Re: [TLS] Headerless records (was: padding)

Martin Thomson <martin.thomson@gmail.com> Tue, 25 August 2015 15:28 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ABE361B3282 for <tls@ietfa.amsl.com>; Tue, 25 Aug 2015 08:28:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1IYQ8A7jawzf for <tls@ietfa.amsl.com>; Tue, 25 Aug 2015 08:28:45 -0700 (PDT)
Received: from mail-yk0-x233.google.com (mail-yk0-x233.google.com [IPv6:2607:f8b0:4002:c07::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5F4E91B3240 for <tls@ietf.org>; Tue, 25 Aug 2015 08:28:45 -0700 (PDT)
Received: by ykbi184 with SMTP id i184so160001368ykb.2 for <tls@ietf.org>; Tue, 25 Aug 2015 08:28:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=Km8mHBq44kBUHqnc1FNX7pqBy69e/zTcnFAbD77Feik=; b=yg4e/a5q6ytspgFgN1l5ObHAddIHlGokbE5hQ/c9qG213siapVTVOBr24Jc9gwsDjY 34HZxZM1lHTa59edPE9rS0twuivbMUImcaEW+XUCgSTEmhXUrCoR2ufPdZR+uRZ5uhQw WV+7mwAjVRgyzducUpj/oaZeBRWjE8nvISt+/3tZIYpJb2LwF57K0lY5f+JZRu9Yc5D2 9qL5Hqe+pz7iWx3F9Mmz86abjJEY2iCd3WVnynjWg9aXfrQZJfNVpcjA9ObOvq2Pxgd9 sFbLutI9MQwoS+k+rKMpbI7Ui63gPFRnbQFEVG2Nr4PvoAOyi4pJzCWo/DdkrAumcM7B 7TgQ==
MIME-Version: 1.0
X-Received: by 10.170.165.193 with SMTP id h184mr38410484ykd.1.1440516524763; Tue, 25 Aug 2015 08:28:44 -0700 (PDT)
Received: by 10.129.133.130 with HTTP; Tue, 25 Aug 2015 08:28:44 -0700 (PDT)
Received: by 10.129.133.130 with HTTP; Tue, 25 Aug 2015 08:28:44 -0700 (PDT)
In-Reply-To: <20150825144210.GD9021@mournblade.imrryr.org>
References: <CAH8yC8nQKzht4g6+FwvmN1ULCz3a+2j=0UF4h=8h71XbcVjFDQ@mail.gmail.com> <201508222028.46145.davemgarrett@gmail.com> <CA+cU71kS=x7_hVRXb8Q8m=DmqMaM65GaEn1SnzH_fQHP9mzyqA@mail.gmail.com> <201508250004.36291.davemgarrett@gmail.com> <CABkgnnX+S5De7pBC_VChz15daNcSpxgF6_ofxdPAv2vhpFigSg@mail.gmail.com> <CAJU8_nVd7sV-=9g231c2fo0vun52BgJ5NOxkpBXQn+Z8-RNPqg@mail.gmail.com> <20150825144210.GD9021@mournblade.imrryr.org>
Date: Tue, 25 Aug 2015 08:28:44 -0700
Message-ID: <CABkgnnWOBanc_eci=_7iM_L57i-pEpsNWGrrp7Y_eTFV6Unv8Q@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: tls@ietf.org
Content-Type: multipart/alternative; boundary=001a113a9160c07415051e2463d8
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/pEzSfs0QRi934vpMZw5xM6rciHU>
Subject: Re: [TLS] Headerless records (was: padding)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Aug 2015 15:28:46 -0000

On Aug 25, 2015 7:42 AM, "Viktor Dukhovni" <ietf-dane@dukhovni.org> wrote:
> SSH now has ciphersuites where the payload length is encrypted,
> IIRC via a key that is different from the payload key.
Yeah, I'm not that enthusiastic about that feature, but if you want more
complexity, it is possible. The authentication properties are interesting
there, of course.