[TLS] RE: WGLC - Stepping up Hash

To: <stefans at microsoft.com>, <tls at ietf.org>
Subject: [TLS] RE: WGLC - Stepping up Hash
From: <Pasi.Eronen at nokia.com>
Date: Thu, 13 Dec 2007 08:46:56 +0200
Cc:
In-reply-to: <9F11911AED01D24BAA1C2355723C3D320A10E83C0C@EA-EXMSG-C332.europe.corp.microsoft.com>
List-archive: <http://www1.ietf.org/pipermail/tls>
List-help: <mailto:tls-request@lists.ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-post: <mailto:tls@lists.ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
References: <B356D8F434D20B40A8CEDAEC305A1F2404ED41E2@esebe105.NOE.Nokia.com> <9F11911AED01D24BAA1C2355723C3D320567FF2229@EA-EXMSG-C332.europe.corp.microsoft.com> <9F11911AED01D24BAA1C2355723C3D320A10E835BD@EA-EXMSG-C332.europe.corp.microsoft.com> <B356D8F434D20B40A8CEDAEC305A1F2404FEE97F@esebe105.NOE.Nokia.com> <9F11911AED01D24BAA1C2355723C3D320A10E83C0C@EA-EXMSG-C332.europe.corp.microsoft.com>
Thread-index: Acgw9Sz0FhpoohfNQHGlYiTjV/YjIgDnBkoQAe8NP+AAGNcUMAAXCuDQABF+9mA=
Thread-topic: WGLC - Stepping up Hash

Stefan Santesson wrote:

> Yes and No. No I don't want this assumption to be defined in 
> the protocol. That would be pretty ugly and would have to be 
> defined per cipher suite.
> But Yes, the server may have deterministic knowledge that in 
> the pool of clients it serves (or for the particular service 
> it provides) either all clients, or a subgroup of the clients 
> that uses a particular cipher suite, in fact can handle Hash Z.

So you're assuming the existence of some off-line (outside TLS)
negotiation capability (either between the hosts, or their 
administrators) to exchange information about what the 
implementations actually support?

Given that we have the necessary functionality in TLS itself,
why would you want to do that? (And if you do, would this extend
to other parts of TLS as well -- e.g. allow server to select
a cipher suite that the client didn't offer, if it has this
"deterministic knowledge"?)

Best regards,
Pasi

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

References:
- [TLS] WGLC for draft-ietf-tls-rfc4346-bis-07
  - From: Pasi.Eronen
- [TLS] RE: WGLC for draft-ietf-tls-rfc4346-bis-07
  - From: Stefan Santesson
- [TLS] WGLC - Stepping up Hash
  - From: Stefan Santesson
- [TLS] RE: WGLC - Stepping up Hash
  - From: Pasi.Eronen
- [TLS] RE: WGLC - Stepping up Hash
  - From: Stefan Santesson

Prev by Date: Re: [TLS] RE: WGLC - Stepping up Hash
Next by Date: [TLS] IDNs in draft-ietf-tls-rfc4366-bis
Previous by thread: RE: [TLS] RE: WGLC - Stepping up Hash
Next by thread: Re: [TLS] WGLC for draft-ietf-tls-rfc4346-bis-07
Index(es):
- Date
- Thread

[TLS] RE: WGLC - Stepping up Hash

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.