[TLS] Protocol version bit to use, was Justification for "Ugly Dirty Hack"

To: Michael D'Errico <mike-list at pobox.com>
Subject: [TLS] Protocol version bit to use, was Justification for "Ugly Dirty Hack"
From: Bill Frantz <frantz at pwpconsult.com>
Date: Thu, 19 Nov 2009 18:13:56 -0800
Cc: tls at ietf.org
Delivered-to: tls at core3.amsl.com
In-reply-to: <4B057B8A.4000809 at pobox.com>
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>

mike-list at pobox.com (Michael D'Errico) on Thursday, November 19, 2009 wrote:

>My suggestion is to set the upper bit of the minor version field.
>This provides a clear and unmistakable signal to the client, and is
>completely contained within the 0x03 major version number space.  Is
>it a "hack", yeah, but it's entirely reasonable.

If I understand the minor version field correctly, there are 5 or 6 bits
that are always sent as zero by all current versions of TLS/SSL. Any of
them would be suitable as a S->C signal.

There may be advantages to using bits other than the 0x80 bit. For example,
if the 0x04 bit is available, then it could be used for the signaling
requirement, leaving 0x08 and higher available for future versions of TLS.
This approach would still leave a simple ordered compare available for
selecting the "most recent" protocol version both ends support.

Cheers - Bill

---------------------------------------------------------------------------
Bill Frantz        |"After all, if the conventional wisdom was working, the
408-356-8506       | rate of systems being compromised would be going down,
www.periwinkle.com | wouldn't it?" -- Marcus Ranum

Follow-Ups:
- Re: [TLS] Protocol version bit to use,
  - From: Martin Rex

References:
- [TLS] Justification for "Ugly Dirty Hack"
  - From: Michael D'Errico

Prev by Date: Re: [TLS] Proposal for hybrid solution using most of the ideas
Next by Date: Re: [TLS] Protocol version bit to use,
Previous by thread: Re: [TLS] Justification for "Ugly Dirty Hack"
Next by thread: Re: [TLS] Protocol version bit to use,
Index(es):
- Date
- Thread

[TLS] Protocol version bit to use, was Justification for "Ugly Dirty Hack"

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.