IETF Logo Mail Archive

Re: [TLS] judging consensus on keys used in handshake and data messages

David Benjamin <davidben@chromium.org> Thu, 07 July 2016 00:49 UTC

Return-Path: <davidben@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BA66012B02F for <tls@ietfa.amsl.com>; Wed, 6 Jul 2016 17:49:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.125
X-Spam-Level:
X-Spam-Status: No, score=-4.125 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.426, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=chromium.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AIz9BpnF_QsI for <tls@ietfa.amsl.com>; Wed, 6 Jul 2016 17:49:11 -0700 (PDT)
Received: from mail-it0-x235.google.com (mail-it0-x235.google.com [IPv6:2607:f8b0:4001:c0b::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C74A012B00D for <tls@ietf.org>; Wed, 6 Jul 2016 17:49:11 -0700 (PDT)
Received: by mail-it0-x235.google.com with SMTP id f6so9127580ith.0 for <tls@ietf.org>; Wed, 06 Jul 2016 17:49:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=yyQ50iUfBQpU+3ypTPLpZ0EH7Qca/ddkM2JabIA/OWo=; b=CilyFVJ1PR8r2V+iEhiF49DiksHvS5O9RlYrZhQnYPwl3FJ1O2esq+kfEtz2dCW7lJ fA/a0Xva5bA65zy5LOIpL4U8D8Udybu7SNffqKixvNVbojgR2m1xKhJuTeGZEeM3yqb7 yjdbL+S9ByHhwfZlFD2HtHA9C0cLnn/BQbaA8=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=yyQ50iUfBQpU+3ypTPLpZ0EH7Qca/ddkM2JabIA/OWo=; b=lCtctOQ+92Rw52q0NEqFD6jFthUe4or88/ZtWOalcEjoDIrz/3mWsPZLdaaDrjtz5d 80DvGO4hW8+z4phUXUl0s+NTpyTqFzxHC7Bw0OkOIuvLD16tnDUhhY9DhSRPFgE0Vim7 qV66Y9AgfdFKuzzkRu7pSw51uRk2BMQTMBFeGUUN2R1cwYWpNseL9SIN2ahWgKtadVe3 32h6y7zSyHdt5L2N6PPVpclEjo/IUUxykIhI3JQNUFvWVNGu9+hSyi0XxGfK9ZhhES3T Nsnv1CjhE7zPftNQWFspxYYyo+E1hlsK/+mZcQ1Nn4itTAdBL8wGg3vHrMvWzF0ZPUei IFVA==
X-Gm-Message-State: ALyK8tJH7euMy6OVbqsSx6v+5ZKBs/2pFWoNy6VVt63OqJNBKWhyqoQM44AXv1vdd6MX3lU8CE3xrtjpoN6C9AP5
X-Received: by 10.36.227.67 with SMTP id d64mr22928185ith.18.1467852550958; Wed, 06 Jul 2016 17:49:10 -0700 (PDT)
MIME-Version: 1.0
References: <CAOgPGoA2RmAUMR=4bOOwepSSdrJ2tUGD1B+hieQzZaRVnwXo=A@mail.gmail.com> <A2C29D69-FF97-4C16-941B-87C0022C6362@gmail.com> <CAF8qwaC+iXoJ_Z9xuB4UqR4-7EmXUmr2pRRcBDxtDP-eZ8LzAg@mail.gmail.com> <201607062024.46745.davemgarrett@gmail.com> <CABcZeBO_Nh_u+++wOqH68j3mNfkM3A+W+4ZR7-J0ciV0-4q1KA@mail.gmail.com>
In-Reply-To: <CABcZeBO_Nh_u+++wOqH68j3mNfkM3A+W+4ZR7-J0ciV0-4q1KA@mail.gmail.com>
From: David Benjamin <davidben@chromium.org>
Date: Thu, 07 Jul 2016 00:49:00 +0000
Message-ID: <CAF8qwaArt-kmRf3EBdo4j7Q-xFEe25LZLperxzqtKqV-2sbJ1Q@mail.gmail.com>
To: Eric Rescorla <ekr@rtfm.com>, Dave Garrett <davemgarrett@gmail.com>
Content-Type: multipart/alternative; boundary="94eb2c111adae244ad0537010d28"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/znckvuqKj9WLzymHi6pyWCRA81U>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] judging consensus on keys used in handshake and data messages
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jul 2016 00:49:14 -0000

On Wed, Jul 6, 2016 at 5:39 PM Eric Rescorla <ekr@rtfm.com> wrote:

> On Wed, Jul 6, 2016 at 5:24 PM, Dave Garrett <davemgarrett@gmail.com>
> wrote:
>
>> On Wednesday, July 06, 2016 06:19:29 pm David Benjamin wrote:
>> > I'm also curious which post-handshake messages are the problem. If we
>> were
>> > to rename "post-handshake handshake messages" to "post-handshake bonus
>> > messages" with a distinct bonus_message record type, where would there
>> > still be an issue? (Alerts and application data share keys and this
>> seems
>> > to have been fine.)
>>
>> Recasting all the post-handshake handshake messages as not something
>> named "handshake" does make a degree of sense, on its own. (bikeshedding:
>> I'd name it something more descriptive like "secondary negotiation"
>> messages or something, though.) Even if this doesn't directly help with the
>> issue at hand here, does forking these into a new ContentType sound like a
>> useful move, in general?
>
>
> I'm not sure what this would accomplish.
>

Me neither. To clarify, I mention this not as a suggestion, but to motivate
asking about the type of message. If the only reason the proofs want them
in the handshake bucket rather than the application data bucket is that
they say "handshake" in them then, sure, let's do an inconsequential
re-spelling and move on from this problem.

But presumably something about the messages motivate this key separation
issue and I'd like to know what they are.

David

v2.23.0 | Report a Bug | By Email