IETF Logo Mail Archive

[TLS] inappropriate_fallback

Matt Caswell <matt@openssl.org> Wed, 08 August 2018 13:05 UTC

Return-Path: <matt@openssl.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E9E31277CC for <tls@ietfa.amsl.com>; Wed, 8 Aug 2018 06:05:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Level:
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g-MR-9skzMIT for <tls@ietfa.amsl.com>; Wed, 8 Aug 2018 06:05:03 -0700 (PDT)
Received: from mta.openssl.org (mta.openssl.org [IPv6:2001:608:c00:180::1:e6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 54A4A1252B7 for <tls@ietf.org>; Wed, 8 Aug 2018 06:05:03 -0700 (PDT)
Received: from [IPv6:2a00:23c6:2d84:6d00:89f5:897:e397:b05a] (unknown [IPv6:2a00:23c6:2d84:6d00:89f5:897:e397:b05a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mta.openssl.org (Postfix) with ESMTPSA id 14867EABB6 for <tls@ietf.org>; Wed, 8 Aug 2018 13:05:01 +0000 (UTC)
To: "tls@ietf.org" <tls@ietf.org>
From: Matt Caswell <matt@openssl.org>
Openpgp: preference=signencrypt
Autocrypt: addr=matt@openssl.org; prefer-encrypt=mutual; keydata= xsBNBFGALsIBCADBkh6zfxbewW2KJjaMaishSrpxuiVaUyvWgpe6Moae7JNCW8ayhJbwAtsQ 69SGA4gUkyrR6PBvDMVYEiYqZwXB/3IErStESjcu+gkbmsa0XcwHpkE3iN7I8aU66yMt710n GEmcrR5E4u4NuNoHtnOBKEh+RCLGp5mo6hwbUYUzG3eUI/zi2hLApPpaATXnD3ZkhgtHV3ln 3Z16nUWQAdIVToxYhvVno2EQsqe8Q3ifl2Uf0YpaN19BDBrxM3WPOAKbJk0Ab1bjgEadavrF BCOl9CrbThewRGmkOdxJWaVkERXMShlzUzjJvKOUEUGOxJCmnfQimPQoCdQyVFLgHfRFABEB AAHNH01hdHQgQ2Fzd2VsbCA8bWF0dEBvcGVuc3NsLm9yZz7CwHgEEwECACIFAlPevrwCGwMG CwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJENnE0m0OYESRoD0H/1lEJXfr66rdvskyOi0z U0ARvUXHjbmmYkZ7ETkdXh7Va/Tjn81T3pwmr3F4IcLGNLDz4Eg67xbq/T8rrsEPOx5nV/mR nUT97UmsQuLnR2wLGbRBu24FKM7oX3KQvgIdJWdxHHJsjpGCViE1mIFARAzlN+6p3tPbnQzA NjRy7i/PYU/niGdqVcMhcnZCX5F7YH6w6t0ZmYH3m1QeREnWqfxu7eyHsIvebMgKTI/bMG8Z 7KlLZha9HwrFXQAPIST6sfc1blKJ9INUDM9iK6DR/ulkw7e0hmHLqjWqYs5PzyXeoNnsPXJt 69wiADYqj4KNDIdNp1RoF9qfb1nE+DM6rgbOwE0EUYAuwgEIAM9nUJAEpsVBYwK92PP9Mlo1 /etXp6JgBI68sOCJxTwzBrbTzIlevVQXqW9zdODD6ObKcgGNuG+G6Nwn54P6McRpd2dxor9Y A+yaI0yT6CVnhxsXjwc/vuQ4tBAL6tfuMAXRVIeEVk22cKk4HJB68ImXCCRdyRi9HIE5iTrZ HsHC4sjAsirhlc0o8hU3gqkKh2Ehwa6+U8lzNx06hoFEZxIVRteoz1jzCHImF7EXztEcDIam O8uckVKAuKbJgFGkU3bkvNgWlc8Pgx4tRUNJGC1LE4nYqaSEwee1SpA/VewiDObj97PozCTF zRCUBCnSvaAlTnpA90TnODH7ar+L5aEAEQEAAcLAXwQYAQIACQUCUYAuwgIbDAAKCRDZxNJt DmBEkQs2B/96XB9hyFpX/bhu41YNr7nSA65dDi9d+PkMqvLppickG3VR4xXWywzEJTw6W2DN MyFO6mOtdXWgNdgDF7HKZYvHBr6pyttLAMP7BfWBvU7YY59uKmUSc5vl0NzsaSbx5PDSQEkS ICLI+/hIwuEXOb6Z7gOrX7F1uy83TmHFOOjD2mLl5isUzFhaLVk0fZSY+mCgg3/inbwb8g31 91Ybk2LfXmndaEsdEzMLrT0g6wIgmybz6UdVuVPfSPGly0VWVAG1sNPOCpAuJpNV6+VxrdVi Ax3vQPbx3XzqDFS1ISlnd0qS/7RXwMuFDpVH/BDvzQcoikWnpRY/loPGkSg4TB7a
Message-ID: <2fd24f64-bee5-18ed-cf0d-0fc999add395@openssl.org>
Date: Wed, 08 Aug 2018 14:05:00 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Language: en-GB
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/w6q32TRItfOcyt0CJoXJ3H5031Y>
Subject: [TLS] inappropriate_fallback
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Aug 2018 13:05:07 -0000

Draft 28 defines the inappropriate_fallback alert as follows:

inappropriate_fallback  Sent by a server in response to an invalid
      connection retry attempt from a client

With the introduction of the downgrade protection sentinels it now seems
that an inappropriate fallback could also be detected by the client.
Should this wording be changed?

Matt

v2.23.0 | Report a Bug | By Email