Re: [TLS] Connection ID Draft
Martin Thomson <martin.thomson@gmail.com> Thu, 12 October 2017 23:33 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 549ED132D17 for <tls@ietfa.amsl.com>; Thu, 12 Oct 2017 16:33:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fn_M6RNkbTYz for <tls@ietfa.amsl.com>; Thu, 12 Oct 2017 16:33:08 -0700 (PDT)
Received: from mail-oi0-x236.google.com (mail-oi0-x236.google.com [IPv6:2607:f8b0:4003:c06::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EE441132403 for <tls@ietf.org>; Thu, 12 Oct 2017 16:33:07 -0700 (PDT)
Received: by mail-oi0-x236.google.com with SMTP id m198so10962869oig.5 for <tls@ietf.org>; Thu, 12 Oct 2017 16:33:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=6r+cmQXt0Vi9Z6qTH3KgG/wYtH/Z3uo9Mni6npuV71A=; b=Rv8arvElspwvX/VRLtsaRl3XhJWqVqy5yMaehLwjOTl7nK9uxY2V93R2Wq1ZWfDiRJ 0YQ8PKuJSbEsS84hQ/m2MrLd8iB0e1VHYUxirG064bUHvZAyAND8e6+16DMYQxmYg+SH GvBUQP7bDt247kqs6PTC1tmtTLmYacRH4pjJkhQMtGJ9zrsvv6rvAvYhY8Rd5fUJE+Pb SRTsoXO/VprXlY4RvFf9i2wc6g88RUCZ/8WObSUfNtTKanCB5ggas5hqr4exc6aUca74 a9JIjpG346gKbHf5KcfvPbhvYrD1IR66Oi1TiuKq16THW2W5tQCvuuYoJ1kdBQSA3EYM fohA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=6r+cmQXt0Vi9Z6qTH3KgG/wYtH/Z3uo9Mni6npuV71A=; b=V+NK5sxXDQvSOERAkpCzGqNrlBfG5Op1HcmZzcf7meNsoooBDNhtO68RfwC+5ZpPy/ rITUPKqrJVY+NK9v/ASX89MkuWIFUat8elF+Re7EcQloixXw/2MCDk8BogJdmbG488n2 I+QYB1jlPR1DfgGRWDOAP1cyhjckaaGIqQwV3Vfa6rC/3PrMwG9oQpc2G4YE2tf9brcv DXcoT1lSL6SvwXo61F/uVEM+twN34RevYX6xXbmwjASVrIwCPPr+BzUK4BdqbOyhvwdM u6B1oY8Z4/JKIBTJT2wFaIVNtLj7ttEADfMzndZAvIfWF06n+pjNbeczYNKm2JbVPkgX duRQ==
X-Gm-Message-State: AMCzsaXbHYqqmyTJkPfuZ/FNnTq3jGSgOjkfyd5BVmPpZhEvXBCe7i5T G/LyEoOPZVidAEUapvWGEoR4Iwe0R2Nfz0dRRW19Uw==
X-Google-Smtp-Source: AOwi7QCw3nTk3hZpuUwDPa7ZIjlBEVDnmi20dXh7K2kLXngWF1W4OK0eQOUz9Lfuf8uMOkeJg4k2ls6jpq9+mLFlXm8=
X-Received: by 10.202.75.140 with SMTP id y134mr1922680oia.3.1507851187250; Thu, 12 Oct 2017 16:33:07 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.157.72.178 with HTTP; Thu, 12 Oct 2017 16:33:06 -0700 (PDT)
In-Reply-To: <CABcZeBPXB6cOSztzDHtKSWUCJrgET+9cF_rAiiE8CYCUSY_uLA@mail.gmail.com>
References: <CABcZeBPXB6cOSztzDHtKSWUCJrgET+9cF_rAiiE8CYCUSY_uLA@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
Date: Fri, 13 Oct 2017 10:33:06 +1100
Message-ID: <CABkgnnXsBZz5PAvQOfYBgB6HHzH0RuQgO8DuAeZ9X2+R02QP_A@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Cc: "tls@ietf.org" <tls@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/upv2L8fCexaw2GTzz1naDWwIj68>
Subject: Re: [TLS] Connection ID Draft
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Oct 2017 23:33:09 -0000
This seems like a pretty solid design. (Better in many ways to the QUIC design, but then I might concede that the constraints are different.) The example shows the connection ID only being used after the handshake completes (that is, on epoch=3), but handshake records (epoch=2) use the same record format and we already know the preference of the peer when sending them. I can see why you opted for this design (there is no way for the server to signal that it intends to use the connection ID before it starts to send it), but that could be addressed by moving the extension to the ServerHello. The value is sent on every subsequent record, so there is no real gain in having the extension in EncryptedExtensions. There is value in having record construction be consistent. The design for new connection IDs is clearly to handle the linkability issue, but the draft doesn't propose a solution for linking based on the monotonic increase of sequence numbers, or acknowledge the problem. We had comments about the length of the connection ID and the value being used as a covert channel. That issue should at least be addressed in the security considerations. On Fri, Oct 13, 2017 at 10:13 AM, Eric Rescorla <ekr@rtfm.com> wrote: > Hi folks, > > I have just posted a first cut at a connection ID draft. > https://tools.ietf.org/html/draft-rescorla-tls-dtls-connection-id-00 > > Comments welcome. > > -Ekr > > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Nikos Mavrogiannopoulos
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Matt Caswell
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft Hannes Tschofenig
- Re: [TLS] Connection ID Draft Eric Rescorla
- [TLS] 答复: Connection ID Draft yinxinxing
- [TLS] 答复: Connection ID Draft yinxinxing
- Re: [TLS] 答复: Connection ID Draft Eric Rescorla
- Re: [TLS] 答复: Connection ID Draft Eric Rescorla
- [TLS] 答复: Connection ID Draft yinxinxing
- Re: [TLS] 答复: Connection ID Draft Eric Rescorla
- [TLS] 答复: 答复: Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Benjamin Kaduk
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Christian Huitema
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Nikos Mavrogiannopoulos
- Re: [TLS] Connection ID Draft Simon Bernard
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Stephen Farrell
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft Benjamin Kaduk
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Eric Rescorla
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Matt Caswell
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft yinxinxing
- Re: [TLS] Connection ID Draft Matt Caswell
- Re: [TLS] Connection ID Draft Martin Thomson
- Re: [TLS] Connection ID Draft Fossati, Thomas (Nokia - GB/Cambridge, UK)
- Re: [TLS] Connection ID Draft Matt Caswell
- Re: [TLS] Connection ID Draft Simon Bernard