Re: [TLS] Fully encrypted and authenticated headers (was Re: Encrypting record headers: practical for TLS 1.3 after all?)

Jeff Burdges <burdges@gnunet.org> Fri, 04 December 2015 16:21 UTC

Return-Path: <burdges@gnunet.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B75F01A8982 for <tls@ietfa.amsl.com>; Fri, 4 Dec 2015 08:21:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.55
X-Spam-Level:
X-Spam-Status: No, score=-6.55 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_FR=0.35, RCVD_IN_DNSWL_HI=-5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cmu87ZQcAZn7 for <tls@ietfa.amsl.com>; Fri, 4 Dec 2015 08:21:02 -0800 (PST)
Received: from mail2-relais-roc.national.inria.fr (mail2-relais-roc.national.inria.fr [192.134.164.83]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2022E1A8981 for <tls@ietf.org>; Fri, 4 Dec 2015 08:21:01 -0800 (PST)
X-IronPort-AV: E=Sophos;i="5.20,380,1444687200"; d="asc'?scan'208";a="190472285"
Received: from torsrvs.snydernet.net (HELO localhost) ([91.213.8.236]) by mail2-relais-roc.national.inria.fr with ESMTP/TLS/AES128-GCM-SHA256; 04 Dec 2015 17:20:53 +0100
Message-ID: <1449246126.2558.72.camel@gnunet.org>
From: Jeff Burdges <burdges@gnunet.org>
To: tls@ietf.org
Date: Fri, 04 Dec 2015 17:22:06 +0100
In-Reply-To: <071D813D-E2DD-48B6-8A53-52DC919F7401@gmail.com>
References: <56586A2F.1070703@gmail.com> <FB2973EF-F16C-404A-980D-CA0042EC4AEB@gmail.com> <565DBC63.5090908@gmail.com> <565DC935.2040607@gmail.com> <CADqLbz+HqnaFKbi4bOVRqSSmOWDhi2hQDaVCxaNgQ+O1XjkqFA@mail.gmail.com> <565E1517.3060209@gmail.com> <CADqLbzJeKWVdcaA5U0vf19X4Wj3DweeJ+B0dRebsnYVy8L8=iQ@mail.gmail.com> <9BDDC23D-1039-4C75-BF32-57330317BCAB@gmail.com> <7F6CAD8F92F54AD5A4F6B14D5F471740@buildpc> <071D813D-E2DD-48B6-8A53-52DC919F7401@gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="=-bPYb8nsgMSy8nEy+9KRb"
X-Mailer: Evolution 3.16.5-1
Mime-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/oRLSVV0H6qpGAWH2boZvreSLyJM>
Subject: Re: [TLS] Fully encrypted and authenticated headers (was Re: Encrypting record headers: practical for TLS 1.3 after all?)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Dec 2015 16:33:15 -0000

Bryan Ford <brynosaurus@gmail.com> wrote : 
> 2. The 2-byte length field in each record's header no longer 
> indicates the length of the *current* record but instead indicates
> the length of the *next* record.  The length of the first record
> might be defined in a new field we add to the handshake/key-exchange
> protocol, or it might simply be set to some well-known standard first
> record size.

Using a standard size for the first message sounds like an amazingly
good idea, irrespective of whether the idea of each message containing
the next message's size works out.  Any thoughts on how big this first
message should be? 

Jeff