Thanks for the reply!

On Thu, Aug 21, 2014 at 7:50 PM, Wei Sun <sun...@yahoo-inc.com.invalid>
wrote:

>
>
> On 8/22/14, 10:06, "Bill Zeng" <billzeng2...@gmail.com> wrote:
>
> >Hi James,
> >
> >Thanks for the reply!
> >
> >On Thu, Aug 21, 2014 at 4:37 PM, James Peach <jpe...@apache.org> wrote:
> >
> >> On Aug 21, 2014, at 3:56 PM, Bill Zeng <billzeng2...@gmail.com> wrote:
> >>
> >> > Hi all,
> >> >
> >> > I am new to ATS and my understanding of ATS is limited. I am working
> >>on a
> >> > project to enable session resumption using session tickets. Session
> >> tickets
> >> > are encrypted with session ticket keys which need to be rotated for
> >> > security. Currently, one session ticket key file (only one key is
> >>used)
> >> is
> >> > specified by the ticket_key_name option and used for the entire time.
> >> >
> >> > I would like to propose to rotate the session ticket key periodically,
> >> say,
> >> > once every 12 hours. A new session ticket key is generated by a key
> >> server,
> >> > and distributed to ATS's. Note that locally generated keys cannot be
> >> shared
> >> > among multiple ATS's on different boxes easily. An ATS needs to load
> >>new
> >> > keys into memory every 12 hours. In order to smooth the key transition
> >> > process, multiple keys can be in use at the same time. That is, when a
> >> new
> >> > key is generated, the older can be used for a while before it gets
> >> retired.
> >> > These keys can be stored in multiple files, but it is neat to store
> >>them
> >> in
> >> > just one file.
> >> >
> >> > A session ticket key contains three 16-byte fields: key name, AES key,
> >> and
> >> > HMAC key. Right now,  they are stored as an opaque 48-byte blob. A
> >> 48-byte
> >> > blob works for the simple case with just one session ticket key. But
> >>it
> >> can
> >> > be inconvenient for multiple keys with different versions.
> >>
> >> We use the same ticket key format as httpd <
> >>
> >>
> http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslsessionticketkeyfile
> >> >.
> >>
> >
> >Compatibility is important.
> >
> >
> >> > I would like to
> >> > propose to use JSON as the format for session ticket keys. We can
> >>store
> >> > rich metadata such as the version, lifetime etc. in JSON. Each key can
> >> also
> >> > have a lifetime associated with it. JSON is also human-readable and
> >> > inter-operable with other tools. A simple JSON parser is needed to
> >>parse
> >> > the session ticket keys.
> >> >
> >> > Here is Twitter's approach to this problem:
> >> > https://blog.twitter.com/2013/forward-secrecy-at-twitter
> >>
> >> You can implement a scheme similar to that described in the Twitter post
> >> with some external tooling. Keep the tickets on a RAM disk (or a FUSE
> >> filesystem helper), and reload the SSL config (touch
> >>ssl_multicert.config
> >> && traffic_line -x) once the new version is in place everywhere. I guess
> >> that you could use something like etcd to co-ordinate the process.
> >>
> >
> >traffic_line -x might work. It does not seem like an efficient approach.
> >You need to do that on every box. I would like to push a new key to ATS's
> >and they suck in the new key periodically without intervention. We can add
> >a new configuration option to records.config and checks for key update
> >only
> >once every 12 hours.
>
> Another approach is to use the lifecycle API
> (TS_LIFECYCLE_SERVER_SSL_CTX_INITIALIZED_HOOK) and handle any SSL_CTX
> related callbacks (e.g. ssl_callback_session_ticket) in a plug-in where
> you may spawn a dedicate thread to rotate the keys, this helps to
> integrate with specific CKMS that keys are all in memory.
>
>
A separate thread seems like an overkill for this problem. A session ticket
key is renewed once for every 12 hours. Most of the time, the thread would
be idle.


> >
> >
> >> J
> >>
>
>

Reply via email to