Re: [TLS] First TLS cached information draft posted

To: stefan at aaa-sec.com (Stefan Santesson)
Subject: Re: [TLS] First TLS cached information draft posted
From: Martin Rex <Martin.Rex at sap.com>
Date: Tue, 16 Jun 2009 17:29:00 +0200 (MEST)
Cc: huangmin123 at huaweisymantec.com, tls at ietf.org
Delivered-to: tls at core3.amsl.com
In-reply-to: <C65D8260.2A79%stefan at aaa-sec.com> from "Stefan Santesson" at Jun 16, 9 05:09:52 pm
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Reply-to: martin.rex at sap.com

Stefan Santesson wrote:
> 
> This CachedObject stucture may contain any number of hashes. This might be
> hashes using different algorithms over the same object or it may be hashes
> of the same kind over different objects (e.g. multiple acceptble certs). It
> is just an unordered list of hashes.
> 
> The server now takes the data it intended to send. And compute the hash over
> that data with as many algorithms it can out of the algorithms used by the
> client. If one of the received hashes matches one of the generated hashes,
> the match is accepted and the server will return one of the matching hashes
> as acceptance of the cache (data replacement).

To me, this sounds more complex that I think it should be.

I think the server should neither have to compute and neither have
to check the hash values for all hash algorithms for which the client
sent hashes. (which implies that the client has to send hash
values consistently for all items and all hash algorithms that
it wants to offer.

The server should reply in the ServerHello extension for which items
and which hash algorithm (of those poposed by the client) it supports
substituting the real data with the replacement (the hash
value in the current proposal).

The server should not have to compute and compare multiple hash
values over the real value when composing the handshake message
affected by the diet, and neither should the client have to
compare the substituted value to the hash values of more than
one hash algorithm (when the client proposed multiple values
for the same item with different hash algs.

-Martin

Follow-Ups:
- Re: [TLS] First TLS cached information draft posted
  - From: Stefan Santesson

References:
- Re: [TLS] First TLS cached information draft posted
  - From: Stefan Santesson

Prev by Date: Re: [TLS] First TLS cached information draft posted
Next by Date: Re: [TLS] First TLS cached information draft posted
Previous by thread: Re: [TLS] First TLS cached information draft posted
Next by thread: Re: [TLS] First TLS cached information draft posted
Index(es):
- Date
- Thread

Re: [TLS] First TLS cached information draft posted

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.