IETF Logo Mail Archive

Re: [TLS] [EXTERNAL] Re: Narrowing allowed characters in ALPN ?

Andrei Popov <Andrei.Popov@microsoft.com> Thu, 20 May 2021 16:45 UTC

Return-Path: <Andrei.Popov@microsoft.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 984A33A1E40 for <tls@ietfa.amsl.com>; Thu, 20 May 2021 09:45:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.787
X-Spam-Level:
X-Spam-Status: No, score=-2.787 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.698, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_SPF_HELO_TEMPERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4j10dWvHi2kp for <tls@ietfa.amsl.com>; Thu, 20 May 2021 09:45:26 -0700 (PDT)
Received: from outbound.mail.eo.outlook.com (mail-oln040093003006.outbound.protection.outlook.com [40.93.3.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 462653A1E3B for <tls@ietf.org>; Thu, 20 May 2021 09:45:26 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BIPPa9BGo9kmxWHwdjX8gZ4ovzucVxH4UkjZgBBUNUwxZgn8TIznOtSlBvlEqqE6zX0TF+SdJ+wUW6HbAE4l71TD1038hbDs0exsOk22OMkle1nd+cysneh6nbEWMPJNj6AzhiLFmFFV5uGIrWXkydFa5qTh/gPl9hoOE6X+59AaIqsqpDF+ZCgkkOIFYqXTdPEL2J0iC3CnqblEro0+ZAAzuVWSkyxgD6u36rQM+LX8ytrxUM1gdYVwZUAEOg0am471vbBN4+Lcbu1Xh1qTB5DLtqrMAnIr8cZ0RKCxrXq/3d18xM8dyTFOszW81Sgxy1BVWQdFj/32X3J4urqSPg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=aBGfLRic1S3AiKosTlPFJpvVoU+9x+JnWIKT7/ktui8=; b=FE/pVk5PYkGQdWMrgWu4C/TNgTgJB92xmdniC8Q7xRi3PSLo9Lkl8Zz0W2/KiJsdp+cX2vKEiQIZ6BGvU0xXgMGpUpGS/e5oT/paRp5D45yKbnvtpZnXAz6b+N5+LDRh4PcUgauvenM8to+iGhTWC6O7FmCXAHCr2DPsCDm3od6eiLRpjGc4qG9WGtWH5LRFwGLhDmiIixEBoplcvsQr0e/ClRBB4eX+sC+wQSQDwn+psrMJ2JaCNNHuUv+gsGetmgJTAzwpgN0j/zs1GMSw45R9lZUYVyeXU9xCULJYnVsvH2mRIe/RrP0XdU6ePE3ufrnj628qCEnf1X7mrck/UA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=aBGfLRic1S3AiKosTlPFJpvVoU+9x+JnWIKT7/ktui8=; b=NucebT+8Qt57VGYDl6nRG7y3nM3rjPaP9h+zjtjU+G2/W0yNGQg4/b0CTpL8qbN4Fb4D/NnMZanmX3V2DNVxRK0Nh8AA4T8wItzXe74tExn3sQX22Ob2y1ImLwehKpPvo6GW1OPjB30/Nq0pTVNAkTSeV0nY4mIFGTLZlo0oec4=
Received: from DM6PR00MB0713.namprd00.prod.outlook.com (2603:10b6:5:21c::17) by DM6PR00MB0570.namprd00.prod.outlook.com (2603:10b6:5:16c::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4193.0; Thu, 20 May 2021 16:45:23 +0000
Received: from DM6PR00MB0713.namprd00.prod.outlook.com ([fe80::1c6b:50f7:3a82:3700]) by DM6PR00MB0713.namprd00.prod.outlook.com ([fe80::1c6b:50f7:3a82:3700%3]) with mapi id 15.20.4193.000; Thu, 20 May 2021 16:45:23 +0000
From: Andrei Popov <Andrei.Popov@microsoft.com>
To: "ryan-ietftls@sleevi.com" <ryan-ietftls@sleevi.com>, "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [EXTERNAL] Re: [TLS] Narrowing allowed characters in ALPN ?
Thread-Index: AQHXTP6bYjktU9L9lEysOrJ7y6xNf6rr32SAgAAT0wCAAJ7SkA==
Date: Thu, 20 May 2021 16:45:23 +0000
Message-ID: <DM6PR00MB0713CB495B3FFEFCA0DD95338C2A9@DM6PR00MB0713.namprd00.prod.outlook.com>
References: <CAKC-DJjSq2sVKsJphX4QQBHOBojnTVHNE-wkdnZyZtv8NiGpQA@mail.gmail.com> <B3472BAC-AB21-4E5F-B18D-DC7179E4EA8F@akamai.com> <YKX5vXDSHrvVzHy6@straasha.imrryr.org> <CAErg=HH5DfBpkPx48NKy4air1N1FKiwVCttYz5ddCfw+K3eQuA@mail.gmail.com>
In-Reply-To: <CAErg=HH5DfBpkPx48NKy4air1N1FKiwVCttYz5ddCfw+K3eQuA@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ActionId=0bb63909-c92c-46db-87f3-776953806ec2; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=true; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=Internal; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2021-05-20T16:34:32Z; MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;
authentication-results: sleevi.com; dkim=none (message not signed) header.d=none;sleevi.com; dmarc=none action=none header.from=microsoft.com;
x-originating-ip: [50.106.23.3]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: ee743bf9-c739-4249-426c-08d91baea9fa
x-ms-traffictypediagnostic: DM6PR00MB0570:
x-microsoft-antispam-prvs: <DM6PR00MB05703F493EA900B762F21A0F8C2A9@DM6PR00MB0570.namprd00.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:7691;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: VBAxBgAqOli5EKnnfAb4UHzTnXntADTA5DHsPnfPRvpgrov0f13q7KBCuWuwEY8bGBlM813vgo4uy547ya7AwZp99es4SJeK5wAyVkZDuG2uvB0+bPHJkLxgpBPYuf0SaRBsrMl4PoXD7gEGx/O3iZT6CnodmmhTf5PZxMqAuNLhIJSg4PGWEAHsALVVwdHPwFoAEgoLY2eQTzh1b5pCQiwnx9BMSNMelysmt+Hhg9GnkewtEpMLlMajq1j/Jvlm1qSG3A7bZR07N5+OBq7W2Jk//rtR11MQhlbfKoUEF5ewefJUFMtxCkQ4XqMIe7uhGVs2u/2+xlNh13gMEhPOnJ3vj6KRs+SUX0u8HmuzpppXPzBq+M8mavdBkE4l4qiWGcqCEeNFPqRBe47O+X5vh3Nf+Rp4COT5gKQxXlp8WByO+MYAyOo/aWNx2J2hM2fs0y7wOKEURZIb5e8GW/+yHHAjOBVMEHEWq3mHcQdb7VLKOtd1Ko6+i/ldcDSmoQr0DzXQg9N7rcUmNQfB2pLMWdVzFFpWD4tQF5EmySL4imReR7T/iSHYM3wqvq20u7eSNu7fB6/TN7FAhtB6RZTY2G5yZrTP4D1pJ1oFW4UuqfSqnNOiudlXRfI6KPd4VmxYoqZ9tCs+CcwQkxdeEW8frQ==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR00MB0713.namprd00.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(110136005)(316002)(38100700002)(9686003)(55016002)(478600001)(122000001)(186003)(33656002)(10290500003)(8936002)(82960400001)(71200400001)(76116006)(66446008)(64756008)(66556008)(66476007)(8676002)(66946007)(7696005)(8990500004)(86362001)(6506007)(83380400001)(5660300002)(2906002)(53546011)(26005)(82950400001)(52536014); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 3
x-ms-exchange-antispam-messagedata-0: Qey3uxmWBcGyDsp8inEOVTL/1142+9ANZf4xuSOueXg22a1RgLsCLOIPwRwG3urAYxFGRVaum29jlg168w3SiahRBRsm4rtY9/zszfTM0WvUMJwWbLEpGZws5qptgSAg/CDqjZ1L4ccWvqLEcb+tKF9L1+0dlljywZQXPmXmSgWNmIDkPdi0FohbdojgewZVFBzQMgRduifjY0DucKMu0adfwJ9OffGsRub+Hk0ZEB6FQmIu526mKAaBZiUv34kxn6W7ciltkKMTpaVKRqVp1jxVM+xLEZXRgKg2rVisVjJbQKLY7Zeyj7CfQh6Mak7GgcJIl3mJpyQgfcFg1r+hGBMnE3dyusJtftcsUH+fu/BBi8hLj4vHd3he/p/9f5Z+P0DNvxwTUZuULgTbXP5Qk/LXVB1GCzPW376AW90NztfopZIln6/+1WbeeXOSr2E/CxKWEVUL275qJKB9LGr7ktYqGQx28PwjyVGQuIfG6XtWS0h+K46v
x-ms-exchange-antispam-messagedata-1: UNRKRlTiWIMJiJ/u2hBFcseRt519GcSskCaGf+3pElG2WNZq+XTbn5upfhhDnuJaH3x1rQ9y0noZ0dPFJgMh7t3DXCTuMskJR+PE5AlJ74cJKhoqrgv0HVBZo/hEA++PTKuV+eHHtQ+S8zEwevNreXigydHiQJtAZ/02itgiaDqTz7fJM4znu6nFtn1dgirdRbqt/zMOHPtCmeGiYfX8S2J+E+7exw6EinBKyKAFZSp0EjQj6GkprCiiEy0YSAMUe2gTtjFVf/hMtOF7QNXiWZ1Y1SqGgk/1+Tn+f35nlwZW9ww2r0DlUM+drMypsB5LR8Z7YakzCqGwRDFBq+4hAD2Vef9/CQ1CsPJwNub9l6RxPi0rRcgdmPM+hSAFaqIrINenTUJnXaE0t5bO5EGH7qw3cslYjM9KS+i0sYcbjMPPZGyB6KGms1L3pnOP71VjBB+Qr8WKkYzmAnUf3Z8bjtZOa9sBelgR4bjAarv/cfEwctFnxEid
x-ms-exchange-antispam-messagedata-2: llXW9WU3eHLaGjc1rWfb/ijQbZSazTraXMJu34XmTwIEHBT4CpZ2+DxTulti4pltdfoP0fkV9gnYTuqaMaJUZahvCwa3jGSXlPq/sjS2nBPiScn3a4qmfF0yIIHQTV9RextlyXez6VRq51nZAIWpVjlclCQbBTCDQk0+SlxHOmKvFOG0m4EKV2ebRLD1FPDwkKnEapTqs55GetFv9I9WFNuH2Qa4s6KOUD1xF9I2nunzDGGf8aLbjA4E4pzfA5eP3I58sjTmFzd/c6vhBzNxnTwVYUyjfugw4YPEA5l7sEiD8Rr5ajUCr71/EjA/J8BgmD0=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_DM6PR00MB0713CB495B3FFEFCA0DD95338C2A9DM6PR00MB0713namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DM6PR00MB0713.namprd00.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ee743bf9-c739-4249-426c-08d91baea9fa
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 May 2021 16:45:23.8928 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: xi7rUbUNgidtqXXryVFK3ckyvjA4/V38WXibpk5i4OYmeQuwNhwTQ/ZqV6HQRU6jPFDDoiqYMs0HlATGI8uNtw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR00MB0570
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/laBSHAq7Ds8xC2LUuv0ykd8sg4s>
Subject: Re: [TLS] [EXTERNAL] Re: Narrowing allowed characters in ALPN ?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 May 2021 16:45:31 -0000

+1 what Ryan said. Especially the point that added restrictions aren’t a viable path to better interoperability.

ALPN IDs are byte strings; the fact that some of them can be displayed as ASCII character strings merely reflects the fact that those ALPN IDs were chosen by humans😊.

Cheers,

Andrei

From: TLS <tls-bounces@ietf.org> On Behalf Of Ryan Sleevi
Sent: Thursday, May 20, 2021 12:06 AM
To: tls@ietf.org
Subject: [EXTERNAL] Re: [TLS] Narrowing allowed characters in ALPN ?



On Thu, May 20, 2021 at 1:56 AM Viktor Dukhovni <ietf-dane@dukhovni.org<mailto:ietf-dane@dukhovni.org>> wrote:
On Wed, May 19, 2021 at 10:29:43PM +0000, Salz, Rich wrote:

> I support limiting it.

I concur.  These are not strings used between users to communicate in
their native language.  They are machine-to-machine protocol
identifiers, and use of the narrowest reasonable character set promotes
interoperability.

I'm not sure I understand this. Could you expand further how adding more normative restrictions promotes, rather than harms, interoperability?

The fact that, as you highlight, they are machine-to-machine, seems like the greatest path to interoperability, because they shouldn't be assumed to be "human-readable", and because as specified, no other validation needs to be performed by either party. They should simply be treated as they're specified: an opaque series of bytes. Conversions to text strings or transformations such as character sets seems like fundamentally misunderstanding/misusing them, rather than being a thing to support.

The idea of restricting the character set seems like it only opens the door for less interoperability and more complexity. For example, senders need to make sure they're sending within the allowed character set (meaning validation before transmission), and receivers that wish to avoid malicious peers need to similarly validate the identifiers before exposing them as to API callers. This then adds complexity to the API design, as "no fail" operations now become "maybe fail" (e.g if a caller attempts to call with an invalid character string), and that propagates throughout the design of systems (e.g. config files that may fail to load now).

It seems there's a parallel here to the discussion about whether HTTP/2 should have been a text protocol, like HTTP/1.1 and its predecessors, which had similar arguments to what's being raised now, versus the binary protocol that was ultimately adopted.

If the argument is that the extensibility has already rusted shut because the ecosystem ignored the spec and we didn't GREASE it by using ALPN identifiers that actually behaved as opaque bytes, then we should at least make an effort to document why and when that happened, so that mistakes like that can be avoided in the future.

v2.23.0 | Report a Bug | By Email