[TLS] =?UTF-8?Q?Re:__FYI:_new_TLS_HandshakeType_allocation, _from_draft-ie?= tf-perc-srtp-ekt-diet

"Martin Thomson" <mt@lowentropy.net> Mon, 02 September 2019 00:28 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 023D71200E5 for <tls@ietfa.amsl.com>; Sun, 1 Sep 2019 17:28:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.701
X-Spam-Level:
X-Spam-Status: No, score=-2.701 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=m2EmfZqv; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=g5RRKxAo
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YMNSD9fnxKbi for <tls@ietfa.amsl.com>; Sun, 1 Sep 2019 17:28:54 -0700 (PDT)
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6F8291200DF for <tls@ietf.org>; Sun, 1 Sep 2019 17:28:54 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id BF2C13E7 for <tls@ietf.org>; Sun, 1 Sep 2019 20:28:53 -0400 (EDT)
Received: from imap2 ([10.202.2.52]) by compute1.internal (MEProxy); Sun, 01 Sep 2019 20:28:53 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type; s=fm3; bh=aP8Zhq9WFmYvIx0SjLzMhVqma5+WlZ5 cTFP9ppbTrYE=; b=m2EmfZqvj2AV2DVHXmMzqIn/86zEyclW7Xp+FtO6K8Hhlng bHJ4AybIU6JqU6WOh2wSb6lCDlwBNWHWWmSGf9eMvvjPggdVJV268WXPil3OK70d oXbx+CSLg1aP69QisyuVfVYhh27iJRGJTVhZIDLqWo2ZFYZPQpIN+odCnSNqSHy1 RbZY0OUoug0aS9eB7M6oF4vao1TqhMVD1Rx+hmqmrfdimYjOvJRuEBRdn/mRfqBw RzBudZKSyHddcjAMwlEoxfa+0+1zp9AY19XVQMQqQWYhBUEtxEV2toX9synAJz9x fL9xKJ05gfN4hUHH+JUC8cw7tTbRUpDvMlu7Pig==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=aP8Zhq 9WFmYvIx0SjLzMhVqma5+WlZ5cTFP9ppbTrYE=; b=g5RRKxAou+Wz9gXFPjfEGE zSAyxE8Ew5lGaa5W8ff5OgP9YzVw1VUCDjB59sm/clgn0lijSXDCEXKbXPac6ztu w94gZOf+nfLmUUXizwgYwRDtEy48JaZjxZfE9lEjAVVOiSnQEvnS4ujNxBOcPC79 KT7jEpinWDENcQXnrczvINPN3up1Wk1gRaHpgV43zv5cd/Af2ULmvK/OZk1Ci0fz bn5/2tDQne6q9fr5QDwEBTji+n1m3e0lBpcLl6HQOY3sQeNAiP0+vdL5ZPAueQ2d U4DAMTC2bAkOWCzwB+0hNZRQECdzX6atYE7Y3uYrFcp//oMUp8ZH3UtOta84BjRQ ==
X-ME-Sender: <xms:RWJsXT634rO5078nDq4GJwiWyjy1QvgFL4v7swl0KOQBjnCGTLAEbg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduvddrudeiledgfeehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtsehttd ertderreejnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhho figvnhhtrhhophihrdhnvghtqeenucffohhmrghinhepihgvthhfrdhorhhgnecurfgrrh grmhepmhgrihhlfhhrohhmpehmtheslhhofigvnhhtrhhophihrdhnvghtnecuvehluhhs thgvrhfuihiivgeptd
X-ME-Proxy: <xmx:RWJsXeLCUAjl5Jvvq8516qv4JNWWBZFLSZ1NxCTIQRKAW4jqKS3yKQ> <xmx:RWJsXcKlZZYa0Av2X85_T1Yny4DTdYWJyUiB44jRy24QOAQKmcaaRQ> <xmx:RWJsXcXVVJubCTas3Lp6KGPkE5JifVRNnpNoEzazif52RraKX8p83g> <xmx:RWJsXULfjeSoDd0zBljuHKoRwJyyzZkGLYk0ztOqqk0EnygOIUoRmw>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id 103C0E00A3; Sun, 1 Sep 2019 20:28:53 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.1.7-154-gfa7592a-fmstable-20190829v1
Mime-Version: 1.0
Message-Id: <1266c1f2-f0d2-4015-ae6b-017f2fcf869f@www.fastmail.com>
In-Reply-To: <20190830222401.GR84368@kduck.mit.edu>
References: <20190830222401.GR84368@kduck.mit.edu>
Date: Mon, 02 Sep 2019 10:28:36 +1000
From: "Martin Thomson" <mt@lowentropy.net>
To: tls@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/xklfXn73Y8mUER4lr5yYmRKiA3k>
Subject: [TLS] =?utf-8?b?PT9VVEYtOD9RP1JlOl9fRllJOl9uZXdfVExTX0hhbmRzaGFr?= =?utf-8?q?eType=5Fallocation=2C_=5Ffrom=5Fdraft-ie=3F=3D_tf-perc-srtp-ekt?= =?utf-8?q?-diet?=
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Sep 2019 00:28:56 -0000

Which value do they want?  As we have previously established in relation to the discussion on connection IDs and handshake types, there are values that would be sent in the clear in (D)TLS 1.3, which have very tight constraints, and those that would be sent under encryption, which might not need so close scrutiny.

I get the impression that there are constraints here.  This will likely be multiplexed in an RFC 7983 sense in DTLS 1.2, so the range of values here is narrow.  But not as narrow as to require access to the prime space between 20 and 31 that we are using for handshake types that need to be sent in the clear. I think that we should encourage the use of a value >= 32 in this case.

On Sat, Aug 31, 2019, at 08:24, Benjamin Kaduk wrote:
> Hi all,
> 
> New values for core types like TLS HandshakeType and ContentType don't
> happen very often, so I thought people might be interested to know that
> draft-ietf-perc-srtp-ekt-diet (currently in IESG evaluation) is allocating
> a HandshakeType, to carry key information used to encrypt SRTP media key
> material.
> Obviously "it's never too late to change until the RFC is published", but I
> think there would need to be some pretty serious issues in order to change
> it at this point, so this is expected to just be an "FYI".
> 
> -Ben
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>