Re: [TLS] Need for S->C signaling

To: Dr Stephen Henson <lists at drh-consultancy.demon.co.uk>
Subject: Re: [TLS] Need for S->C signaling
From: Marsh Ray <marsh at extendedsubset.com>
Date: Fri, 20 Nov 2009 13:00:04 -0600
Cc: "tls at ietf.org" <tls at ietf.org>
Delivered-to: tls at core3.amsl.com
In-reply-to: <4B06E474.9020209 at drh-consultancy.demon.co.uk>
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Openpgp: id=1E36DBF2
References: <C72AC445.671C%stefan at aaa-sec.com> <4B06E474.9020209 at drh-consultancy.demon.co.uk>
User-agent: Thunderbird 2.0.0.23 (Windows/20090812)

Dr Stephen Henson wrote:
> Just had a crazy idea for S->C signaling:
> 
> ServerHello contains the MAGIC value in the CipherSuite indicator: we know this
> can never happen by accident. The real ciphersuite indicator is placed
> elsewhere, e.g. part of session ID. Session ID definition slightly modified to
> permit 34 bytes instead of 32.

I like it.

For reference: http://tools.ietf.org/html/rfc2246
> struct {
>         ProtocolVersion server_version;
>         Random random;
>         SessionID session_id;
>         CipherSuite cipher_suite;
>         CompressionMethod compression_method;
> } ServerHello;

Is changing SessionID from
>   opaque SessionID<0..32>;

to 34 bytes any less-breaking of a change than simply changing the
length of the ServerHello to make it a proper field? Maybe, I dunno.

What if the magic cipher_suite value signals that the acutal
cipher_suite value is stored in the top two bytes of random?

If anything actually cares about the GMT, he can fill those in with his own.

- Marsh

References:
- [TLS] Need for S->C signaling
  - From: Stefan Santesson
- Re: [TLS] Need for S->C signaling
  - From: Dr Stephen Henson

Prev by Date: Re: [TLS] Need for S->C signaling
Next by Date: Re: [TLS] Need for S->C signaling
Previous by thread: Re: [TLS] Need for S->C signaling
Next by thread: [TLS] I-D Action:draft-ietf-tls-renegotiation-00.txt
Index(es):
- Date
- Thread

Re: [TLS] Need for S->C signaling

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.