[TLS] Substitute for renegotiation in TLS 1.3

Albe Laurenz <laurenz.albe@wien.gv.at> Mon, 23 February 2015 10:46 UTC

Return-Path: <laurenz.albe@wien.gv.at>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com []) by ietfa.amsl.com (Postfix) with ESMTP id 10E161A19F4 for <tls@ietfa.amsl.com>; Mon, 23 Feb 2015 02:46:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.33
X-Spam-Status: No, score=-0.33 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HELO_EQ_AT=0.424, HOST_EQ_AT=0.745, RCVD_IN_DNSWL_MED=-2.3, UNPARSEABLE_RELAY=0.001] autolearn=ham
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id C0i1vPMWG40o for <tls@ietfa.amsl.com>; Mon, 23 Feb 2015 02:46:33 -0800 (PST)
Received: from relay-fr112.magwien.gv.at (relay-fr112.magwien.gv.at []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 00FB41A000A for <tls@ietf.org>; Mon, 23 Feb 2015 02:46:32 -0800 (PST)
Received: from localhost (localhost []) by relay-fr112.magwien.gv.at (Postfix) with ESMTP id B41AA205B5 for <tls@ietf.org>; Mon, 23 Feb 2015 11:45:37 +0100 (CET)
X-Virus-Scanned: by amavisd-new using Sophie and ClamAV at magwien.gv.at
Received: from ntex2010j.host.magwien.gv.at (ntex2010j.host.magwien.gv.at [--]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by relay-fr112.magwien.gv.at (Postfix) with ESMTPS id A24A720598 for <tls@ietf.org>; Mon, 23 Feb 2015 11:45:37 +0100 (CET)
Received: from ntex2010i.host.magwien.gv.at ([]) by ntex2010j.host.magwien.gv.at ([]) with mapi id 14.03.0210.002; Mon, 23 Feb 2015 11:46:30 +0100
From: Albe Laurenz <laurenz.albe@wien.gv.at>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: Substitute for renegotiation in TLS 1.3
Thread-Index: AdBPVfr3TMYz4bcwRuSOLkFAobMc+w==
Date: Mon, 23 Feb 2015 10:46:29 +0000
Message-ID: <A737B7A37273E048B164557ADEF4A58B3659F13D@ntex2010i.host.magwien.gv.at>
Accept-Language: en-US, de-AT
Content-Language: de-DE
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/uaiXQzbHgX-2etwl0GdimSXODCI>
Subject: [TLS] Substitute for renegotiation in TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Feb 2015 10:57:29 -0000

While researching a renegotiation problem I saw that TLS 1.3 has done away
with this feature altogether.

During the discussion that led to this
most people seemed to favor a new "rekey" facility as a substitute,
and this consensus is expressed in

In a first take, this was accomplished by repurposing ChangeCipherSpec
to create a new master secret:

However, in a later commit
ChangeCipherSpec was removed, and I can neither find the discussion leading
to that nor any mention in the commit how "rekey" should be accomplished now.

Does that mean that there is no possibility to renegotiate any more?
That would be unfortunate for my use case (encrypted database connections which
can last arbitrarily long).
Moreover, it would go against the consensus on the list, as quote above.

Laurenz Albe