?doc=6066#section-3 [1] https://github.com/tlswg/tls13-spec/commit/b26093b5e9143fb61f5b619d1da78c4ba54b2121 [2] http://antoine.delignat-lavaud.fr/doc/www15.pdf
- [TLS] SNI and Resumption/0-RTT Eric Rescorla
- Re: [TLS] SNI and Resumption/0-RTT Andrei Popov
- Re: [TLS] SNI and Resumption/0-RTT Eric Rescorla
- Re: [TLS] SNI and Resumption/0-RTT Andrei Popov
- Re: [TLS] SNI and Resumption/0-RTT Eric Rescorla
- Re: [TLS] SNI and Resumption/0-RTT Martin Thomson
- Re: [TLS] SNI and Resumption/0-RTT Ilari Liusvaara
- Re: [TLS] SNI and Resumption/0-RTT Martin Thomson
- Re: [TLS] SNI and Resumption/0-RTT Martin Rex
- Re: [TLS] SNI and Resumption/0-RTT Ilari Liusvaara
- Re: [TLS] SNI and Resumption/0-RTT Martin Rex
- Re: [TLS] SNI and Resumption/0-RTT Ilari Liusvaara
- Re: [TLS] SNI and Resumption/0-RTT Ilari Liusvaara
- Re: [TLS] SNI and Resumption/0-RTT Christian Huitema
- Re: [TLS] SNI and Resumption/0-RTT Ilari Liusvaara
- Re: [TLS] SNI and Resumption/0-RTT Christian Huitema
- Re: [TLS] SNI and Resumption/0-RTT Andrei Popov
- Re: [TLS] SNI and Resumption/0-RTT Victor Vasiliev
- Re: [TLS] SNI and Resumption/0-RTT Kyle Nekritz
- Re: [TLS] SNI and Resumption/0-RTT Martin Rex
- Re: [TLS] SNI and Resumption/0-RTT Benjamin Kaduk
- Re: [TLS] SNI and Resumption/0-RTT Victor Vasiliev
- Re: [TLS] SNI and Resumption/0-RTT Victor Vasiliev
- Re: [TLS] SNI and Resumption/0-RTT Martin Thomson