Re: [TLS] draft-ietf-tls-extractor-03

To: Alfred Hönes <ah at tr-sys.de>
Subject: Re: [TLS] draft-ietf-tls-extractor-03
From: Eric Rescorla <ekr at networkresonance.com>
Date: Thu, 06 Nov 2008 08:47:52 -0800
Cc: tls at ietf.org
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
In-reply-to: <200811061226.NAA04086 at TR-Sys.de>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <200811061226.NAA04086 at TR-Sys.de>
Sender: tls-bounces at ietf.org
User-agent: Wanderlust/2.15.5 (Almost Unreal) Emacs/22.1 Mule/5.0 (SAKAKI)

At Thu, 6 Nov 2008 13:26:29 +0100 (MEZ),
Alfred =?hp-roman8?B?SM5uZXM=?= wrote:
> 
> Eric,
> I have followed up and reviewed the most recent version of your
> TLS Extrcator I-D, draft-ietf-tls-extractor-03.
> 
> Although sent (off-list) almost three weeks before the -03
> version has been posted, my (mostly editorial) comments on
> the -02 version have not been addressed in the -03.  Please
> give me an indication should that message have been lost.

I think I must have lost them, because I went looking back
through my mail and didn't see them. Can you resend?


> All issues raised in that message still hold, and one additional
> technical issue has been introduced in the -03 version -- see below.
> 
> To recall, the only non-editorial issue raised in that message was:
> 
> > (6)  Section 6
> >
> > I do not understand why the third line appears in the table in
> > Section 6.  The string "master secret" is used in TLS to derive
> > the master_secret from the pre_master_secret using the TLS PRF
> > (Section 8.1 / page 64 of RFC 5246), and not to derive anything
> > else from the master_secret as specified by the method in Section 4.
> > [ Beware that the other three string values originated in RFC 4346
> >   that have been included in the table are indeed used in TLS with
> >   the master_secret as the first argument to the TLS PRF. ]
> >
> > Admittedly, it would perhaps be confusing to see such use,
> > but I do not see a cryptographical argument making it necessary
> > to avoid this use, and hence enter this string into the registry.

I agree there is probably no cryptographic reason, but I think
it's very confusing practice and we should still prohibit it.

> Additional remark:
>   I you indeed want to keep the string "master secret" in the
>   registry, I suggest to *not* give [RFC5346] as a reference
>   (which I regard as misleading), but instead declare it as
>   "reserved by RFC{this}", or change the reference to [RFC{this}]
>   and attach a footnote to the registry, indicating that this
>   entry is a reservation only, not documentation of actual use.

Sure.


> And that's the new issue:
> 
> In Section 4, the line
> 
>            opaque context<0..2^16-1>;
> 
> has been added, which unfortunately does not match the description
> of the computation given in the initial part of that section.
> IMHO, for consistency, the above line should read:
> 
>            opaque context_value<0..2^16-1>;
>                          ^^^^^^

Thanks.

-Ekr
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

References:
- [TLS] draft-ietf-tls-extractor-03
  - From: Alfred Hönes

Prev by Date: Re: [TLS] draft-ietf-tls-extractor-03
Next by Date: Re: [TLS] Working group last call on draft-ietf-tls-extractor-03
Previous by thread: Re: [TLS] draft-ietf-tls-extractor-03
Next by thread: [TLS] draft-rescorla-tls-extended-random-01
Index(es):
- Date
- Thread

Re: [TLS] draft-ietf-tls-extractor-03

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.