Re: [Curdle] Comments on draft-ietf-curdle-ssh-ext-info
Peter Gutmann <pgut001@cs.auckland.ac.nz> Sat, 08 April 2017 03:24 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: curdle@ietfa.amsl.com
Delivered-To: curdle@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C267B128E19 for <curdle@ietfa.amsl.com>; Fri, 7 Apr 2017 20:24:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=auckland.ac.nz
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id taCQ27Cv7rWf for <curdle@ietfa.amsl.com>; Fri, 7 Apr 2017 20:24:20 -0700 (PDT)
Received: from mx4.auckland.ac.nz (mx4.auckland.ac.nz [130.216.125.248]) (using TLSv1.2 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B9D3120724 for <curdle@ietf.org>; Fri, 7 Apr 2017 20:24:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=@auckland.ac.nz; q=dns/txt; s=mail; t=1491621860; x=1523157860; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=AZ0C3MKQ7KE3x4scQUgTc9oQgyu3gpIgYBKWi1ri5ac=; b=0xlOgStcEf3t1rxy2CydSQgO+hdWpeZQ0KjlSsV/zXpt53yC9OOmzbux 1VNgBMHR82FXUYf82rWVVm52XQBFn1RBo7WAGcrJD5tjKys2X3Dv9Gdpp owz5xYaR6Nw0RuNHLBStSIvpzMHp35yemQEV/iC3hNw6mDeHCtsqoMssg 8NF+s/qEOHBqnIsJqEHkV9Yp5V/m7e32yLadRDvWUXMh1w6Fe3gbeF2zi dM+4fmhH8UhV+3n6bcsSA4oJ5BB1WxpfJMm06dfm8zqinBdHw5oWdJHv1 rxY6Bb9GQOeL0azKFrCyZvSq2H3NhnsxpYNHus3FrCnOI2qqAYuxymX2Q g==;
X-IronPort-AV: E=Sophos;i="5.37,169,1488798000"; d="scan'208";a="148583094"
X-Ironport-HAT: MAIL-SERVERS - $RELAYED
X-Ironport-Source: 10.6.3.4 - Outgoing - Outgoing
Received: from uxcn13-tdc-c.uoa.auckland.ac.nz ([10.6.3.4]) by mx4-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 08 Apr 2017 15:24:17 +1200
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) by uxcn13-tdc-c.UoA.auckland.ac.nz (10.6.3.24) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Sat, 8 Apr 2017 15:24:17 +1200
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) by uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.25]) with mapi id 15.00.1263.000; Sat, 8 Apr 2017 15:24:17 +1200
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: denis bider <denisbider.ietf@gmail.com>
CC: curdle <curdle@ietf.org>
Thread-Topic: [Curdle] Comments on draft-ietf-curdle-ssh-ext-info
Thread-Index: AQHSn+vj75AP59wDbUy5ryRiOFPQYKGb4DhQgAWgX4CAA91Jyf//yxWAgBMy0XmAAFvPgIACNyu/
Date: Sat, 08 Apr 2017 03:24:16 +0000
Message-ID: <1491621835513.71448@cs.auckland.ac.nz>
References: <2DD56D786E600F45AC6BDE7DA4E8A8C118BA5A70@eusaamb107.ericsson.se> <1489827654266.43895@cs.auckland.ac.nz> <50977E6A3D174856B8DAF264C3CB81E8@Khan> <1489914378158.63423@cs.auckland.ac.nz> <74B4C5B2AFD644748A0E1B0957A22C96@Khan> <1490436136828.60577@cs.auckland.ac.nz> <76BA84F1D47F476A8DB5C8CC42AA1B57@Khan> <1491480250094.74577@cs.auckland.ac.nz>, <CADPMZDDG1X4awEQiigM5rocLs3Qbvup-NyaaU7J+DcW+o60zPQ@mail.gmail.com>
In-Reply-To: <CADPMZDDG1X4awEQiigM5rocLs3Qbvup-NyaaU7J+DcW+o60zPQ@mail.gmail.com>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/curdle/E0QEcDNaRVRp_piUaDbIkuKVf2Y>
Subject: Re: [Curdle] Comments on draft-ietf-curdle-ssh-ext-info
X-BeenThere: curdle@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "List for discussion of potential new security area wg." <curdle.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/curdle>, <mailto:curdle-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/curdle/>
List-Post: <mailto:curdle@ietf.org>
List-Help: <mailto:curdle-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/curdle>, <mailto:curdle-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 08 Apr 2017 03:24:23 -0000
denis bider <denisbider.ietf@gmail.com> writes: >Can you link to any resources where this was discussed? Whether for TLS, or >in any other context? It's difficult providing a useful link because it's been discussed on and off in various threads on the TLS WG list for quite some time. There are a range of opinions on how safe it is, but in general it seems 0RTT is bad and 0.5RTT is iffy. That is, you can do 0RTT if you're incredibly careful (I talked to a dev at a large content provider and he said their analysis showed they'd have to implement nonzero-RTT at the application layer in order to deal with 0RTT at the TLS layer, which kinda defeats the point), but if anyone ever tries it I foresee a range of Black Hat/Defcon talks and conference papers on how to exploit it following shortly afterwards. >Yes if you could choose the type. But you can't choose the type, because all >extensions have to use the same type. That type is a string. What I meant was use the string value "true" for boolean true and "false" for boolean false. It seemed pretty intuitive :-). >OK. I added the following sub-section to my current working copy: Thanks, that helps to document existing practice and alert implementers. Incidentally, the places where I've found this is typically embedded, where there's no chance of every transferring anywhere near ~0 bytes, so it's not a problem. OTOH the second issue is real, you can force a reboot of one vendor's carrier-grade routers by opening an SSH connection to it with a window size of ~0. Speaking of embedded, would there be any interest in adding an extension to say that an implementation only supports one channel, and for the other side to not try anything fancy beyond treating it as an encrypted telnet? This is also fairly common in embedded, where you're emulating encrypted telnet and nothing more. scp/SFTP is handled by moving the binary data over the encrypted-telnet channel, with various degrees of hackery. Peter.
- Re: [Curdle] Comments on draft-ietf-curdle-ssh-ex… Eric Rescorla
- Re: [Curdle] Comments on draft-ietf-curdle-ssh-ex… denis bider
- Re: [Curdle] Comments on draft-ietf-curdle-ssh-ex… denis bider
- Re: [Curdle] Comments on draft-ietf-curdle-ssh-ex… Peter Gutmann
- Re: [Curdle] Comments on draft-ietf-curdle-ssh-ex… Peter Gutmann
- Re: [Curdle] Comments on draft-ietf-curdle-ssh-ex… Peter Gutmann
- Re: [Curdle] Comments on draft-ietf-curdle-ssh-ex… denis bider
- [Curdle] Multiple WGLC Daniel Migault
- Re: [Curdle] Multiple WGLC Peter Gutmann
- Re: [Curdle] Comments on draft-ietf-curdle-ssh-ex… denis bider (Bitvise)
- Re: [Curdle] Multiple WGLC Mark D. Baushke
- Re: [Curdle] Comments on draft-ietf-curdle-ssh-ex… Benjamin Kaduk
- Re: [Curdle] Comments on draft-ietf-curdle-ssh-ex… Peter Gutmann
- Re: [Curdle] Comments on draft-ietf-curdle-ssh-ex… denis bider (Bitvise)
- Re: [Curdle] Comments on draft-ietf-curdle-ssh-ex… Peter Gutmann
- Re: [Curdle] Comments on draft-ietf-curdle-ssh-ex… denis bider (Bitvise)
- Re: [Curdle] Comments on draft-ietf-curdle-ssh-ex… Peter Gutmann
- Re: [Curdle] Comments on draft-ietf-curdle-ssh-ex… denis bider
- Re: [Curdle] Comments on draft-ietf-curdle-ssh-ex… Eric Rescorla