RE: [TLS] Issue 49: Finished.verify length

To: <ekr at networkresonance.com>
Subject: RE: [TLS] Issue 49: Finished.verify length
From: <Pasi.Eronen at nokia.com>
Date: Mon, 17 Sep 2007 10:03:16 +0300
Cc: tls at ietf.org
In-reply-to: <20070916171835.57FF033C21@delta.rtfm.com>
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
References: <20070914090853.GA20702@tau.invalid><B356D8F434D20B40A8CEDAEC305A1F2404937712@esebe105.NOE.Nokia.com><20070914120310.GA29073@tau.invalid><B356D8F434D20B40A8CEDAEC305A1F2404937802@esebe105.NOE.Nokia.com><20070914141809.2439533C21@delta.rtfm.com><B356D8F434D20B40A8CEDAEC305A1F2404966D3F@esebe105.NOE.Nokia.com><20070914183633.6B09F33C21@delta.rtfm.com><B356D8F434D20B40A8CEDAEC305A1F2404966DF0@esebe105.NOE.Nokia.com> <20070916171835.57FF033C21@delta.rtfm.com>
Thread-index: Acf4hiA+yIOddDjHSsCqSnxIThtzJgAcmIKw
Thread-topic: [TLS] Issue 49: Finished.verify length

Eric Rescorla wrote:
> Well, I don't think changing the encoding is needed. The
> verify_data is the only thing in the Finished message so it's
> already implicitly encoded. If we want to allow this to change
> length without doing an Update, then why not change it to:
> 
>    struct {
>        opaque verify_data[SecurityParameters.finished_length];
>    } Finished;
> 
> This leaves a hole but doesn't require changing the wire encoding.

This would work, too.

> That said, I'd sort of like to discourage changing the length without
> good reason, so I'd actually like the first cipher suite to do
> this to have to Update: TLS 1.2. However, using the technique above,
> we could make this cahnge later without having to impact 
> implemenations that didn't support the new cipher suite.

Ciphersuites should be able to do algorithm agility without updating
TLS 1.2, and things like MAC lengths are IMHO part of that agility...

Best regards,
Pasi

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

References:
- Re: [TLS] Issue 49: Finished.verify length
  - From: Bodo Moeller
- RE: [TLS] Issue 49: Finished.verify length
  - From: Pasi.Eronen
- Re: [TLS] Issue 49: Finished.verify length
  - From: Bodo Moeller
- RE: [TLS] Issue 49: Finished.verify length
  - From: Pasi.Eronen
- Re: [TLS] Issue 49: Finished.verify length
  - From: Eric Rescorla
- RE: [TLS] Issue 49: Finished.verify length
  - From: Pasi.Eronen
- Re: [TLS] Issue 49: Finished.verify length
  - From: Eric Rescorla
- RE: [TLS] Issue 49: Finished.verify length
  - From: Pasi.Eronen
- Re: [TLS] Issue 49: Finished.verify length
  - From: Eric Rescorla

Prev by Date: Re: [TLS] Issue 49: Finished.verify length
Next by Date: Re: [TLS] Issue 49: Finished.verify length
Previous by thread: Re: [TLS] Issue 49: Finished.verify length
Next by thread: Re: [TLS] Issue 49: Finished.verify length
Index(es):
- Date
- Thread

RE: [TLS] Issue 49: Finished.verify length

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.