Re: [TLS] What's the proper alert for sequence wrap.

To: "Mike" <mike-list at pobox.com>, "tls mailing list" <tls at ietf.org>
Subject: Re: [TLS] What's the proper alert for sequence wrap.
From: "Omirjan Batyrbaev" <batyr at sympatico.ca>
Date: Fri, 26 Jan 2007 16:16:04 -0500
Cc:
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
References: <45AF1B54.7060600@Sun.Com> <45AFB096.4030606@pobox.com>

Hi,

How in practice does a SSL/TLS server assigns the new session IDs?
Say, does it increment the older session ID?
-Omirjan
----- Original Message ----- 
From: "Mike" <mike-list at pobox.com>
To: "tls mailing list" <tls at ietf.org>
Sent: Thursday, January 18, 2007 12:38 PM
Subject: Re: [TLS] What's the proper alert for sequence wrap.


> Practically speaking, you don't ever need to worry about this.
> Even if you send a billion records every second, it would take
> 584 years to wrap the sequence number.
>
> Mike
>
>
> Andrew Fan wrote:
> > The RFC4346 says:
> >
> >      Sequence numbers are of type uint64 and may not
> >      exceed 2^64-1.  Sequence numbers do not wrap.  If a TLS
> >      implementation would need to wrap a sequence number, it must
> >      renegotiate instead.
> >
> > In a implementation, if one does not want to support sequence number
> > wrap with renegotiation, a fatal alert should be sent to peer if the
> > sequence number exceed. Or if one side receive a wrapped sequence
> > number, a fatal alert also should be sent to peer. However, I don't find
> > proper alert descriptions for both read and write sequence number exceed
> > cases.
> >
> > Any suggestions?
>
> _______________________________________________
> TLS mailing list
> TLS at lists.ietf.org
> https://www1.ietf.org/mailman/listinfo/tls
>


_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] What's the proper alert for sequence wrap.
  - From: Mike

References:
- [TLS] What's the proper alert for sequence wrap.
  - From: Andrew Fan
- Re: [TLS] What's the proper alert for sequence wrap.
  - From: Mike

Prev by Date: Re: [TLS] Please discuss: draft-housley-evidence-extns-00<
Next by Date: Re: [TLS] What's the proper alert for sequence wrap.
Previous by thread: Re: [TLS] What's the proper alert for sequence wrap.
Next by thread: Re: [TLS] What's the proper alert for sequence wrap.
Index(es):
- Date
- Thread

Re: [TLS] What's the proper alert for sequence wrap.

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.