| draft-ietf-quic-tls-05.txt | draft-ietf-quic-tls-06.txt | |||
|---|---|---|---|---|
| QUIC M. Thomson, Ed. | QUIC M. Thomson, Ed. | |||
| Internet-Draft Mozilla | Internet-Draft Mozilla | |||
| Intended status: Standards Track S. Turner, Ed. | Intended status: Standards Track S. Turner, Ed. | |||
| Expires: February 16, 2018 sn3rd | Expires: March 26, 2018 sn3rd | |||
| August 15, 2017 | September 22, 2017 | |||
| Using Transport Layer Security (TLS) to Secure QUIC | Using Transport Layer Security (TLS) to Secure QUIC | |||
| draft-ietf-quic-tls-05 | draft-ietf-quic-tls-06 | |||
| Abstract | Abstract | |||
| This document describes how Transport Layer Security (TLS) is used to | This document describes how Transport Layer Security (TLS) is used to | |||
| secure QUIC. | secure QUIC. | |||
| Note to Readers | Note to Readers | |||
| Discussion of this draft takes place on the QUIC working group | Discussion of this draft takes place on the QUIC working group | |||
| mailing list (quic@ietf.org), which is archived at | mailing list (quic@ietf.org), which is archived at | |||
| https://mailarchive.ietf.org/arch/search/?email_list=quic. | https://mailarchive.ietf.org/arch/search/?email_list=quic . | |||
| Working Group information can be found at https://github.com/quicwg; | Working Group information can be found at https://github.com/quicwg ; | |||
| source code and issues list for this draft can be found at | source code and issues list for this draft can be found at | |||
| https://github.com/quicwg/base-drafts/labels/tls. | https://github.com/quicwg/base-drafts/labels/tls . | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on February 16, 2018. | This Internet-Draft will expire on March 26, 2018. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2017 IETF Trust and the persons identified as the | Copyright (c) 2017 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 3, line 34 ¶ | skipping to change at page 3, line 34 ¶ | |||
| 11.1. Packet Reflection Attack Mitigation . . . . . . . . . . 33 | 11.1. Packet Reflection Attack Mitigation . . . . . . . . . . 33 | |||
| 11.2. Peer Denial of Service . . . . . . . . . . . . . . . . . 33 | 11.2. Peer Denial of Service . . . . . . . . . . . . . . . . . 33 | |||
| 12. Error codes . . . . . . . . . . . . . . . . . . . . . . . . . 34 | 12. Error codes . . . . . . . . . . . . . . . . . . . . . . . . . 34 | |||
| 13. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 34 | 13. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 34 | |||
| 14. References . . . . . . . . . . . . . . . . . . . . . . . . . 34 | 14. References . . . . . . . . . . . . . . . . . . . . . . . . . 34 | |||
| 14.1. Normative References . . . . . . . . . . . . . . . . . . 34 | 14.1. Normative References . . . . . . . . . . . . . . . . . . 34 | |||
| 14.2. Informative References . . . . . . . . . . . . . . . . . 35 | 14.2. Informative References . . . . . . . . . . . . . . . . . 35 | |||
| Appendix A. Contributors . . . . . . . . . . . . . . . . . . . . 36 | Appendix A. Contributors . . . . . . . . . . . . . . . . . . . . 36 | |||
| Appendix B. Acknowledgments . . . . . . . . . . . . . . . . . . 36 | Appendix B. Acknowledgments . . . . . . . . . . . . . . . . . . 36 | |||
| Appendix C. Change Log . . . . . . . . . . . . . . . . . . . . . 36 | Appendix C. Change Log . . . . . . . . . . . . . . . . . . . . . 36 | |||
| C.1. Since draft-ietf-quic-tls-04 . . . . . . . . . . . . . . 36 | C.1. Since draft-ietf-quic-tls-05 . . . . . . . . . . . . . . 36 | |||
| C.2. Since draft-ietf-quic-tls-03 . . . . . . . . . . . . . . 36 | C.2. Since draft-ietf-quic-tls-04 . . . . . . . . . . . . . . 36 | |||
| C.3. Since draft-ietf-quic-tls-02 . . . . . . . . . . . . . . 36 | C.3. Since draft-ietf-quic-tls-03 . . . . . . . . . . . . . . 36 | |||
| C.4. Since draft-ietf-quic-tls-01 . . . . . . . . . . . . . . 36 | C.4. Since draft-ietf-quic-tls-02 . . . . . . . . . . . . . . 36 | |||
| C.5. Since draft-ietf-quic-tls-00 . . . . . . . . . . . . . . 37 | C.5. Since draft-ietf-quic-tls-01 . . . . . . . . . . . . . . 37 | |||
| C.6. Since draft-thomson-quic-tls-01 . . . . . . . . . . . . . 37 | C.6. Since draft-ietf-quic-tls-00 . . . . . . . . . . . . . . 37 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 37 | C.7. Since draft-thomson-quic-tls-01 . . . . . . . . . . . . . 37 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 38 | ||||
| 1. Introduction | 1. Introduction | |||
| This document describes how QUIC [QUIC-TRANSPORT] is secured using | This document describes how QUIC [QUIC-TRANSPORT] is secured using | |||
| Transport Layer Security (TLS) version 1.3 [I-D.ietf-tls-tls13]. TLS | Transport Layer Security (TLS) version 1.3 [I-D.ietf-tls-tls13]. TLS | |||
| 1.3 provides critical latency improvements for connection | 1.3 provides critical latency improvements for connection | |||
| establishment over previous versions. Absent packet loss, most new | establishment over previous versions. Absent packet loss, most new | |||
| connections can be established and secured within a single round | connections can be established and secured within a single round | |||
| trip; on subsequent connections between the same client and server, | trip; on subsequent connections between the same client and server, | |||
| the client can often send application data immediately, that is, | the client can often send application data immediately, that is, | |||
| skipping to change at page 35, line 8 ¶ | skipping to change at page 35, line 8 ¶ | |||
| 14.1. Normative References | 14.1. Normative References | |||
| [I-D.ietf-tls-tls13] | [I-D.ietf-tls-tls13] | |||
| Rescorla, E., "The Transport Layer Security (TLS) Protocol | Rescorla, E., "The Transport Layer Security (TLS) Protocol | |||
| Version 1.3", draft-ietf-tls-tls13-21 (work in progress), | Version 1.3", draft-ietf-tls-tls13-21 (work in progress), | |||
| July 2017. | July 2017. | |||
| [QUIC-TRANSPORT] | [QUIC-TRANSPORT] | |||
| Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based | Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based | |||
| Multiplexed and Secure Transport", draft-ietf-quic- | Multiplexed and Secure Transport", draft-ietf-quic- | |||
| transport (work in progress), August 2017. | transport (work in progress), September 2017. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, <https://www.rfc- | |||
| <http://www.rfc-editor.org/info/rfc2119>. | editor.org/info/rfc2119>. | |||
| [RFC5116] McGrew, D., "An Interface and Algorithms for Authenticated | [RFC5116] McGrew, D., "An Interface and Algorithms for Authenticated | |||
| Encryption", RFC 5116, DOI 10.17487/RFC5116, January 2008, | Encryption", RFC 5116, DOI 10.17487/RFC5116, January 2008, | |||
| <http://www.rfc-editor.org/info/rfc5116>. | <https://www.rfc-editor.org/info/rfc5116>. | |||
| [RFC5869] Krawczyk, H. and P. Eronen, "HMAC-based Extract-and-Expand | [RFC5869] Krawczyk, H. and P. Eronen, "HMAC-based Extract-and-Expand | |||
| Key Derivation Function (HKDF)", RFC 5869, | Key Derivation Function (HKDF)", RFC 5869, | |||
| DOI 10.17487/RFC5869, May 2010, | DOI 10.17487/RFC5869, May 2010, <https://www.rfc- | |||
| <http://www.rfc-editor.org/info/rfc5869>. | editor.org/info/rfc5869>. | |||
| [RFC7301] Friedl, S., Popov, A., Langley, A., and E. Stephan, | [RFC7301] Friedl, S., Popov, A., Langley, A., and E. Stephan, | |||
| "Transport Layer Security (TLS) Application-Layer Protocol | "Transport Layer Security (TLS) Application-Layer Protocol | |||
| Negotiation Extension", RFC 7301, DOI 10.17487/RFC7301, | Negotiation Extension", RFC 7301, DOI 10.17487/RFC7301, | |||
| July 2014, <http://www.rfc-editor.org/info/rfc7301>. | July 2014, <https://www.rfc-editor.org/info/rfc7301>. | |||
| 14.2. Informative References | 14.2. Informative References | |||
| [AEBounds] | [AEBounds] | |||
| Luykx, A. and K. Paterson, "Limits on Authenticated | Luykx, A. and K. Paterson, "Limits on Authenticated | |||
| Encryption Use in TLS", March 2016, | Encryption Use in TLS", March 2016, | |||
| <http://www.isg.rhul.ac.uk/~kp/TLS-AEbounds.pdf>. | <http://www.isg.rhul.ac.uk/~kp/TLS-AEbounds.pdf>. | |||
| [FNV] Fowler, G., Noll, L., Vo, K., Eastlake, D., and T. Hansen, | [FNV] Fowler, G., Noll, L., Vo, K., Eastlake, D., and T. Hansen, | |||
| "The FNV Non-Cryptographic Hash Algorithm", draft- | "The FNV Non-Cryptographic Hash Algorithm", draft- | |||
| eastlake-fnv-13 (work in progress), June 2017. | eastlake-fnv-13 (work in progress), June 2017. | |||
| [QUIC-HTTP] | [QUIC-HTTP] | |||
| Bishop, M., Ed., "Hypertext Transfer Protocol (HTTP) over | Bishop, M., Ed., "Hypertext Transfer Protocol (HTTP) over | |||
| QUIC", draft-ietf-quic-http (work in progress), August | QUIC", draft-ietf-quic-http (work in progress), September | |||
| 2017. | 2017. | |||
| [QUIC-RECOVERY] | [QUIC-RECOVERY] | |||
| Iyengar, J., Ed. and I. Swett, Ed., "QUIC Loss Detection | Iyengar, J., Ed. and I. Swett, Ed., "QUIC Loss Detection | |||
| and Congestion Control", draft-ietf-quic-recovery (work in | and Congestion Control", draft-ietf-quic-recovery (work in | |||
| progress), August 2017. | progress), September 2017. | |||
| [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, | [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, | |||
| DOI 10.17487/RFC2818, May 2000, | DOI 10.17487/RFC2818, May 2000, <https://www.rfc- | |||
| <http://www.rfc-editor.org/info/rfc2818>. | editor.org/info/rfc2818>. | |||
| [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | |||
| Housley, R., and W. Polk, "Internet X.509 Public Key | Housley, R., and W. Polk, "Internet X.509 Public Key | |||
| Infrastructure Certificate and Certificate Revocation List | Infrastructure Certificate and Certificate Revocation List | |||
| (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, | (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, | |||
| <http://www.rfc-editor.org/info/rfc5280>. | <https://www.rfc-editor.org/info/rfc5280>. | |||
| [RFC7924] Santesson, S. and H. Tschofenig, "Transport Layer Security | [RFC7924] Santesson, S. and H. Tschofenig, "Transport Layer Security | |||
| (TLS) Cached Information Extension", RFC 7924, | (TLS) Cached Information Extension", RFC 7924, | |||
| DOI 10.17487/RFC7924, July 2016, | DOI 10.17487/RFC7924, July 2016, <https://www.rfc- | |||
| <http://www.rfc-editor.org/info/rfc7924>. | editor.org/info/rfc7924>. | |||
| Appendix A. Contributors | Appendix A. Contributors | |||
| Ryan Hamilton was originally an author of this specification. | Ryan Hamilton was originally an author of this specification. | |||
| Appendix B. Acknowledgments | Appendix B. Acknowledgments | |||
| This document has benefited from input from Dragana Damjanovic, | This document has benefited from input from Dragana Damjanovic, | |||
| Christian Huitema, Jana Iyengar, Adam Langley, Roberto Peon, Eric | Christian Huitema, Jana Iyengar, Adam Langley, Roberto Peon, Eric | |||
| Rescorla, Ian Swett, and many others. | Rescorla, Ian Swett, and many others. | |||
| Appendix C. Change Log | Appendix C. Change Log | |||
| *RFC Editor's Note:* Please remove this section prior to | *RFC Editor's Note:* Please remove this section prior to | |||
| publication of a final version of this document. | publication of a final version of this document. | |||
| Issue and pull request numbers are listed with a leading octothorp. | Issue and pull request numbers are listed with a leading octothorp. | |||
| C.1. Since draft-ietf-quic-tls-04 | C.1. Since draft-ietf-quic-tls-05 | |||
| No significant changes. | ||||
| C.2. Since draft-ietf-quic-tls-04 | ||||
| o Update labels used in HKDF-Expand-Label to match TLS 1.3 (#642) | o Update labels used in HKDF-Expand-Label to match TLS 1.3 (#642) | |||
| C.2. Since draft-ietf-quic-tls-03 | C.3. Since draft-ietf-quic-tls-03 | |||
| No significant changes. | No significant changes. | |||
| C.3. Since draft-ietf-quic-tls-02 | C.4. Since draft-ietf-quic-tls-02 | |||
| o Updates to match changes in transport draft | o Updates to match changes in transport draft | |||
| C.4. Since draft-ietf-quic-tls-01 | C.5. Since draft-ietf-quic-tls-01 | |||
| o Use TLS alerts to signal TLS errors (#272, #374) | o Use TLS alerts to signal TLS errors (#272, #374) | |||
| o Require ClientHello to fit in a single packet (#338) | o Require ClientHello to fit in a single packet (#338) | |||
| o The second client handshake flight is now sent in the clear (#262, | o The second client handshake flight is now sent in the clear (#262, | |||
| #337) | #337) | |||
| o The QUIC header is included as AEAD Associated Data (#226, #243, | o The QUIC header is included as AEAD Associated Data (#226, #243, | |||
| #302) | #302) | |||
| skipping to change at page 37, line 21 ¶ | skipping to change at page 37, line 30 ¶ | |||
| o Require at least TLS 1.3 (#138) | o Require at least TLS 1.3 (#138) | |||
| o Define transport parameters as a TLS extension (#122) | o Define transport parameters as a TLS extension (#122) | |||
| o Define handling for protected packets before the handshake | o Define handling for protected packets before the handshake | |||
| completes (#39) | completes (#39) | |||
| o Decouple QUIC version and ALPN (#12) | o Decouple QUIC version and ALPN (#12) | |||
| C.5. Since draft-ietf-quic-tls-00 | C.6. Since draft-ietf-quic-tls-00 | |||
| o Changed bit used to signal key phase | o Changed bit used to signal key phase | |||
| o Updated key phase markings during the handshake | o Updated key phase markings during the handshake | |||
| o Added TLS interface requirements section | o Added TLS interface requirements section | |||
| o Moved to use of TLS exporters for key derivation | o Moved to use of TLS exporters for key derivation | |||
| o Moved TLS error code definitions into this document | o Moved TLS error code definitions into this document | |||
| C.6. Since draft-thomson-quic-tls-01 | C.7. Since draft-thomson-quic-tls-01 | |||
| o Adopted as base for draft-ietf-quic-tls | o Adopted as base for draft-ietf-quic-tls | |||
| o Updated authors/editors list | o Updated authors/editors list | |||
| o Added status note | o Added status note | |||
| Authors' Addresses | Authors' Addresses | |||
| Martin Thomson (editor) | Martin Thomson (editor) | |||
| End of changes. 23 change blocks. | ||||
| 34 lines changed or deleted | 39 lines changed or added | |||
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||