Re: [TLS] Consensus Call for draft-ietf-tls-renegotiation-00.txt

To: tls at ietf.org
Subject: Re: [TLS] Consensus Call for draft-ietf-tls-renegotiation-00.txt
From: Michael D'Errico <mike-list at pobox.com>
Date: Fri, 20 Nov 2009 21:59:53 -0800
Delivered-to: tls at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=message-id :date:from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; s=sasl; bh=YUxY6DYS+spy Ct7PSEV3IExDZn8=; b=EBNROv3UnqhhWhSqFB/XHRBPKLIhv9T73CmCV7aHQKpH nUM8HLC8qF70GeQqFuhU55uV1Ri4lBR0iqIi8J3j7BTcj0SD82v39YGOHNfquyMM IJ1h4lEAvgZ5arAochyBb/9J6LI4AEVVJsuuVqlFm3/QhZ89niAf1nbLq+UnCdE=
Domainkey-signature: a=rsa-sha1; c=nofws; d=pobox.com; h=message-id:date :from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; q=dns; s=sasl; b=VCF6rN Yc4vPYsWvzk2aisyBH+nITamLu0CJyN1HcHM3J51FSsn1BkCi/fGMgbXX9/ILxzc qXnANW0ZXsCG+WiIP6Oq2e+ujFePRukWF/0txkJy72ybykbiwlQQ95IHLm92TgMb TEzHAQjo5E4dKOSpdA1/+jazq9oEhlvFYtNAA=
In-reply-to: <AC1CFD94F59A264488DC2BEC3E890DE5092192D6 at xmb-sjc-225.amer.cisco.com>
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <AC1CFD94F59A264488DC2BEC3E890DE5092192D6 at xmb-sjc-225.amer.cisco.com>
User-agent: Thunderbird 2.0.0.23 (Macintosh/20090812)

I support a different approach, which I documented in this message:

  http://www.ietf.org/mail-archive/web/tls/current/msg04556.html

It is the same as what Martin plans to issue an an Internet-Draft.

I would be fine with modifying it slightly at the suggestion of Dr.
Stephen Henson to have the server return the "magic" cipher suite
in the ClientHello and to put the real cipher suite in the random.
This would avoid difficulties in trying to explain how the version
is modified, but not really modified.

I'm just as upset about needing such a hack as everyone else, but
the installed base has largely ignored extensions, so we can't
responsibly force them on everyone.

Plus, see how the RI extension is critically flawed anyway:

  http://www.ietf.org/mail-archive/web/tls/current/msg04582.html

Mike



Joseph Salowey (jsalowey) wrote:

We have had a lot of good discussion on this list, but I think we need
to start converging on a solution. As I said in a previous message, I've
asked Eric to serve as editor for the WG draft and he has posted
draft-ietf-tls-renegotiation-00 as a starting point.  I realize that
there are a number of people who aren't happy with aspects of the draft,
or indeed with the draft as a whole, but I'd like to get the sense for
the feelings of the group as a whole. If we have rough consensus that
this is a workable approach, we can try to nail down the remaining
issues and move forward.

To try to keep this concrete, please respond with answers to this
question:

Support for the draft:
- I support this draft
- I support this draft with the following modification
- I would support an entirely different proposal (please identify it; be

specific)

If you are proposing a modification, in addition to providing a
description and rationale for a modification to the document it is
helpful to provide sample text of the modification. Also, please
indicate whether you would only support the draft with your modification

or whether you can live with it unmodified.

Thanks,

Joe

References:
- [TLS] Consensus Call for draft-ietf-tls-renegotiation-00.txt
  - From: Joseph Salowey (jsalowey)

Prev by Date: Re: [TLS] Consensus Call for draft-ietf-tls-renegotiation-00.txt
Next by Date: Re: [TLS] simplistic renego protection
Previous by thread: Re: [TLS] Consensus Call for draft-ietf-tls-renegotiation-00.txt
Next by thread: Re: [TLS] Consensus Call for draft-ietf-tls-renegotiation-00.txt
Index(es):
- Date
- Thread

Re: [TLS] Consensus Call for draft-ietf-tls-renegotiation-00.txt

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.