Re: [TLS] merging recent ideas into one new proposal

To: tls at ietf.org
Subject: Re: [TLS] merging recent ideas into one new proposal
From: Martin Rex <mrex at sap.com>
Date: Fri, 20 Nov 2009 23:01:14 +0100 (MET)
Delivered-to: tls at core3.amsl.com
In-reply-to: <200911202154.nAKLsdeG029681 at fs4113.wdf.sap.corp> from "Martin Rex" at Nov 20, 9 10:54:39 pm
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Reply-to: mrex at sap.com

What I forgot about the verify_data in the Hello.Randoms:

We only carry the initial 12 bytes -- which is the standard size
for TLSv1.0 and TLSv1.1 and the default size for TLSv1.2.

For SSLv3, where the Finished message is actually a concatenation
of two HMAs md5 and sha1 (I believe it is an HMAC-like thingy) we
would carry the first 12 bytes of the sha-1 HMAC as verify_data.

-Martin

References:
- [TLS] merging recent ideas into one new proposal
  - From: Martin Rex

Prev by Date: [TLS] merging recent ideas into one new proposal
Next by Date: Re: [TLS] merging recent ideas into one new proposal
Previous by thread: [TLS] merging recent ideas into one new proposal
Next by thread: Re: [TLS] merging recent ideas into one new proposal
Index(es):
- Date
- Thread

Re: [TLS] merging recent ideas into one new proposal

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.