Re: [TLS] Proposal for hybrid solution using most of the ideas

To: "tls at ietf.org" <tls at ietf.org>
Subject: Re: [TLS] Proposal for hybrid solution using most of the ideas
From: Nasko Oskov <noskov at microsoft.com>
Date: Thu, 19 Nov 2009 15:45:34 +0000
Accept-language: en-US
Deferred-delivery: Thu, 19 Nov 2009 15:46:00 +0000
Delivered-to: tls at core3.amsl.com
In-reply-to: <C72ABBEB.6712%stefan at aaa-sec.com>
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <4B04F92A.8050903 at extendedsubset.com> <C72ABBEB.6712%stefan at aaa-sec.com>
Thread-index: AQHKaM5JSzUmjMY3F0i7YWorO/+ELpE9Zx+AgAAm5ICAAADiAIAABP+A///5EoA=
Thread-topic: [TLS] Proposal for hybrid solution using most of the ideas

Stefan Santesson wrote:
>On 09-11-19 8:52 AM, "Marsh Ray" <marsh at extendedsubset.com> wrote:
>> Stefan Santesson wrote:
>>> 
>>> What I don't understand is the rationale for providing two solutions, 
>>> when one solution could work for all cases.
>> 
>> TLS can support a nice, clean, efficient solution going forward.
>> 
>> SSLv3 needs an ugly dirty hack, no way around it.
>> 
>
>I disagree.
>
>I think we agree that an upgraded finished calculation is not a dirty hack.
>This is what future versions of TLS will use by default.

Agreed.

>Remains then the signaling C->S and S->C client.
>
>The RI proposal also includes the use of a magic cipher suite, so that dirty hack is in both proposals.
>
>Which leaves us with S->C signaling. Here I'm not sure we have exhausted all options.

Yes, we might be missing something else. The reason I picked the Certificate
message is that it is dynamic size by default, so we don't have to alter
existing data, just append.

>One way to approach this (and bring the proposals together) would be to use
>the same updated finished calculations in both approaches and just use the
>RI extension for signaling. In such case we could simply reduce this
>discussion to debate different ways to accomplish signaling for various
>versions of the protocol.

I realize I could've been more precise in my initial proposal. This is
exactly the essence of it. Finished calculations are the same across the
board, just signaling is different. TLS to use extensions, SSLv3 to use
whatever hack we agree on.

Nasko

Follow-Ups:
- Re: [TLS] Proposal for hybrid solution using most of the ideas
  - From: Martin Rex
- Re: [TLS] Proposal for hybrid solution using most of the ideas
  - From: Stephen Farrell

References:
- Re: [TLS] Proposal for hybrid solution using most of the ideas
  - From: Marsh Ray
- Re: [TLS] Proposal for hybrid solution using most of the ideas
  - From: Stefan Santesson

Prev by Date: Re: [TLS] Need for S->C signaling
Next by Date: Re: [TLS] Proposal for hybrid solution using most of the ideas
Previous by thread: Re: [TLS] Proposal for hybrid solution using most of the ideas
Next by thread: Re: [TLS] Proposal for hybrid solution using most of the ideas
Index(es):
- Date
- Thread

Re: [TLS] Proposal for hybrid solution using most of the ideas

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.