Re: [TLS] Banning implicit CIDs in DTLS

Hanno Becker <Hanno.Becker@arm.com> Fri, 22 May 2020 09:19 UTC

Return-Path: <Hanno.Becker@arm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5CC1F3A08F0 for <tls@ietfa.amsl.com>; Fri, 22 May 2020 02:19:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=fh3tgqxk; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=fh3tgqxk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id thqVqzKfxXPn for <tls@ietfa.amsl.com>; Fri, 22 May 2020 02:19:15 -0700 (PDT)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30047.outbound.protection.outlook.com [40.107.3.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 11A4F3A08EF for <TLS@ietf.org>; Fri, 22 May 2020 02:19:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mVAAZC4I/2IhonhcVw/VI5aBeh4XoaT0E012Ra2csp4=; b=fh3tgqxkP2HsYlED9xq7mdZZO9zeozWTDJx/zz4UGsfYtFShVRphsKH26Oe7V3vaaXmVnrArAtrP9JCjdymlmtocYsY71QotqK4kZ9I4/t1Yg0KB9jYDBxgVJkgbZD3kXnkw8PlnuyLHI+r0zfGaBeta3dINsu13CXZFZKF3n0k=
Received: from AM6P193CA0104.EURP193.PROD.OUTLOOK.COM (2603:10a6:209:88::45) by AM0SPR01MB0041.eurprd08.prod.outlook.com (2603:10a6:208:e7::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.23; Fri, 22 May 2020 09:19:11 +0000
Received: from VE1EUR03FT059.eop-EUR03.prod.protection.outlook.com (2603:10a6:209:88:cafe::29) by AM6P193CA0104.outlook.office365.com (2603:10a6:209:88::45) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.25 via Frontend Transport; Fri, 22 May 2020 09:19:11 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by VE1EUR03FT059.mail.protection.outlook.com (10.152.19.60) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.23 via Frontend Transport; Fri, 22 May 2020 09:19:11 +0000
Received: ("Tessian outbound b157666c5529:v57"); Fri, 22 May 2020 09:19:10 +0000
X-CheckRecipientChecked: true
X-CR-MTA-CID: f96dda3a1e7e40ed
X-CR-MTA-TID: 64aa7808
Received: from 3f30ac2b9dcb.2 by 64aa7808-outbound-1.mta.getcheckrecipient.com id F1267131-39B6-4805-AB47-FD5A98A92EC4.1; Fri, 22 May 2020 09:19:05 +0000
Received: from EUR01-VE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 3f30ac2b9dcb.2 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Fri, 22 May 2020 09:19:05 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=coXtk3V0AbKw3vZD2IAOcEwflUMlCQO/TTDy1Gzwmph/ZGDtYpjjnLQwGdHIKamk3xGA4A1f/VFOa9LVetlf+oa2hytvLyjO3NldX6RC5xVRxFuZuOaj80hBU6bgTCZKBseOGdLObznu3ep9KLc8T4kBD+8zz8Bv3jl4qNoKrOmUJffVZW5hMd+9c6z+fbFgM5Fh414eWsnDrm8bmqWDFXOwOKh/eOzHL8Zh2cfVoWkiqvVKkmMU3MGJsWYKLz7178wAcrZF56GgCA7LLdYeS7QyRsKsWPlG7QVp4EIXb1YRR+GNpPjIVF/cv3YphOCkVXjdGPadA3qDfC19Qb6HpQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mVAAZC4I/2IhonhcVw/VI5aBeh4XoaT0E012Ra2csp4=; b=aOP2k807cWF+1KKHj1CWQKrvdQ/J+oHM98+Rh5P5wx5FKOWwg0/V4q0cul+snPh6SsyweLKQsDSmJ6ZZ8ebl6vjYc2oPOaYQo5gVO+3m/KisHnM/egsUIGbtw67b4r+ukS6ZTlAZdag6Sz/Mum5gUzBN+cTOjE/mbd0YX8rz8ffY7SvhsZ3nm6P7u9f0XQRM6DAbEeEh9mHvzvocZ4dHxULWDyG661ou9pQRSGZqHdqhxmpL0ve28H/mMbQ6gHxXMrO4Min+jxH0AGF4Va8xN73dwQPiPbzGzjrmd+L1n//kiLo7f6f7EBBcd/krg/ktLNdfLlArKempzgF1Hxn0WQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mVAAZC4I/2IhonhcVw/VI5aBeh4XoaT0E012Ra2csp4=; b=fh3tgqxkP2HsYlED9xq7mdZZO9zeozWTDJx/zz4UGsfYtFShVRphsKH26Oe7V3vaaXmVnrArAtrP9JCjdymlmtocYsY71QotqK4kZ9I4/t1Yg0KB9jYDBxgVJkgbZD3kXnkw8PlnuyLHI+r0zfGaBeta3dINsu13CXZFZKF3n0k=
Received: from DB8PR08MB5177.eurprd08.prod.outlook.com (2603:10a6:10:e3::27) by DB8PR08MB4028.eurprd08.prod.outlook.com (2603:10a6:10:a8::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3000.27; Fri, 22 May 2020 09:19:03 +0000
Received: from DB8PR08MB5177.eurprd08.prod.outlook.com ([fe80::f86c:9fc9:baa8:48e0]) by DB8PR08MB5177.eurprd08.prod.outlook.com ([fe80::f86c:9fc9:baa8:48e0%3]) with mapi id 15.20.3021.020; Fri, 22 May 2020 09:19:03 +0000
From: Hanno Becker <Hanno.Becker@arm.com>
To: Christopher Wood <caw@heapingbits.net>, Thomas Fossati <Thomas.Fossati@arm.com>, "TLS@ietf.org" <TLS@ietf.org>
Thread-Topic: [TLS] Banning implicit CIDs in DTLS
Thread-Index: AQHWL4jlVazT6tbHlkGZvgKpDlUBs6iyuNyAgACCdQCAAJhViQ==
Date: Fri, 22 May 2020 09:19:03 +0000
Message-ID: <DB8PR08MB5177F356938FFF0BCD3032479BB40@DB8PR08MB5177.eurprd08.prod.outlook.com>
References: <df70e06b-ffdf-4402-b640-d99b2aafac6b@www.fastmail.com> <17230F7E-0983-4519-8BA3-50D3F1A66C22@arm.com>, <b45dea1f-506a-420e-aa3b-4d6c0fae5028@www.fastmail.com>
In-Reply-To: <b45dea1f-506a-420e-aa3b-4d6c0fae5028@www.fastmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Authentication-Results-Original: heapingbits.net; dkim=none (message not signed) header.d=none;heapingbits.net; dmarc=none action=none header.from=arm.com;
x-originating-ip: [217.140.99.251]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: 5c66738c-6c43-4d83-d454-08d7fe313034
x-ms-traffictypediagnostic: DB8PR08MB4028:|AM0SPR01MB0041:
x-ms-exchange-transport-forked: True
X-Microsoft-Antispam-PRVS: <AM0SPR01MB00419EFA663C84DBFE3CCC5E9BB40@AM0SPR01MB0041.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:8882;OLM:9508;
x-forefront-prvs: 04111BAC64
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: VlTtkOUL1Y/t6gBfJCrnVLJI3Pr6guluE8KUGb/sRPW42ozzWo3lehrhE3PnBUuWZgJyYOjGlJG2SyYDdaXdaASMMLLypEu6d3pgtrWGJVpCofOrTXGgI9b7bhNJs6DoBKF/+h4TFtjcyRk0dlpa18PftgofAfK96bzhpeNmu5ng4ULhfvNlRmukl87g173ZSLau2QhUgFs9bt4ZxUtu3MaAxsK1JflfN+CaCUO33hysfr1P8KfKoNpYoTsQFf0f8EBXKUKkF6xQfYhAgcuglk+YcHqRBrYeYq7i4IIFYh9xIy0RNJSYRrk5EP6DLdrIH3Oge7lu5SpnV0A+TLIgvIbeEIfCJTkprb/2ww99LRQMmGAhZMDQti+414PIKADXXsp1vY/NYUtoBLuODbD34/decGPsq1YyRMQp+Txv8Tt+Q/gFIGvyonoN+CN/JEVI8RDtMNLOEbwrHaA8Ew9CRcF4vcefrxWFNp6LNEqdqQHDV6ZZRM3ntxVzi9nmc213ycy2UNkUBm/8RC0Do6+VMA==
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB8PR08MB5177.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(4636009)(376002)(366004)(39860400002)(346002)(136003)(396003)(9686003)(71200400001)(52536014)(110136005)(33656002)(8676002)(5660300002)(316002)(55016002)(7696005)(966005)(86362001)(76116006)(166002)(478600001)(8936002)(19627405001)(186003)(53546011)(2906002)(66946007)(64756008)(66476007)(6506007)(66556008)(66446008)(26005); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: 2c8Yu9CqnCyX10L6beqc+VJP97pQOBf0mtbPCE+gFwUHykYfYu4lI904IUDeLhwEIbNhCcRNWs0COvMC5kkrk/A+xlH72/ybJoLkJuprNJcaf7QhjEaSwBUcmIiIBFHeh/bHWtgp8fMRk1eS6rWP1ypzkTNYwLtonZBV91xckTE7PbN1d1UvHTrYz5ZOPLmuvpwIkxfmSLBUR5kHQo52abCMUxh0LlI1QaxZ7I+WQvpPPqmLWhpwChVVP7XRAgpxeMffQMMgwEDoaUJSzbs0siWESspWtN/Kv3ZNirhHHJw9ykU2W4Pce6LI1lhS+t1sInTz5nGws6/btYH59SvhnZFZRcB6YhnjcaFe+/gRstKks4ZzJ//vAZwMWcpyswBqRQfcUH+sgj8R7/keZykbrwCY/DdHiJ2/TepX/vPx8UfK0jo+cgxp6zbzpduWkZxlTtn9kNAgS52vJ23JyUUUrozZsc89J4bvv3wbe3k0h24nYVFoBgWDBmbLdfdQgpil
Content-Type: multipart/alternative; boundary="_000_DB8PR08MB5177F356938FFF0BCD3032479BB40DB8PR08MB5177eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB8PR08MB4028
Original-Authentication-Results: heapingbits.net; dkim=none (message not signed) header.d=none;heapingbits.net; dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: VE1EUR03FT059.eop-EUR03.prod.protection.outlook.com
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFTY:; SFS:(4636009)(346002)(39860400002)(376002)(396003)(136003)(46966005)(110136005)(47076004)(5660300002)(19627405001)(33656002)(316002)(53546011)(82740400003)(166002)(2906002)(55016002)(36906005)(6506007)(86362001)(8936002)(186003)(81166007)(82310400002)(8676002)(966005)(7696005)(9686003)(336012)(26005)(70586007)(52536014)(70206006)(478600001)(356005); DIR:OUT; SFP:1101;
X-MS-Office365-Filtering-Correlation-Id-Prvs: a753e65b-e4d1-4978-d8b3-08d7fe312b9e
X-Forefront-PRVS: 04111BAC64
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: sMwlNebSWKvKXhaFOnUXQ3JJmMPfOrJRYLJ9pwoirDnkgCRWkzOr1/vERviJ/mYVT3c3QTxbsGbowk+qcY7rVa1kFezCrHVbFM8TiGSJ+nH3JvoSjg9o1dBOnQhzaD67bi4HYml+fVxgm+6Sudhc+s0Hf3gk4dH9VSnvLJkmsqziB+b+LIuXUS7bSsa174sx4ERKKQnEgV1xFZCGPJ4YKj12azlndqSz2TDZ/M2HY3BswH4SKaRZU1glGSXPG8GBEb0K0cQRUtnPg0+jnDBBvpA/uPkJGoQomTgp11oml1rCIaRcVYR9ZbyqSXMrSkSV/pXYOywkvqfmIhr6+5Qxp6GgbzlklF5+UskFwNPrTTdPeJrHy31h6Juwtw/zv6R8bQBzkE6iZDZx+PqdGu3bf3bN6xANiETcFYEtgCboh/lMX27Fg0W7KzPVFB6/8EWbvwDtgweT2ogg9KrIFVrCxRMJH8+ypVRAPjm3Xgk6v3w=
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 May 2020 09:19:11.0726 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 5c66738c-6c43-4d83-d454-08d7fe313034
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0SPR01MB0041
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/MQKvyYlVfEv5pv7RxKmoq0_td3M>
Subject: Re: [TLS] Banning implicit CIDs in DTLS
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 May 2020 09:19:19 -0000

I don't support this PR. Compactness of wire presentation is important
(and acknowledged - why would there be a compressed header otherwise)
and implicit CIDs should hence allowed and authenticated via AEAD additional data,
preferably by generally adopting the pseudo header AAD approach.
Disappointingly, despite its length the discussion so far has failed to point
out concrete problems with the resulting header format malleability.

________________________________
From: TLS <tls-bounces@ietf.org> on behalf of Christopher Wood <caw@heapingbits.net>
Sent: Friday, May 22, 2020 1:09 AM
To: Thomas Fossati <Thomas.Fossati@arm.com>om>; TLS@ietf.org <TLS@ietf.org>
Subject: Re: [TLS] Banning implicit CIDs in DTLS

On Thu, May 21, 2020, at 9:22 AM, Thomas Fossati wrote:
> Hi Chris,
>
> On 21/05/2020, 17:00, "Christopher Wood" <caw@heapingbits.net> wrote:
> > *One proposal to address this is by extending the AAD to include the
> > pseudo-header. However, the chairs feel this is an unnecessary
> > divergence from QUIC.
>
> I don't understand the "unnecessary" in the above para, i.e., why are we
> so tied to QUIC in this case?  I'm asking because it looks like this was
> a core criterion in the Chairs' proposal.

Sorry for the confusion! The point here was that QUIC authenticates what's on the wire, which we felt was important. I should have spelled that out. There are of course other things to consider, as Martin points out.

Best,
Chris

_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.