Re: [TLS] More clarity on resumption and session hash

David Benjamin <davidben@chromium.org> Fri, 29 May 2015 18:14 UTC

Return-Path: <davidben@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 811801B2BAA for <tls@ietfa.amsl.com>; Fri, 29 May 2015 11:14:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.388
X-Spam-Level:
X-Spam-Status: No, score=-1.388 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M3cK_ga2oh6t for <tls@ietfa.amsl.com>; Fri, 29 May 2015 11:14:40 -0700 (PDT)
Received: from mail-ig0-x233.google.com (mail-ig0-x233.google.com [IPv6:2607:f8b0:4001:c05::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A2981B2BA8 for <tls@ietf.org>; Fri, 29 May 2015 11:14:40 -0700 (PDT)
Received: by igbpi8 with SMTP id pi8so21058145igb.0 for <tls@ietf.org>; Fri, 29 May 2015 11:14:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-type; bh=nXEyYfGc5PJ3EeCVOUiNchK2Z6S8UU0uUpeOtNhM9Fo=; b=jL3Thc1NYU9cisBpqjYDP5lqpAWKs0/zemFMtpg+dhgJKGt7mOo+4GArbXqzAkoLzM llVuDcIBMdISAEyqZ9nM1KfsZrMUyqc0VNr67ruPoPTgZVngYQULDteUgwKdiOh5VHm3 PSoTe6/S+O9VGe4B7D8Kvi7tjUynTVzRg3q1o=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-type; bh=nXEyYfGc5PJ3EeCVOUiNchK2Z6S8UU0uUpeOtNhM9Fo=; b=Z1yM3P77mGs/ORQUuNfZKqqNFWG8XlHuraUW/EItzd+5FcFg1GNarqsbv92G/PTpjX TiO0gL9sIBGcR9YkqpRpRqXdNRfe0y07qgC7zXUQZfBqpicvm00k9K+cg4IA9OEOV0nc +1UWk5RRZ1zKAyBraXmtUAOtj+ISf8QnMV+jsPDLkUSfULmgpr7t3xOCQriPADM6sk32 TZvtCO/LVJh6zrrgT/0vhqGT6VzldiopcPY++z6xM6bkodTvWcJZVMsNQ6Gkedn5MoHP 7vvthXq/ySeEmkPQ1kcrOK5u2P5IIeRhCM0u/+UiFdllyjhOKc88COHZXX+B0cvayNp1 po3g==
X-Gm-Message-State: ALoCoQl0SqCc5YOMPEIaqIRr3JPb8qBQmFauubxAM9PHbbtOBmX7GDl9mHhvFPfyP0Z3B9G1xENK
X-Received: by 10.107.137.80 with SMTP id l77mr11435484iod.92.1432923279719; Fri, 29 May 2015 11:14:39 -0700 (PDT)
MIME-Version: 1.0
References: <CABcZeBM9UGZoifzDZZ3METMJJHa1ueX9CdHiccYTDW5UVC3RrA@mail.gmail.com> <20150527172329.GI27628@localhost> <CABkgnnUb5jDMMchxDxun_Kp9hYJ8_YFK_URrE=bXE8oej=zYCA@mail.gmail.com> <CABcZeBO6=V8HFTnr82_tt63HQiwSjeSJ-o-hS3sr_tUnO-Jy5g@mail.gmail.com> <CAF8qwaBori2QARe4Xz0aoV2OnQoyXvxGYT03YFvSwGeC9eRZUw@mail.gmail.com> <f7a4a15a0d5d4c859be1193ce5dcd313@ustx2ex-dag1mb2.msg.corp.akamai.com>
In-Reply-To: <f7a4a15a0d5d4c859be1193ce5dcd313@ustx2ex-dag1mb2.msg.corp.akamai.com>
From: David Benjamin <davidben@chromium.org>
Date: Fri, 29 May 2015 18:14:29 +0000
Message-ID: <CAF8qwaB5dqfgvzNduDtjerBKf2Uk=YMcoy+m0nW2zp-idmcj+g@mail.gmail.com>
To: "Salz, Rich" <rsalz@akamai.com>, Eric Rescorla <ekr@rtfm.com>, Martin Thomson <martin.thomson@gmail.com>
Content-Type: multipart/alternative; boundary="001a113ec86414378c05173c73b2"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/rSsVCv0d__tfaeSF6t4WvXbU7io>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] More clarity on resumption and session hash
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 May 2015 18:14:41 -0000

On Fri, May 29, 2015 at 2:09 PM Salz, Rich <rsalz@akamai.com> wrote:

> > I poked a bit more and I was mistaken about OpenSSL's d2i_SSL_SESSION
> behavior: Although it does ignore the structure version, it will fail the
> parse if it sees elements at the end of the structure it doesn't understand.
>
> We'd like to change this.  Allow applications to append their own data to
> a session is very useful.
>
> (We is probably my employer submitting patches to OpenSSL which someone on
> the dev team like me will review.()
>

This is somewhat tangential, but this seems a bad idea. Having applications
squat the same namespace of tag numbers as OpenSSL will break when OpenSSL
internally adds more fields to the end. If you want applications-specific
data in the session, either the application should serialize and
deserialize a wrapper structure that happens to contain a serialized
SSL_SESSION, or explicitly introduce an OCTET STRING hole to stuff opaque
application-specific data into.

David