IETF Logo Mail Archive

Re: [TLS] Followup on Update

Dave Garrett <davemgarrett@gmail.com> Thu, 05 March 2015 20:22 UTC

Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A56B71A8A5F for <tls@ietfa.amsl.com>; Thu, 5 Mar 2015 12:22:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TnfgAdTnaTxN for <tls@ietfa.amsl.com>; Thu, 5 Mar 2015 12:22:25 -0800 (PST)
Received: from mail-qg0-x236.google.com (mail-qg0-x236.google.com [IPv6:2607:f8b0:400d:c04::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 790321A8A60 for <tls@ietf.org>; Thu, 5 Mar 2015 12:22:19 -0800 (PST)
Received: by qgdz60 with SMTP id z60so7672036qgd.1 for <tls@ietf.org>; Thu, 05 Mar 2015 12:22:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=8uGAgCk3EF8fUqyProWV3Z2cbsfS7QortH/Ix18BDUg=; b=uHcs8vwGaVfDWlINXLfHo5z9OkiQwu41fgIsq6RgEb1X1MlEZbWQneONUUf+uZCDmF ol2M5o5alqXYQfxTuMgqgNDUDklsXPFlRPzphGQ/Lb9gtxS/bwEDKiGfTweRx61BdL4h dWdFbx2KY2cQUcg2nYpVMhhCES2bP0BRDa+0BgHjyll+dPoAJwH8cq+lXC0RMzN7JmAJ ZBo5wpfdzpine7oNFlHssvH5zQ2vCe6NX1h5t3yNuENjdg1vcxsehzLBsvTFg2GQTLIK 1kuU43/oL9YigaLxjONgjc4OWeUFl1gwUqdfSvc5FCpUQogikBpqBOqMZtOHWnnCwDjL PiZw==
X-Received: by 10.55.42.129 with SMTP id q1mr21812485qkq.54.1425586938782; Thu, 05 Mar 2015 12:22:18 -0800 (PST)
Received: from dave-laptop.localnet (pool-96-245-254-195.phlapa.fios.verizon.net. [96.245.254.195]) by mx.google.com with ESMTPSA id i185sm4388370qhc.49.2015.03.05.12.22.17 (version=TLSv1 cipher=RC4-SHA bits=128/128); Thu, 05 Mar 2015 12:22:18 -0800 (PST)
From: Dave Garrett <davemgarrett@gmail.com>
To: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 05 Mar 2015 15:22:15 -0500
User-Agent: KMail/1.13.5 (Linux/2.6.32-71-generic-pae; KDE/4.4.5; i686; ; )
References: <CABcZeBNLe+ffTPVi=i5xHCPL=eEKfM++RhjAf05S_sRwaAB72A@mail.gmail.com> <201502250009.08942.davemgarrett@gmail.com> <CABcZeBN8tCXNgSoLXw_WfisJTm+gJQpek-13_HCGoKsbA-0Vkg@mail.gmail.com>
In-Reply-To: <CABcZeBN8tCXNgSoLXw_WfisJTm+gJQpek-13_HCGoKsbA-0Vkg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <201503051522.15862.davemgarrett@gmail.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/yz6xkWVUw-ASr5kFmPbd-muDHS8>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Followup on Update
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Mar 2015 20:22:26 -0000

On Thursday, March 05, 2015 02:40:28 pm Eric Rescorla wrote:
> On Tue, Feb 24, 2015 at 9:09 PM, Dave Garrett <davemgarrett@gmail.com>
> wrote:
> > On Tuesday, February 24, 2015 09:00:46 pm Eric Rescorla wrote:
> > > On Tue, Feb 24, 2015 at 5:43 PM, Dave Garrett <davemgarrett@gmail.com>
> > > wrote:
> > > > On Tuesday, February 24, 2015 07:44:22 pm Eric Rescorla wrote:
> > > > > [0] See https://github.com/tlswg/tls13-spec/pull/94 for a WIP
> > > > > version of the basic mechanism.
> > > >
> > > > The current proposal says:
> > > >
> > > > "An implementation MAY send an UpdateRekey at any time after
> > > > the handshake completes."
> > > >
> > > > Is there a particular reason to not just have an automatic rekey at
> > > > semi-regular intervals? So, every N records or M minutes (or whichever
> > > > comes first) an endpoint must send a rekey, and then after a similarly
> > > > measured interval the other endpoint sends a rekey; repeat ad
> > > > infinitum.
> > >
> > > It's not entirely clear that we know how to design a good heuristic here,
> > > especially one that covers the entire range of possible algorithms.
> >
> > That's sort of my point; this proposal requires implementations to do so.
> > I'm saying that picking one in the spec would be preferable to leaving it
> > up to the whims of whatever the many combinations of implementations
> > end up deciding. Even if some use-case needs to add rekeys, starting
> > from a conservative heuristic in the spec would ensure implementations
> > are provided with at least a general expectation of how to use this.
> 
> I'm going to argue that the frequency of update is a semi-orthogonal issue.
> I.e., if you think this mechanism works, then we can decide to put it in
> and have a separate discussion of minimum update frequency.

No objection.

A baseline, minimum, and maximum frequency are all needed here, plus recommendations on why to diverge from baseline and what to do if limits are exceeded. A new fatal alert for passing limits sounds appropriate. Without ~something~ specific, however, this sounds like trouble.

On a somewhat separate issue, I think there needs to be something indicating when an "ignored" ACK message is appropriate and how to deal with it properly at both endpoints.

The gist of my concern is that this needs to all be spelled out very carefully with strong expectations. It needs to be very clear to prohibit rarely or never rekeying or a million rekeys in one second and with a specification on how to react to things. As many have pointed out, leaving things vague and up to implementations eventually causes problems that may never be fixed.


Dave

v2.23.0 | Report a Bug | By Email