Re: [TLS] record layer limits of TLS1.3

Judson Wilson <wilson.judson@gmail.com> Wed, 23 November 2016 08:39 UTC

Return-Path: <wilson.judson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 792AE129635 for <tls@ietfa.amsl.com>; Wed, 23 Nov 2016 00:39:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MaHGIPkVFl_D for <tls@ietfa.amsl.com>; Wed, 23 Nov 2016 00:39:05 -0800 (PST)
Received: from mail-wm0-x234.google.com (mail-wm0-x234.google.com [IPv6:2a00:1450:400c:c09::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A4A0D129634 for <tls@ietf.org>; Wed, 23 Nov 2016 00:39:04 -0800 (PST)
Received: by mail-wm0-x234.google.com with SMTP id g23so66771521wme.1 for <tls@ietf.org>; Wed, 23 Nov 2016 00:39:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=JYPuv1ZXRcFeDl6s8w8Z4SW7ueXTw6PxNl3Txo4ZD4E=; b=T2fW5okYSUwEcrDHeQCpJ+29bZ1Md1HgxuOYPSM4kGYQo8G1WXznhHuL3PUp97/pRl dLNJi7vicFkwI9jTfVKXuaAVUYrNL4Lv7ULDmf5MTfBaEHUielT2SLabPYNnSUw3fBs9 8Yrc0bNZp8bb0bnRtlcpXbK7TanJ+LcBAErHohAXEEhbvShKMwz4LFu3bCwdBgDNCrFG BioLLKJ0cy1UkG9I4STQdIrnwfbh2WPAJXXUUWltnz0xjrbLOKo8LcfLS2+AVrseItV+ en8nCLyNKoYaTO/Ew/hefExMSES7EaZNCfqyJwzUngCIK8ZRTpB59fBMIYu8RG91cV9R x3+w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=JYPuv1ZXRcFeDl6s8w8Z4SW7ueXTw6PxNl3Txo4ZD4E=; b=Frr4q67QsILQ0ark+dXmA15fIbZZBZd3svg3JcR+mhckaFXZP0RwbP9n7tZHgx1LS6 cHUV3543PJUOtf/sQj6ec+YhyhWVcQAYcduH9OPaZB4W+YlKOz9/w0zjlbAe8/87SNRF yqsBlKehDDdPHsEtGh8AVjH4c7Th7gkuylXlnIWg0KmPuUvfUq2KTWBzX7eCybHFY+4/ UQlIpr4W723wu3FBWFDR3ha0cfK5ZG7J3vlrjYlEz+jxrezgXUdl5+AH3w7p1wbw0ujw poFE6i+pKI4QXsmiRNrFAOMJNISn5Yu21EFXNiurNiw/xQ5yZTwOCVvUissfwAILyZit cx3A==
X-Gm-Message-State: AKaTC03t7VzPIH0BopN1LFeseklAW7ZNjjvuPcIFfgUbCvVglPUvR+NQmQvefGuC36nZdcX8JRVCIQDg836uKg==
X-Received: by 10.28.175.204 with SMTP id y195mr2281076wme.106.1479890343061; Wed, 23 Nov 2016 00:39:03 -0800 (PST)
MIME-Version: 1.0
Received: by 10.80.168.133 with HTTP; Wed, 23 Nov 2016 00:39:02 -0800 (PST)
In-Reply-To: <1479889806.2563.15.camel@redhat.com>
References: <1479884799.2563.3.camel@redhat.com> <B9F508E0-76F0-4252-AA24-38E3205F8BA9@gmail.com> <1479889806.2563.15.camel@redhat.com>
From: Judson Wilson <wilson.judson@gmail.com>
Date: Wed, 23 Nov 2016 00:39:02 -0800
Message-ID: <CAB=4g8+-2vZZ5qL6RfiKA73hHWxFV_QBQx_U7KZxZwGW=dO=oQ@mail.gmail.com>
To: Nikos Mavrogiannopoulos <nmav@redhat.com>
Content-Type: multipart/alternative; boundary="001a11443834346d8f0541f3d2ee"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/vYRwRsEkj_QFHZ1d99pV0-010JI>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] record layer limits of TLS1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Nov 2016 08:39:06 -0000

Can you send multiple records in one data transfer to achieve whatever
gains are desired?

On Wed, Nov 23, 2016 at 12:30 AM, Nikos Mavrogiannopoulos <nmav@redhat.com>
wrote:

> On Wed, 2016-11-23 at 10:05 +0200, Yoav Nir wrote:
> > Hi, Nikos
> >
> > On 23 Nov 2016, at 9:06, Nikos Mavrogiannopoulos <nmav@redhat.com>
> > wrote:
> >
> > >
> > > Hi,
> > >  Up to the current draft of TLS1.3 the record layer is restricted
> > > to
> > > sending 2^14 or less. Is the 2^14 number something we want to
> > > preserve?
> > > 16kb used to be a lot, but today if one wants to do fast data
> > > transfers
> > > most likely he would prefer to use larger blocks. Given that the
> > > length
> > > field allows for sizes up to 2^16, shouldn't the draft allow for
> > > 2^16-
> > > 1024 as maximum?
> >
> > I am not opposed to this, but looking at real browsers and servers,
> > we see that they tend to set the size of records to fit IP packets.
>
> IP packets can carry up to 64kb of data. I believe you may be referring
> to ethernet MTU sizes. That to my understanding is a way to reduce
> latency in contrast to cpu costs. An increase to packet size targets
> bandwidth rather than latency (speed).
>
> > The gains from increasing the size of records from the ~1460 bytes
> > that fit in a packet to nearly 64KB are not all that great, and the
> > gains from increasing records from 16 KB to 64KB are almost
> > negligible. At that size the block encryption dominates the CPU time.
>
> Do you have measurements to support that? I'm quite surprized by such a
> general statement because packetization itself is a non-negligible cost
> especially when encryption is fast (i.e., in most modern CPUs with
> dedicated instructions).
>
> regards,
> Nikos
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>