RE: [TLS] Please discuss: draft-housley-evidence-extns-00

["Mark Brown" <mark@xxxxxxxxxxxxxxxxxxxx>]

Eric,

> I think "not great" is quite an understatement here. You've just
> required that every TLS record write requires *two* signatures,
> one from the sender and one from the receiver. This includes
> record read/writes which the application doesn't even care
> about having evidence for. Your typical brokerage transaction
> requires 10s if not hundreds of separate HTTP fetches, each
> of which requires one or more record in each direction. Doing
> 25 digital signatures for every transaction is an enormous
> load on the server.

Turn on TLS Evidence only for one POST, skip the GETs.  There's typically
one important POST per transaction, the one before the
print-this-page-for-your-records response.  That's the page the user
typically prints for evidence of the transaction, despite its failings.

It doesn't make sense to create TLS Evidence for every fetch.  What would be
the point of being able to show for posterity that some browser downloaded
20 gifs, a css file and two javascript files?  None.

Regarding performance estimates, whether you use a FIPS 140 accelerator or
not, the cost of two digital signatures and the extra TLS Evidence messages
is less than the 20+ round trips made to load the page, even if the client
is using multiple connections.  

--mark


_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls