Re: [TLS] SNI and Resumption/0-RTT
Victor Vasiliev <vasilvv@google.com> Wed, 23 November 2016 22:46 UTC
Return-Path: <vasilvv@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 60AB012949E for <tls@ietfa.amsl.com>; Wed, 23 Nov 2016 14:46:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.197
X-Spam-Level:
X-Spam-Status: No, score=-4.197 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.497, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FB83pJHeF0MH for <tls@ietfa.amsl.com>; Wed, 23 Nov 2016 14:46:20 -0800 (PST)
Received: from mail-qt0-x235.google.com (mail-qt0-x235.google.com [IPv6:2607:f8b0:400d:c0d::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B357C12940F for <tls@ietf.org>; Wed, 23 Nov 2016 14:46:20 -0800 (PST)
Received: by mail-qt0-x235.google.com with SMTP id n6so25323759qtd.1 for <tls@ietf.org>; Wed, 23 Nov 2016 14:46:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=FI/6A3Z2M43lP2muCYcLQj2nOjmHQB69bRgqeFDhgTg=; b=dAkAbPxVKcBs5fWBw646fBQGmJn/kdp2DlcaUfp35oBg2ngU8IDM8e3dGd8RJn/tcE IvsI/GZWRFaVrN2UIucHbh2BZq1hHk74NmcTimvBxmyNSaglxtjFRVi/6jJ/xCoBoTk7 IKMKGzQu0wWrj4AmJZ15NWPRqxHnwCZsuqwG8RcV7tm9lWuk/rms+EXuTRzNhorb5pAD RyVV8Hs/EgTwWPBjSArfLVuIAjt041rfOKx1Xrp2ylim9qTWFDn81oJUJTl1XlETuT7K aUwsF624JSklnFFZQ7hbQimvanHrXbpAdrS0Oate4Ix3r/ZgpZ6dL4jPDXQUzdQNx84d LS4Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=FI/6A3Z2M43lP2muCYcLQj2nOjmHQB69bRgqeFDhgTg=; b=DBW1LwQJ0v6HbYVdPozozSVJc6bj69YZBGodIssb0fLWLkvzHll7My9yd03h/OafdQ 9AZZYFtBVHyShr49eTq78dD2VMKVQ3UIWNTl0GqdCYf3rEvj2q7AHeMS8IL4nrgYO0VJ yRmnLloMJgbnNQH9dndnzrUxGTWCk69I9BgOpuw/mcotrKABFvOEDouVaV87Qjcn2f5i UjKuk5PYbidl3t5iYjmTCH3RmZfKt+Ib7rrbUj+Ne3MjZpeme3HfiLfZxuXHbMBNoxBk 2TqKQyIKDAPk0573ebFv5wS5raZ9yD2KKMNL83tHICjtvKOPWmtLDrGx1ylpyoFSEHZd C9aA==
X-Gm-Message-State: AKaTC012mF17kAxIrUcZXuwuIghUerqS18IbhmC5Z5fjR3kp7PcHn1wohB52yJDDIvgqDfE/x9DE5ugKZl3W8KXa
X-Received: by 10.237.53.56 with SMTP id a53mr4637979qte.85.1479941179645; Wed, 23 Nov 2016 14:46:19 -0800 (PST)
MIME-Version: 1.0
Received: by 10.55.157.11 with HTTP; Wed, 23 Nov 2016 14:46:19 -0800 (PST)
In-Reply-To: <CAAZdMadCLSc0QUMs4YZiDqzQMt9nBPPjxwRpeiDbCcNs5N-mEQ@mail.gmail.com>
References: <CABcZeBNroww_zA0BRsMrZPMCrF42b2OZPsQNZ9w0bjPoF+fSHw@mail.gmail.com> <CAAZdMac_nzAYcTUG361EXRgs4nvVFfVCc445roZZdm8uAqZTHA@mail.gmail.com> <4e2b054a-c391-d4f9-c106-d62eb90e2034@akamai.com> <CAAZdMadCLSc0QUMs4YZiDqzQMt9nBPPjxwRpeiDbCcNs5N-mEQ@mail.gmail.com>
From: Victor Vasiliev <vasilvv@google.com>
Date: Wed, 23 Nov 2016 17:46:19 -0500
Message-ID: <CAAZdMaf7+4UR9G6xMR8OmYeSt4WUkmpAid4GN69kEm3_mJSUVA@mail.gmail.com>
To: Benjamin Kaduk <bkaduk@akamai.com>
Content-Type: multipart/alternative; boundary="001a11c0302a4d7fbc0541ffa831"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/x-d27BwMJr1ySryn9N5BbW3UCDA>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] SNI and Resumption/0-RTT
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Nov 2016 22:46:22 -0000
It seems that this issue has not been so far successfully resolved, and to the best of my knowledge it has not been discussed during the meeting in Seoul. I still believe that this is a valuable feature, and our experience with 0-RTT handshake deployment in QUIC has indicated that it's basically required to make 0-RTT work for YouTube videos. So far, we have considered three options in this thread: (1) Retain RFC 6066 restriction on SNI, (2) Allow resumption for different SNI provided it was negotiated in the ticket, (3) Always allow resumption for different SNI. In both (2) and (3), the certificate for the original ticket issuer would have to be valid for the new server name, of course. I believe that (2) will result in a higher resumption success rate than (3), since for the servers that do not support shared resumption key, (3) would result in losing session tickets to unsuccessful resumption. For concreteness, I wrote a pull request that describes (2): <https://github.com/tlswg/tls13-spec/pull/777>
- [TLS] SNI and Resumption/0-RTT Eric Rescorla
- Re: [TLS] SNI and Resumption/0-RTT Andrei Popov
- Re: [TLS] SNI and Resumption/0-RTT Eric Rescorla
- Re: [TLS] SNI and Resumption/0-RTT Andrei Popov
- Re: [TLS] SNI and Resumption/0-RTT Eric Rescorla
- Re: [TLS] SNI and Resumption/0-RTT Martin Thomson
- Re: [TLS] SNI and Resumption/0-RTT Ilari Liusvaara
- Re: [TLS] SNI and Resumption/0-RTT Martin Thomson
- Re: [TLS] SNI and Resumption/0-RTT Martin Rex
- Re: [TLS] SNI and Resumption/0-RTT Ilari Liusvaara
- Re: [TLS] SNI and Resumption/0-RTT Martin Rex
- Re: [TLS] SNI and Resumption/0-RTT Ilari Liusvaara
- Re: [TLS] SNI and Resumption/0-RTT Ilari Liusvaara
- Re: [TLS] SNI and Resumption/0-RTT Christian Huitema
- Re: [TLS] SNI and Resumption/0-RTT Ilari Liusvaara
- Re: [TLS] SNI and Resumption/0-RTT Christian Huitema
- Re: [TLS] SNI and Resumption/0-RTT Andrei Popov
- Re: [TLS] SNI and Resumption/0-RTT Victor Vasiliev
- Re: [TLS] SNI and Resumption/0-RTT Kyle Nekritz
- Re: [TLS] SNI and Resumption/0-RTT Martin Rex
- Re: [TLS] SNI and Resumption/0-RTT Benjamin Kaduk
- Re: [TLS] SNI and Resumption/0-RTT Victor Vasiliev
- Re: [TLS] SNI and Resumption/0-RTT Victor Vasiliev
- Re: [TLS] SNI and Resumption/0-RTT Martin Thomson