Re: [TLS] Proposed text for removing renegotiation

Martin Thomson <martin.thomson@gmail.com> Wed, 28 May 2014 16:46 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C32C61A0A08 for <tls@ietfa.amsl.com>; Wed, 28 May 2014 09:46:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xkYFQ2FbBUWP for <tls@ietfa.amsl.com>; Wed, 28 May 2014 09:46:56 -0700 (PDT)
Received: from mail-we0-x22c.google.com (mail-we0-x22c.google.com [IPv6:2a00:1450:400c:c03::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6A6651A09E2 for <tls@ietf.org>; Wed, 28 May 2014 09:46:56 -0700 (PDT)
Received: by mail-we0-f172.google.com with SMTP id k48so11734163wev.17 for <tls@ietf.org>; Wed, 28 May 2014 09:46:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=zktIvKZoF4aTe2TIT4mf3/7GxZSPT/yXRnxI6d+Udas=; b=Q9P07RpWG1A0P3sBPV/ss8WO2evLqF8O3zmoS1dXBpC684T+x6J11tG5YKKUntQ9J8 Xw8XEO7pQgsI5nOA4R6BRYckpjs4PfDKwsP/VfwXvQPjY1tSIFqrJXfKvKkqhVI0F8Cv fz6V1IfXV07I0AAvB7TOpiagnMThrsDQUjHqkWLZF/9m4QSH0Dawnc6qD5zTHs1AygBS FTvjnkDRVGGQb9mH7hDWAKeR0ntqvnu9R95ckT6k0RtxU48XzfmYJry/gF85jyvE5CTl umkaDsiIfheKvidoQ72VEW8PSEGZe72zwjQfgrObh7Yac8BViEHLtM7RWLuZlfOykGDS RmaA==
MIME-Version: 1.0
X-Received: by 10.180.36.241 with SMTP id t17mr2616711wij.38.1401295609511; Wed, 28 May 2014 09:46:49 -0700 (PDT)
Received: by 10.194.235.163 with HTTP; Wed, 28 May 2014 09:46:49 -0700 (PDT)
In-Reply-To: <28421B15-8E06-4E86-AE5D-38D994ABBD45@gmail.com>
References: <CABkgnnXaLKmxXL01hQEdxHSNGt3nZQQNBLDD5H2LqBzTo3vK4g@mail.gmail.com> <CAFewVt5GCmH8wSdUYLy_Q9RNEtAggzG3_k-9E8ME-nP9jZNX3Q@mail.gmail.com> <28421B15-8E06-4E86-AE5D-38D994ABBD45@gmail.com>
Date: Wed, 28 May 2014 09:46:49 -0700
Message-ID: <CABkgnnV=_hJipaWOW=C7Ge7=a_FU6bTDpDDHULmYD24U8qRboQ@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Yoav Nir <ynir.ietf@gmail.com>, "Salz, Rich" <rsalz@akamai.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/vWlU25TbQc2dolKBfsISEL7kJqI
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Proposed text for removing renegotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 May 2014 16:46:57 -0000

On 28 May 2014 03:00, Yoav Nir <ynir.ietf@gmail.com> wrote:
> 2. Connections that carry so much traffic and last so very long that you
> really need to rekey. This was discussed at the meeting, partially on Jabber
> ([1]). It’s not that common for the web, but I’m assured that XMPP
> connections sometimes last basically forever, so they need rekeying. My
> proposal there (at 19:40) was for this use case. Martin is right that it
> adds “dead air”, but all these use cases are not that delay sensitive, and I
> think it’s worth it to get the simplified state machine.

I think that we might be able to mitigate the dead air problem.  At
least if the client initiates the action.

My concerns with this approach are with the obvious tension between
the obvious goal and the goals of the application/API.

The establishment of an entirely new context is only truly useful if
it is treated as such.  But the goal of applications in this context
is to continue to operate seamlessly.  Many of the concerns arising
from renegotiation arise from the way that applications are almost
willfully ignorant of the transition in states.

As Martin (R) observes, renegotiation is fairly precisely defined.  If
you strictly respect it, it can be safe...in theory.  It's just that
it's rarely afforded that respect.