Re: [TLS] Removing the "hint" from the Session Ticket Lifetime hint

Subodh Iyengar <> Mon, 29 February 2016 17:35 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id C39721A6FE0 for <>; Mon, 29 Feb 2016 09:35:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.667
X-Spam-Status: No, score=-1.667 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id kEtDGJvZ5BkV for <>; Mon, 29 Feb 2016 09:35:55 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id A9C661A6FD9 for <>; Mon, 29 Feb 2016 09:35:55 -0800 (PST)
Received: from pps.filterd ( []) by ( with SMTP id u1THZ7gc027135; Mon, 29 Feb 2016 09:35:54 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=facebook; bh=JvQK3/Ll8hdatEzjSPmIEH8S328KElEgwrOhJ6RIMxw=; b=OvVfGW1ehnxhuTd0BNIReHLT9Js6FiO+bopu4U/68BFrjWfqiZbyEDu45pJwDMYjUICw Tq+b2Jo60XUjtY8E5PcGYOXEsX3lAhP923iQ6h0RHoyHhzyA3GIFvd421ODXvMHirP7n mC5LDovmIlnrYLqKUYvhRTv/yJC8FOiwMCs=
Received: from ([]) by with ESMTP id 21csw6r6bt-1 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Mon, 29 Feb 2016 09:35:54 -0800
Received: from ([]) by ([fe80::d5cc:849:f520:db6b%12]) with mapi id 14.03.0248.002; Mon, 29 Feb 2016 09:35:53 -0800
From: Subodh Iyengar <>
To: "Salz, Rich" <>, "" <>
Thread-Topic: [TLS] Removing the "hint" from the Session Ticket Lifetime hint
Thread-Index: AQHRbmGau7ZdmtJqV0qE3JnbE5+PR586lnoAgAAAjACACTqoAIAAATEA//97GaY=
Date: Mon, 29 Feb 2016 17:35:52 +0000
Message-ID: <>
References: <> <>, <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Spam-Reason: safe
X-FB-Internal: Safe
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2016-02-29_06:, , signatures=0
Archived-At: <>
Cc: "" <>
Subject: Re: [TLS] Removing the "hint" from the Session Ticket Lifetime hint
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 29 Feb 2016 17:35:57 -0000

There are 2 different issues being discussed here, lifetime of tickets and configs.

It is probably better to revisit the discussion of whether or not to have ServerConfig be relative or absolute after it is decided whether or not the DH 0-RTT handshake will still exist.

The general point I wanted to make is that relative times are practically enforceable by clients.
For ticket_lifetime, which already is relative time, it is desirable to change them from an informative only behavior to being usable by clients, which Nick's pull request does.  Enforcing relative time for things like tls ticket validity time has better security properties for certain use cases like key offloading. Nick's pull request limits the time clients can cache it to 7 days which is reasonable middle ground and clients can decide to delete the ticket earlier.

I +1 the pull request.

Subodh Iyengar
From: TLS [] on behalf of Salz, Rich []
Sent: Monday, February 29, 2016 9:15 AM
Subject: Re: [TLS] Removing the "hint" from the Session Ticket Lifetime hint

> What should be memorized/stored is absolute time-of-creation.

If the structure itself includes absolute times, then the memorization is (trivially) simpler.

> How long to consider it valid, is a local issue and not necessarily a constant
> validity period over time.

True.  Treat it as a hint from the server.

TLS mailing list