IETF Logo Mail Archive

Re: [TLS] I-D Action: draft-ietf-tls-ticketrequests-02.txt

Viktor Dukhovni <ietf-dane@dukhovni.org> Sat, 05 October 2019 17:05 UTC

Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EEA7B12087E for <tls@ietfa.amsl.com>; Sat, 5 Oct 2019 10:05:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id USYGpareYTzR for <tls@ietfa.amsl.com>; Sat, 5 Oct 2019 10:05:03 -0700 (PDT)
Received: from straasha.imrryr.org (straasha.imrryr.org [100.2.39.101]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 790A01200B6 for <tls@ietf.org>; Sat, 5 Oct 2019 10:05:03 -0700 (PDT)
Received: by straasha.imrryr.org (Postfix, from userid 1001) id 9E71C2AD631; Sat, 5 Oct 2019 13:05:02 -0400 (EDT)
Date: Sat, 05 Oct 2019 13:05:02 -0400
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: tls@ietf.org
Message-ID: <20191005170502.GF21772@straasha.imrryr.org>
Reply-To: tls@ietf.org
References: <156962803631.24993.3421537129925787732@ietfa.amsl.com> <20191001145600.GU21772@straasha.imrryr.org> <20191002230402.GF5002@localhost> <c301f241-33fb-48f3-a55f-b53824180be2@www.fastmail.com> <F21EF885-96B5-411F-B79D-87EEB9B046B6@dukhovni.org> <9805f0ea-065f-48be-8514-1b8ff3373f7b@www.fastmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <9805f0ea-065f-48be-8514-1b8ff3373f7b@www.fastmail.com>
User-Agent: Mutt/1.12.1 (2019-06-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/vALe5lBUpRDF7zlCBz3HloANap4>
Subject: Re: [TLS] I-D Action: draft-ietf-tls-ticketrequests-02.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Oct 2019 17:05:06 -0000

On Sat, Oct 05, 2019 at 05:06:04AM -0700, Christopher Wood wrote:

> > The use-case is clients and servers that don't make use of
> > early-data, and don't need to avoid traffic analysis.  For
> > example, MTA-to-MTA traffic, where the client even identifies
> > in clear text with "EHLO".  Here ticket reuse is the norm,
> > and renewal is only needed as tickets age.
> > 
> > [ I hope I managed a suitably concise description this time... ]
> 
> You did indeed! However, as I'm not sure we should be encouraging ticket
> re-use. I think asking for 1 upon resumption would be the norm, which
> should address this case.

Granted, ill-conceived ticket re-use should not be encouraged, in
fact should be prominently discouraged.

But perhaps the MTA-to-MTA use-case has more general applicability
in a broad class of server-to-server (datacentre-to-datacentre)
traffic, where the client has a long-term stable IP address, and
often a long-term affiliation with a single downstream peer.

An obvious example that comes to mind is a reverse-proxy that
terminates and resumes TLS.  At various $jobs I've helped folks
design/deploy such beasts in the DMZ.  Here there's a steady stream
of traffic between two nodes, and traffic-analysis "privacy"
considerations around ticket re-use don't come into play.

> (That is, I'm not sure adding more information to the signal to support
> the *as needed* case is worth the added complexity.)

That's the key question.  Such a signal could perhaps steal the
high-bit of the ticket count, limiting the count to at most 127.
Or alternatively the extension could send

    * 0 to mean no tickets ever (client has no ticket cache)
    * 1 to mean none required, but refresh as needed
    * n=2 or more to mean please send n-1 tickets.

This keeps the structure of the extension simple: for most clients
just send n+1 for n∈[1,254].

On the server side for n∈[2,255], just vend the lower of the server's
limit and n-1, for 0 send no tickets, which leaves only "n=1" for
the server to handle specially, by renewing the ticket if it is
either a single-use ticket or suitably dated.

-- 
	Viktor.

v2.23.0 | Report a Bug | By Email