Re: [TLS] DTLS lacking TLS extensions ?
Marsh Ray <marsh@extendedsubset.com> Thu, 26 January 2012 06:21 UTC
Return-Path: <marsh@extendedsubset.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6962C21F8690 for <tls@ietfa.amsl.com>; Wed, 25 Jan 2012 22:21:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.539
X-Spam-Level:
X-Spam-Status: No, score=-2.539 tagged_above=-999 required=5 tests=[AWL=0.060, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6lrpUU3qjcNK for <tls@ietfa.amsl.com>; Wed, 25 Jan 2012 22:21:34 -0800 (PST)
Received: from mho-02-ewr.mailhop.org (mho-02-ewr.mailhop.org [204.13.248.72]) by ietfa.amsl.com (Postfix) with ESMTP id 5BF2921F8680 for <tls@ietf.org>; Wed, 25 Jan 2012 22:21:34 -0800 (PST)
Received: from xs01.extendedsubset.com ([69.164.193.58]) by mho-02-ewr.mailhop.org with esmtpa (Exim 4.72) (envelope-from <marsh@extendedsubset.com>) id 1RqIiD-000CzW-Mg; Thu, 26 Jan 2012 06:21:33 +0000
Received: from [192.168.1.15] (localhost [127.0.0.1]) by xs01.extendedsubset.com (Postfix) with ESMTP id D5AB86023; Thu, 26 Jan 2012 06:21:31 +0000 (UTC)
X-Mail-Handler: MailHop Outbound by DynDNS
X-Originating-IP: 69.164.193.58
X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/mailhop/outbound_abuse.html for abuse reporting information)
X-MHO-User: U2FsdGVkX19U2w6o8ESktnFed7wrcTu2pNUYSTn2bhM=
Message-ID: <4F20F0EB.2040006@extendedsubset.com>
Date: Thu, 26 Jan 2012 00:21:31 -0600
From: Marsh Ray <marsh@extendedsubset.com>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.24) Gecko/20111108 Thunderbird/3.1.16
MIME-Version: 1.0
To: mrex@sap.com
References: <201201260213.q0Q2Dadk027323@fs4113.wdf.sap.corp>
In-Reply-To: <201201260213.q0Q2Dadk027323@fs4113.wdf.sap.corp>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: tls@ietf.org
Subject: Re: [TLS] DTLS lacking TLS extensions ?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Jan 2012 06:21:35 -0000
On 01/25/2012 08:13 PM, Martin Rex wrote: > > Maybe it is what everyone has been silently doing. Trying to > implement rfc5746 in DTLS should have raised some eyebrowse if this > was "unexpected", I would assume. As I recall it, there were indeed a few eyebrows raised at RFC 5746! There was no shortage of discussion about the protocol "legality" of sending extensions on an SSLv3 Client Hello. (Scare quotes because there appear to have been multiple versions of the SSL 3.0 spec published on the web at different times). Given the reality of the huge number of SSLv3 implementations in use, the relative rarity of DTLS and the fact that it is an actively maintained spec, we probably didn't feel it necessary to revise more for DTLS than what was added in 5746: http://tools.ietf.org/html/rfc5746 > This extension also can be used with Datagram TLS (DTLS) [RFC4347]. > Although, for editorial simplicity, this document refers to TLS, all > requirements in this document apply equally to DTLS. - Marsh
- [TLS] DTLS lacking TLS extensions ? Martin Rex
- Re: [TLS] DTLS lacking TLS extensions ? Eric Rescorla
- Re: [TLS] DTLS lacking TLS extensions ? Martin Rex
- Re: [TLS] DTLS lacking TLS extensions ? Marsh Ray