IETF Logo Mail Archive

Re: [TLS] RFC 6066 - Max fragment length negotiation

Hannes Tschofenig <hannes.tschofenig@gmx.net> Tue, 21 March 2017 14:55 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B3FD1299C2 for <tls@ietfa.amsl.com>; Tue, 21 Mar 2017 07:55:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.397
X-Spam-Level:
X-Spam-Status: No, score=-5.397 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-2.796, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1Erv7IcDyUJt for <tls@ietfa.amsl.com>; Tue, 21 Mar 2017 07:55:03 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 23294127011 for <tls@ietf.org>; Tue, 21 Mar 2017 07:55:02 -0700 (PDT)
Received: from [192.168.91.181] ([45.59.213.66]) by mail.gmx.com (mrgmx103 [212.227.17.168]) with ESMTPSA (Nemesis) id 0M85r3-1bv3ht03Rx-00vhIy; Tue, 21 Mar 2017 15:55:00 +0100
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
To: Joseph Birr-Pixton <jpixton@gmail.com>, tls@ietf.org
References: <CACaGApnuePX7x4_4nj=z6=+xXbEyHRL9yr7TW96_yxVDo2eKkw@mail.gmail.com>
Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9
Message-ID: <45202253-54c1-1f71-3ec6-bba708e9bdd2@gmx.net>
Date: Tue, 21 Mar 2017 15:54:57 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0
MIME-Version: 1.0
In-Reply-To: <CACaGApnuePX7x4_4nj=z6=+xXbEyHRL9yr7TW96_yxVDo2eKkw@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="HWRElXPdsQagIkaQiTk4Jti2HU0fiNlfc"
X-Provags-ID: V03:K0:56/6O6RfcPtpUDA4PF2FlmCT+XZqUuNnRo1cvGgweboeEwBRlkH 4luxDuXS7ywKkqAo3xGGEaYWmc6Y4XWyhJYmLx9OYMVyOo4yBotQsViADAHtngmCywFGG9G UzzDf8UP0O8+GLH/r6bgS6UiPWugDrNh4f+4CBgMGV3rrdhtRByQI2QQJni+/pLa4kp7rgz pE0SJZnuZ60TxlHj90kHg==
X-UI-Out-Filterresults: notjunk:1;V01:K0:oJOyptHeR6Y=:cySo7FfsytqiOICCxRGLzO YyAXoGck49qsOUSaITl8FQGI0rt8xgAQMYQcT57g5NggJgYYI5dZcr1BBNAWU2TP+KXRRFs2z HfKh8aJ2Wa6nS2u2jALprcF2ZNsHDqkI9GVrJYU7n7OTNd32BHw9eppoOAgohKtFCeYm73li/ N7ou3duEr0B6/qvRatSSqeLlFdVABzbOPe9ECGrjNbfpWfzIFIGOaI00wl4fo+AeLwR7Q2BeH faEtSv//uUOoFaOfai3DYzxuoigv0/4ohk/TrLXMrropgoRVS2qHU3w/jVXLJ61p4yHwKb3xM 3J5MvF3j2on9iVhMKNShGp5kASQeJFQZ2gmYpYHeovVb2ODzAiKbKnNjUJRw4fzhb988V9hi6 B55hl0eyq89tU2R//8L5SBLEE/dcQgg6M14ixqGZ2/H62Hqnk2QL/ifJ0r1y28sIFCr+jvtzi O/sdfVQ8/JZnA9TgtzA450RJm0NoKYED4k21xkNriAwBK52taTsbus1KzagwythdoZik7sCJY fqsk8z6L6nMblZ8ljQtG82qA/nz0yHBvSrhsIrmjWqfCR/bEkx9HZEOs/0QgVESGVAd1c1+oe sK/cZKIUxqG1Ejf95BkzeMbpvxG9h+d5mk3A2S+8PJTENI3A1Qx7leW8+eRQHtB2m4jJbRLw8 /PKCT/V++tm5q5kp10olggViF+wDJv0yP3JUjHo4L5M5GRMBiObDwLV+gG9AVB8LYeydyXvmc DRMwZwwagOAePfDsE2x7AZvauOPO0+AIrtnYi0+7fRblXTjVySkfNgwbHYM=
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/mwQ1-ZnuN_UKlSnp503Lhe0qNkw>
Subject: Re: [TLS] RFC 6066 - Max fragment length negotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Mar 2017 14:55:06 -0000

Hi Joe,

On 03/18/2017 10:17 AM, Joseph Birr-Pixton wrote:
> With the greatest of respect, mbedtls *doesn't* implement
> max_fragment_length[1], because it doesn't fragment handshake messages
> as required by the spec. Attempts to use it with a conforming peer
> will fail to handshake.

while I am waiting for my mbed TLS coworkers to respond I have been
asking myself what the MFL extension of handshake message can really
provide. For example, the certificate message is typically one of the
largest messages in the TLS handshake. If it is too large to fit in a
buffer of the client then what should be done? As a client I cannot
verify just half of a certificate. Of course, if it possible to avoid
sending a long certificate chain but this is subject to deployment choices.

While I can see some use of the MFL extension in the handshake protocol,
for example, in the selection of the ciphersuite or in deciding whether
multiple messages should be concatenated into a single datagram I fear
there is typically much less room for maneuver compared to the
application layer protocol.

Ciao
Hannes

v2.23.0 | Report a Bug | By Email