Re: [TLS] DTLS RRC and heartbeat

Achim Kraus <> Thu, 21 October 2021 14:58 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 032533A1771 for <>; Thu, 21 Oct 2021 07:58:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Npwby0eEehhC for <>; Thu, 21 Oct 2021 07:58:16 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id E009E3A176D for <>; Thu, 21 Oct 2021 07:58:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; s=badeba3b8450; t=1634828291; bh=P6S+3uOHfHFk+ftXJiy+2pNUuHjolhb6MDbHU1DcMoo=; h=X-UI-Sender-Class:Subject:To:References:From:Date:In-Reply-To; b=EmEecFg9GwK1mXkKvqpwKS3JMGNrX2ItETE/H/VnmLwsHkXZmqPlajz6o6IZ001C4 GmwJ8s5nTx16bTUOdBHDB0H1LIpIZhZA+nW9QECu/QTiK6A/sHxy78x0RqS7TNH/ru 4grGuAf+J/ag4DmlQ7oo0e05AkFVnGA2XqQvUIJs=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [] ([]) by (mrgmx104 []) with ESMTPSA (Nemesis) id 1M4axq-1mfEDE440M-001gJn; Thu, 21 Oct 2021 16:58:11 +0200
To: Hanno Böck <>,
References: <> <20211021163027.2dd6c9a5@computer>
From: Achim Kraus <>
Message-ID: <>
Date: Thu, 21 Oct 2021 16:58:09 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.13.0
MIME-Version: 1.0
In-Reply-To: <20211021163027.2dd6c9a5@computer>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: de-AT-frami
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:rvXGpEbFItzkMiEvdTEoL6qfPEkQQQMZ3ByBTRg1YZ179mnclZV yGaDGi/o3YbOFesihmX+Cuf40tSo4zFGaqwnrLD6PZDuYyNFP5dfS5Q65sI0WmjnDF0o66L 6Azc4Vn8dG5c6QUsU0vEmSekLx1y3T/AXequs23aPnNS/jz171vJxlu90eguWg2UtYR3qvN cloSkww6xL8zc3y4k7Dqw==
X-UI-Out-Filterresults: notjunk:1;V03:K0:aCZWxPrzEkk=:V5Udm7JQ4cM+lt5m61LNn5 wNMCZh+i/alfVeqPLQmoBm1Sf3K1UcG/wCt8n+nbDcR9odEtGlIkXxvHwm/4g+CVxMI4rOZcV gGhHbNW/q6QnXNwqQHoiUYUcA3BC/qxegTVi2ISxmz0SIjSoOWN6w9fE2HNRPU9OjGWXRNCvK xR+oCnM3BiE/Qcw3v50O1rhD+mmzsg3xPtQvwOjXTaBOHKq+Nvoeu6o0tR3AMFOUbZ/nVSQDH 8Juzig+p2dwibRGFe74Xor61Mv1BR9pv3LxN54Bpx25ZOM4Rfxj+ceo5AFSbysKJc1sthIM+0 a3vu/9eTGPN6t3TOmFsAS6+qZ1iEufaedukbVIDNIZAK23vvoEFq+q31KCARkEeMqXEk3vACV KuO3Prmo9/01UcNcLWwvtgvnYdHddWlWv/BsnGuhxGE5OHjwiK30OZU6oK+mng6UDFwRLQkaR tn5NVXKYlqhcoggaEzHO7+BjHl48PmXox2/rPrNlSdADmlYZZZqVoJM73fyA1SZIxEVvzRuiE 4VRxAUs37B1XjJuBP+f6z6RR6BOujHfEL+lJ+9U3BpOQTsgAEWpQ8yT8/W2XNcPRfzLOSDzKn XJANvEAych14nRerh3h/GnnAG5qDz9PcaNNZYsNXhXTNwPnE6ZJm+YMuYAzG/3J0bkK37gjR9 djFelc+3/VGki/bwXWH1XPCVurMsD2AxYQ5u5ZCiQ8wimT1Rsx2gInFPQGijjpZs5vvOiH4+i aOy/KclAwywjp0XdEylpgr/tJjKt+AUnIRMREv9mGQkoQdihJYLGezPZBrg35ZHSTni5FWF9C 7zHHKFWR3nUbEdssY2ndQLhFqYp4kZPbWrQYqRs8QDYSUOe06MMh3ehDDu7tptoaH2GV3mlMb 7VU5dju8JdKc4Rb0XW2MRDtxyVhDARX/mVDnlWTmUSg5qOcwaWhRXYnTywR9vwX/V16mAFjqf ADb0hKFxWNTgJn2fwO3oYbSgutfe+HXySSwP/JDK73yNo0eJNZGXbhnva3/kBd3AwydgAt4AA A8igMYVpQd6JfSbVKlkGzcgpHVP193mg8lpi4nLf0KPFPJGvY0JaICBYPCCgtlSrrETlb41+2 xWwirp8DdfVrIU=
Archived-At: <>
Subject: Re: [TLS] DTLS RRC and heartbeat
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 21 Oct 2021 14:58:22 -0000

Hi Hanno,

thanks for your feedback.

 > I feel this may be enough justification to define a hearbeat-simplified
 > spec that doesn't have these problems.

The point with that would be, that it requires a new code-point for the

And we are not sure, if considering mainly implementation issues, will
justify to allocate a new code-point.

best regards
Achim Kraus

Am 21.10.21 um 16:30 schrieb Hanno Böck:
> On Thu, 21 Oct 2021 10:35:54 +0100
> Thomas Fossati <> wrote:
>> One problem is - as Hannes put it - that heartbeat has a "somewhat
>> tricky history", making its marketing a slightly intricate operation,
>> and the code reuse story a bit more complicated than desired (see for
>> example [3]).
> I think there were a few things that went spectacularly wrong with the
> original heartbeat extension. Some of them are implementation issues
> (like merging code without proper review and testing), but others are in
> the spec itself.
> I think this boils down to two things that added unnecessary
> complexity, which is always bad in security:
> 1. The use cases were all UDP, but the extension was defined for both
>     UDP and TCP for no good reason.
> 2. The extension contained a completely unnecessary length-encoded
>     message that was sent forth and back. That's a very risky
>     construction in terms of memory safety.
> I feel this may be enough justification to define a hearbeat-simplified
> spec that doesn't have these problems.
> If you decide to go with the old heartbeat extension then I'd still
> wish you at least adress 1. I think many people have just compiled
> openssl without heartbeat, which is a good thing as long as it's not
> used anyway. If it gets used in DTLS then at least make sure that
> doesn't mean it also has to be enabled in TCP-based normal TLS at the
> same time.