Re: [TLS] TLS renegotiation issue

To: Martin Rex <mrex at sap.com>
Subject: Re: [TLS] TLS renegotiation issue
From: Nicolas Williams <Nicolas.Williams at sun.com>
Date: Thu, 5 Nov 2009 11:37:31 -0600
Cc: tls at ietf.org
Delivered-to: tls at core3.amsl.com
In-reply-to: <200911051738.nA5HcA4Y000486 at fs4113.wdf.sap.corp>
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <4AF30A0E.5030409 at extendedsubset.com> <200911051738.nA5HcA4Y000486 at fs4113.wdf.sap.corp>
User-agent: Mutt/1.5.7i

On Thu, Nov 05, 2009 at 06:38:10PM +0100, Martin Rex wrote:
> The "secure random challenges" in a TLS handshake that protect
> agains replay are the client.random and server.random.
> Admittedly they're larger (2*32 octets, fixed size) than the
> finished message (usually 12 octets, but depends on ciphersuite
> according to rfc5246 7.4.9.)
> 
> The client.random and server.random of a connection are already
> part of the official SecurityParameters (rfc5246 6.1.), but
> the finished message is not.

Guess what: the finished messages will have to become something that TLS
implementations export to applications.  There's no two ways about it
folks.

Nico
--

References:
- Re: [TLS] TLS renegotiation issue
  - From: Marsh Ray
- Re: [TLS] TLS renegotiation issue
  - From: Martin Rex

Prev by Date: Re: [TLS] TLS renegotiation issue
Next by Date: Re: [TLS] TLS renegotiation issue
Previous by thread: Re: [TLS] TLS renegotiation issue
Next by thread: Re: [TLS] TLS renegotiation issue
Index(es):
- Date
- Thread

Re: [TLS] TLS renegotiation issue

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.