Re: [TLS] Making post-handshake messages optional in TLS 1.3 (#676)

Hannes Tschofenig <hannes.tschofenig@gmx.net> Tue, 11 October 2016 16:37 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6BDAE129468 for <tls@ietfa.amsl.com>; Tue, 11 Oct 2016 09:37:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.097
X-Spam-Level:
X-Spam-Status: No, score=-5.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_SORBS_SPAM=0.5, RP_MATCHES_RCVD=-2.996, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3XD7pU4GVqRi for <tls@ietfa.amsl.com>; Tue, 11 Oct 2016 09:37:13 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 295D81293E0 for <TLS@ietf.org>; Tue, 11 Oct 2016 09:37:13 -0700 (PDT)
Received: from [192.168.91.134] ([80.92.121.244]) by mail.gmx.com (mrgmx001) with ESMTPSA (Nemesis) id 0LtJAR-1asjJV1W1r-012miP; Tue, 11 Oct 2016 18:37:10 +0200
To: Nick Sullivan <nicholas.sullivan@gmail.com>, "tls@ietf.org" <TLS@ietf.org>
References: <CAOjisRznhk-Fww=EnRg7zXO-zaHWyNgi0g+reRBj+y3ZOhwMhw@mail.gmail.com>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9
Message-ID: <d267aa85-56fc-b7b0-dc1f-3373f3b0c563@gmx.net>
Date: Tue, 11 Oct 2016 18:37:08 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0
MIME-Version: 1.0
In-Reply-To: <CAOjisRznhk-Fww=EnRg7zXO-zaHWyNgi0g+reRBj+y3ZOhwMhw@mail.gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="EWPfpAKRV4JWGL3lUA3gt3ASjkXKoEFrC"
X-Provags-ID: V03:K0:EfnBwgMP0kp3Qobi+7dVK0jMOsT/aPl2FVv8V/lPV7zFSoy0rZ2 KdJEcmjy84LHUrDk6utiDTN8ipoH5B9TKZVXDNYQIOBu1Ra31W6Q9kslXrL0Zmqo8d0wwD2 Db+0O5THuoT7tccti6RgaqiZIo3jaYSO/HsbOqqJnuZQxA3QhVFITj6Z4L4pBe4u6VWkKqa nm8V0LSyCj8St+Xm59pCw==
X-UI-Out-Filterresults: notjunk:1;V01:K0:bQ4pLuXM5gM=:FsljIDs8nK4E5Ugg2MQR6C FWh1LkO8jupl2AQevP4gtuCJVYIbuTwg/O1cesRsrt6sByFVzohRP7wQ0muFVE7z+3X7r/mNU dwI5th8xqL8exiCJ3uX302xd0duIHo7QgnQCjKOW7GA+9Dno2a+OGLwzDvU5d9ZWWy7ePwlN7 cfcU8rQcEq1v443VlP6eiYTZwPkmhHXAOlk5Um5UZRu3gqsBKMZ5c26xrHDVsy7SXl6kmfur9 nTPadR+dzX6IcSsnwBkjiZDk9Z+iBTaGnhX6sij33j4aCumHvHEkZn4Se5HkhhB92PmLbKWTE 1xeQsjPCcm9wpeBv4LkiFwYmmk5ohGn3Nq5+O0HSEMg+A8kJW38l6TTur/QXrR3m60fAS1eHb w0irKLS376vlqPnwMM75zv7HHsZUQXWD+cv1gxKH7yEkIj//kqFYr5zpUr4Dfpsgji+2LEIT0 YL6FfgPdPLb1x/zL6f31H3K0RIyAQJui2XuxeFO8iEmx/lKuFjuvIN22BP7bwG/dquTRkZ1d/ XbLGCTX3bo8hiQ2Huy6LhN7a1VLTE6dSvdO7eTmYCjwW89Npve9lSwXX/kA07RFPKXPiscYvT uuY8oAgci0wcBPhl3Xfk7JZ4kulAf3wkfG6TGWMlK8EDG25QfviCcEiZTfrBaicgTPKhYdqBn DM3CNisIWKkhDIgy1J74hhgHkUkU/bJLyRqNn9l+XpD2zU3pZrTH21CGnO5P5YpPbhBio2bIm OginyggQxMH77tnyy02nDvMN1dPpf1wz5JT14z3sYCipSzRmAxFHdX3/xkY=
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/y_hxEpeRNZ-ATOegavpEQt684hM>
Subject: Re: [TLS] Making post-handshake messages optional in TLS 1.3 (#676)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Oct 2016 16:37:15 -0000

Hi Nick,

given my discussion with Martin in this thread
https://www.ietf.org/mail-archive/web/tls/current/msg21481.html I like
your idea of making the post-handshake messages optional since it allows
me to develop a TLS 1.3 client that is smaller in code size.

Ciao
Hannes


On 10/08/2016 03:03 AM, Nick Sullivan wrote:
> There has been a lot of discussion lately about post-handshake messages
> that do not contain application data and how to handle them. This PR is
> an attempt to make the story more explicit by adding a new
> post_handshake extension to TLS 1.3.
> 
> Supporting all types of post-handshake messages can require extra
> complexity and logic, even when the features that these messages enable
> are not needed. Some types of connections/implementations don't need to
> support key updates (some unidirectional connections), session tickets
> (pure PSK implementations) and post-handshake client auth (most
> browsers). These are all currently SHOULDs in the spec and they don't
> need to be.
> 
> In order to simplify the logic around dealing with post-handshake
> messages, this proposal makes support for each of these modes explicit
> via a new handshake extension. This change also makes the path to
> introducing other types of post-handshake messages in future drafts more
> explicit.
> 
> PR:
> https://github.com/tlswg/tls13-spec/pull/676
> 
> Nick
> 
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>