Re: [TLS] Cached Info extension - Draft 01

To: Stefan Santesson <stefan at aaa-sec.com>
Subject: Re: [TLS] Cached Info extension - Draft 01
From: Simon Josefsson <simon at josefsson.org>
Date: Wed, 24 Jun 2009 14:24:13 +0200
Cc: TLS wg <tls at ietf.org>, Martin Rex <Martin.Rex at sap.com>
Delivered-to: tls at core3.amsl.com
In-reply-to: <C667D009.2C9D%stefan at aaa-sec.com> (Stefan Santesson's message of "Wed, 24 Jun 2009 12:43:53 +0200")
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Openpgp: id=B565716F; url=http://josefsson.org/key.txt
References: <C65D9F60.2A8B%stefan at aaa-sec.com> <C667D009.2C9D%stefan at aaa-sec.com>
User-agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.94 (gnu/linux)

Stefan Santesson <stefan at aaa-sec.com> writes:

> It was not my intention to kill off this discussion with this new draft.
>
> I¹m wandering whether the silence is a sign of agreement, vacation or just a
> giving up that the author will ever listen to reasonable arguments...

I still prefer Martin's proposal to add framing, but could live with
your approach.

A mild problem that I don't think is fully covered yet is the complexity
in transition to new hashes -- clients will forever need to send SHA-1
hashes to the server, it seems, to ensure interoperability?  Or should
the document contain some text that explains that servers should pick
the "preferred" hash it supports, and that clients should cache that
choice for future use?  Additional text would then be needed to explain
that if clients try the new hash later on, and it doesn't work, it
should revert back to SHA-1 in case the server software was changed to
not support the other hash.  This aspects doesn't feel completely baked
yet to me.

> /Stefan
>
>
> On 09-06-16 7:13 PM, "Stefan Santesson" <stefan at aaa-sec.com> wrote:
>
>> I decided it was easier to explain my suggestions by incorporating it into a
>> new draft and submit it.
>> 
>> Draft 01 is currently in staging at:
>> http://www.ietf.org/proceedings/staging/draft-ietf-tls-cached-info-01.txt
>> 
>> This indicates by no means that I think we have reached an agreement on this
>> issue, but it at least we have a version that represents a better starting
>> point for change discussions.
>> 
>> I did however include Simon¹s suggested wording amendment in the beginning of
>> section 4.
>> 
>> /Stefan
>> 
>> _______________________________________________
>> TLS mailing list
>> TLS at ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>
> _______________________________________________
> TLS mailing list
> TLS at ietf.org
> https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] Cached Info extension - Draft 01
  - From: Martin Rex

References:
- [TLS] Cached Info extension - Draft 01
  - From: Stefan Santesson
- Re: [TLS] Cached Info extension - Draft 01
  - From: Stefan Santesson

Prev by Date: Re: [TLS] Cached Info extension - Draft 01
Next by Date: Re: [TLS] Cached Info extension - Draft 01
Previous by thread: Re: [TLS] Cached Info extension - Draft 01
Next by thread: Re: [TLS] Cached Info extension - Draft 01
Index(es):
- Date
- Thread

Re: [TLS] Cached Info extension - Draft 01

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.