IETF Logo Mail Archive

Re: [TLS] Resumption and Forward Secrecy, 0-RTT and Safety

Ryan Hamilton <rch@google.com> Mon, 28 March 2016 22:49 UTC

Return-Path: <rch@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1184012D594 for <tls@ietfa.amsl.com>; Mon, 28 Mar 2016 15:49:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.71
X-Spam-Level:
X-Spam-Status: No, score=-2.71 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nB2YrVF8FH8D for <tls@ietfa.amsl.com>; Mon, 28 Mar 2016 15:49:54 -0700 (PDT)
Received: from mail-wm0-x230.google.com (mail-wm0-x230.google.com [IPv6:2a00:1450:400c:c09::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9E76012D586 for <tls@ietf.org>; Mon, 28 Mar 2016 15:49:50 -0700 (PDT)
Received: by mail-wm0-x230.google.com with SMTP id r72so33882223wmg.0 for <tls@ietf.org>; Mon, 28 Mar 2016 15:49:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=m4M1APwoyKEY7Cb9AO/7uC9SkUifdLNPrzRXV8m6fbM=; b=OR03kO14uLhmeJJ5EEyD7Uo62fxiEdF+m2Q8GutVYVTb0u8j7QaWkWeNRzXNnoED8f g72UBMtq62cTwvDbg6PqpW+w26QBu3fA9Rvhsb0Aep33ILVyAm9NbQ4jniVOvle1GuH8 TFBoCJ+cBdy417cDCaLX57mZXpbJsALOYcy0VsyUMaxZ7UQQRuhG69No5uELPgmm+8nq HNEwpQGdWDQNcLXTpzWClfsEyPJ/vE+rvkzWJi8NPRhi5QwoeJXxm8Qn9THfneWxvRrL 2Ef+NgyMw3/cnciycv3fw+hzo6WOh0Ctive8wqztlrAChKP5Z3MFxCAOhwveobP9whKH jemQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=m4M1APwoyKEY7Cb9AO/7uC9SkUifdLNPrzRXV8m6fbM=; b=PfqsKABjgNX6/UMZrxJ7UsYRNtN7RaDS7r9gpXNAAaEvsvcqBcgbMttIS8w/kvJriA Had418WN2xTzOpPLKKeIil655rUf5wMI+lmWKwESjvR0mRVQ2VnjeFi3Qfgggr+CDxY0 9OK0PDRJUCkjUg8BlJK8eNzv50Tt9Nd1kLg9GZy3uqlmfMt8eJKIrVd4Olcam5ltTFwv +ED/caJkn1tEyAhVtGTO+V7/L8rS2vqaa0SY337Gw10tRF5huylOd3T3ZdX83I3C+MBa w62SjPKkOPhqo6Ycs9mg9HiAkHvVXojSiHQlTCznBEjmn1VKmswe9/VtEOKO7Y3YyPBi fbHw==
X-Gm-Message-State: AD7BkJLC+7f8aWo3r2H7E4lwLoASs8Aogf5oDDPcCtaqUzbJziYWn3KidkJg00RGcUcbTThJqmbnfxtCyrtxFJFz
MIME-Version: 1.0
X-Received: by 10.28.4.131 with SMTP id 125mr2453194wme.44.1459205389104; Mon, 28 Mar 2016 15:49:49 -0700 (PDT)
Received: by 10.28.27.132 with HTTP; Mon, 28 Mar 2016 15:49:48 -0700 (PDT)
In-Reply-To: <CABcZeBOLEbWeZMbNv1He=2h7Oq+GhbZvrLik-Dr=GfsNctTxOQ@mail.gmail.com>
References: <CAAF6GDeLshxG0o2_a9vPBTMtNHLNf9tynJaPPnAm2ZrAca19iw@mail.gmail.com> <7B4301E9-0282-47A3-8824-5ACC2C61910F@gmail.com> <BLUPR03MB139612FBF6332AFD3E74AB658C860@BLUPR03MB1396.namprd03.prod.outlook.com> <535576C4-F808-4937-946C-B53661F0645D@gmail.com> <BLUPR03MB139671E889569CAD5E65E27D8C860@BLUPR03MB1396.namprd03.prod.outlook.com> <CABcZeBOLEbWeZMbNv1He=2h7Oq+GhbZvrLik-Dr=GfsNctTxOQ@mail.gmail.com>
Date: Mon, 28 Mar 2016 15:49:48 -0700
Message-ID: <CAJ_4DfT28YPvjRSu=OvA6WAtiM4j_8b1GC-X417Knxha6qRawQ@mail.gmail.com>
From: Ryan Hamilton <rch@google.com>
To: Eric Rescorla <ekr@rtfm.com>
Content-Type: multipart/alternative; boundary="001a1141e8aedf809c052f23ba31"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/pqyBz81V8HcX-5OOWvjdQc0Ryr4>
Cc: "karthik@messengeruser.com" <karthik.bhargavan@gmail.com>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Resumption and Forward Secrecy, 0-RTT and Safety
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Mar 2016 22:49:56 -0000

On Mon, Mar 28, 2016 at 3:06 PM, Eric Rescorla <ekr@rtfm.com> wrote:

> Yes, I believe that this is what people want.
>
> On Mon, Mar 28, 2016 at 2:47 PM, Andrei Popov <Andrei.Popov@microsoft.com>
> wrote:
>
>> Not sending cookies/authz headers in 0-RTT would solve a part of the
>> problem, but will browser vendors go for that? I could be wrong, but there
>> seems to be considerable interest in 0-RTT Token Binding…. so folks must be
>> planning on sending tokensJ.
>>
>
​We (Chrome) definitely want this (sending cookies in 0-RTT requests), and
are doing this today with QUIC (which we can't wait to TLS 1.3-ify). ​

v2.23.0 | Report a Bug | By Email