Re: [TLS] Implementing https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] Implementing https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt

To: tls at ietf.org
Subject: Re: [TLS] Implementing https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
From: David-Sarah Hopwood <david-sarah at jacaranda.org>
Date: Thu, 12 Nov 2009 00:14:56 +0000
Delivered-to: tls at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:sender:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :x-enigmail-version:content-type; bh=pD6SWsrzyOVbymUAg9nx46/U76SmhH5ekaoqTxtkYBU=; b=At6fKW+YCGWdHGzjeVCKk0PelvmkdLZ/PNHC+DpP4JSTyCgkKt74zSavTPVMzGY1qS jouB50LLHCcyB66af4D5ztqzGadTbbeugTBb18tHfiJaODZhwpOKEn/v3GZ6RSSmnvZ8 gUeWT5+i/2pNjdevc2G8r8S1pntoF9+uuZOs8=
Domainkey-signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=sender:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:x-enigmail-version:content-type; b=bBE/rixe6lhVfT7v/TGQtgKL64EI+0BPmUcMpcXdfn0LSK+lCRkRe/qB8doIfPMilM DBEcn3V/xOhsQKLMbbLgkYNxQwC7FonSHHn9cBw6CUsXekHLvrWUtiIXJlCbPnXE71PD 6SfzZVSrx8btYbygSIk0gDLB1n2rfLeDBT+ZQ=
In-reply-to: <4AFB0995.8060504 at drh-consultancy.demon.co.uk>
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <1b587cab0911080935m64eabca8t6f7f6dfb9a666d06 at mail.gmail.com> <p06240806c71ce60888e1 at [133.93.128.35]> <4AF73817.4080802 at extendedsubset.com> <20091108231234.4A72569E39E at kilo.networkresonance.com> <4AF83FB9.9060302 at drh-consultancy.demon.co.uk> <20091109175954.8DF8F69E5CB at kilo.networkresonance.com> <808FD6E27AD4884E94820BC333B2DB774F30DD16F6 at NOK-EUMSG-01.mgdnok.nokia.com> <4AFB0995.8060504 at drh-consultancy.demon.co.uk>
Sender: David-Sarah Hopwood <djhopwood at googlemail.com>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.8.1.3) Gecko/20070326 Thunderbird/2.0.0.0 Mnenhy/0.7.5.666

Dr Stephen Henson wrote:
> Pasi.Eronen at nokia.com wrote:
>> Eric Rescorla wrote:
>>
>>> I don't think the problem here is really the code point assignment.
>>>
>>> I would imagine the IESG and IANA to be pretty good about doing
>>> advance assignments once the WG has converged on the exact contents
>>> of the extension. I know we had pretty good consensus within a
>>> smaller group, but if when we run it by some cryptographers they say
>>> it's insecure we'll need to change it, at which point it won't
>>> really help to have deployed code with the "early" code point.
>> <wearing area director hat>
>>
>> I think this is one of those cases where an exception to the usual
>> procedures might be in order, but the "once the WG has converged on
>> the exact contents" is an important point here. It's relatively rare
>> that the -00 version of some internet draft and the final RFC are
>> actually interoperable.

It's rare for typical RFCs, but this is a very simple extension. The
discussion so far has been about when clients and servers MUST or SHOULD
send the extension; not about changes to its contents or meaning that
would affect interoperability. If no such changes in fact occur, then I
would hope that the existing extension number (0xFF01) could be assigned,
rather than assigning a new number for the sake of it.

>> Using the same extension number for multiple incompatible versions of
>> the draft is probably not a good idea (and probably not very secure,
>> either -- if the handshake fails, you don't know if it's due to an
>> attack or just interoperability problem, and the latter might be much
>> more likely), and I'd like to avoid allocating multiple extension
>> numbers for different versions of the draft, too.
> 
> Would including a version number in the extension help? Then if the format does
> change implementations can indicate that it is a version they don't support or
> decide they are willing to support an older version.

I don't see any advantage of that over using a different extension number,
*if* the format changes.

In any case, the current draft is -00, and no changes that would not
be interoperable have yet been proposed. So let's avoid prematurely
adding complication where it may not be needed.

> This would also cover the case where some cryptographic attack is found against
> the current form later. We keep the extension number but bump up the version.

Adding a new extension would have the same effect.

-- 
David-Sarah Hopwood  ⚥  http://davidsarah.livejournal.com

Attachment: signature.asc
Description: OpenPGP digital signature

References:
- [TLS] Implementing https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
  - From: Ben Laurie
- Re: [TLS] Implementing https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegot iate.txt
  - From: Paul Hoffman
- Re: [TLS] Implementing https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegot iate.txt
  - From: Marsh Ray
- Re: [TLS] Implementing https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegot iate.txt
  - From: Eric Rescorla
- Re: [TLS] Implementing https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegot iate.txt
  - From: Dr Stephen Henson
- Re: [TLS] Implementing https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegot iate.txt
  - From: Eric Rescorla
- Re: [TLS] Implementing https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
  - From: Pasi.Eronen
- Re: [TLS] Implementing https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
  - From: Dr Stephen Henson

Prev by Date: [TLS] Register port for https+client cert (was Re: draft-rescorla-tls-renegotiate.txt)
Next by Date: Re: [TLS] TLSrenego - possibilities, suggestion for SSLv3
Previous by thread: Re: [TLS] Implementing https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
Next by thread: Re: [TLS] Implementing https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
Index(es):
- Date
- Thread

Re: [TLS] Implementing https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.