IETF Logo Mail Archive

Re: [TLS] I-D Action: draft-ietf-tls-ticketrequests-02.txt

Nico Williams <nico@cryptonector.com> Wed, 02 October 2019 23:04 UTC

Return-Path: <nico@cryptonector.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 072C812010D for <tls@ietfa.amsl.com>; Wed, 2 Oct 2019 16:04:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cryptonector.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vs_R1wJWPttY for <tls@ietfa.amsl.com>; Wed, 2 Oct 2019 16:04:11 -0700 (PDT)
Received: from aye.elm.relay.mailchannels.net (aye.elm.relay.mailchannels.net [23.83.212.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 174A61200F4 for <tls@ietf.org>; Wed, 2 Oct 2019 16:04:10 -0700 (PDT)
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id A21BFE055D; Wed, 2 Oct 2019 23:04:09 +0000 (UTC)
Received: from pdx1-sub0-mail-a97.g.dreamhost.com (100-96-8-30.trex.outbound.svc.cluster.local [100.96.8.30]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 395D0E05B6; Wed, 2 Oct 2019 23:04:09 +0000 (UTC)
X-Sender-Id: dreamhost|x-authsender|nico@cryptonector.com
Received: from pdx1-sub0-mail-a97.g.dreamhost.com ([TEMPUNAVAIL]. [64.90.62.162]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384) by 0.0.0.0:2500 (trex/5.17.5); Wed, 02 Oct 2019 23:04:09 +0000
X-MC-Relay: Neutral
X-MailChannels-SenderId: dreamhost|x-authsender|nico@cryptonector.com
X-MailChannels-Auth-Id: dreamhost
X-Army-Tangy: 115f00d62043e02d_1570057449471_1758708564
X-MC-Loop-Signature: 1570057449471:2318745942
X-MC-Ingress-Time: 1570057449471
Received: from pdx1-sub0-mail-a97.g.dreamhost.com (localhost [127.0.0.1]) by pdx1-sub0-mail-a97.g.dreamhost.com (Postfix) with ESMTP id 3709384047; Wed, 2 Oct 2019 16:04:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h=date :from:to:subject:message-id:references:mime-version:content-type :in-reply-to; s=cryptonector.com; bh=buIg35DlUl0SpBIKS0oyR9bbWyg =; b=b37/WGdSnEUJwbA1083reLYATRndvdV4TfaCAzYzoRXjSh9nKz+3LZ1XYuC E/4a5Ac83X5wUpo/x8Npaj/ZYTIUnAR+qHpsjPV6jtEJWsr2WIEnKPCW7WVm1mHV rQPMJRFgGvuohuKtLSimlrvONsilacy71M/npOVDfbHk8dZw=
Received: from localhost (unknown [24.28.108.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by pdx1-sub0-mail-a97.g.dreamhost.com (Postfix) with ESMTPSA id C1C6C8403A; Wed, 2 Oct 2019 16:04:05 -0700 (PDT)
Date: Wed, 02 Oct 2019 18:04:03 -0500
X-DH-BACKEND: pdx1-sub0-mail-a97
From: Nico Williams <nico@cryptonector.com>
To: tls@ietf.org
Message-ID: <20191002230402.GF5002@localhost>
References: <156962803631.24993.3421537129925787732@ietfa.amsl.com> <20191001145600.GU21772@straasha.imrryr.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20191001145600.GU21772@straasha.imrryr.org>
User-Agent: Mutt/1.9.4 (2018-02-28)
X-VR-OUT-STATUS: OK
X-VR-OUT-SCORE: 0
X-VR-OUT-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedufedrgeejgddugecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucggtfgfnhhsuhgsshgtrhhisggvpdfftffgtefojffquffvnecuuegrihhlohhuthemuceftddtnecunecujfgurhepfffhvffukfhfgggtuggjfgesthdtredttdervdenucfhrhhomheppfhitghoucghihhllhhirghmshcuoehnihgtohestghrhihpthhonhgvtghtohhrrdgtohhmqeenucfkphepvdegrddvkedruddtkedrudekfeenucfrrghrrghmpehmohguvgepshhmthhppdhhvghloheplhhotggrlhhhohhsthdpihhnvghtpedvgedrvdekrddutdekrddukeefpdhrvghtuhhrnhdqphgrthhhpefpihgtohcuhghilhhlihgrmhhsuceonhhitghosegtrhihphhtohhnvggtthhorhdrtghomheqpdhmrghilhhfrhhomhepnhhitghosegtrhihphhtohhnvggtthhorhdrtghomhdpnhhrtghpthhtohepnhhitghosegtrhihphhtohhnvggtthhorhdrtghomhenucevlhhushhtvghrufhiiigvpedt
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/mV9zVyWEFS5UzncwTrUsKAzeP_E>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-ticketrequests-02.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Oct 2019 23:04:13 -0000

On Tue, Oct 01, 2019 at 10:56:00AM -0400, Viktor Dukhovni wrote:
> I've read the draft, it looks quite useful and reasonable.  It would
> be good to see this published.

+1

> I have one idea (implemented in OpenSSL 1.1.1 on the server side)
> that may be worth mentioning in this context (and perhaps even the
> draft):
> 
>    - By default, OpenSSL TLS 1.3 servers only vend multiple (two)
>      tickets on full handshakes.  Resumed sessions issue just one
>      ticket.
> 
> This avoids unbounded linear growth in the number of tickets vended
> to a client that makes many resumed connections even after reaching
> its peak connection concurrency.

Dumb clients that say they want so many tickets on resumption, and then
store them all, and don't clear out older tickets fast enough... can get
DoSed by a server than gives them what they asked for.

This probably warrants a bit of text on the matter.  Probably a SHOULD
saying that clients should ask for only one ticket in resumptions (i.e.,
not use this extension) unless they are short of tickets.

Nico
--

v2.23.0 | Report a Bug | By Email