IETF Logo Mail Archive

Re: [Gen-art] [TLS] Genart last call review of draft-ietf-tls-tls13-24

Ted Lemon <mellon@fugue.com> Tue, 06 March 2018 22:42 UTC

Return-Path: <mellon@fugue.com>
X-Original-To: gen-art@ietfa.amsl.com
Delivered-To: gen-art@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 083D6126CB6 for <gen-art@ietfa.amsl.com>; Tue, 6 Mar 2018 14:42:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=fugue-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Rtsf-rXon5_l for <gen-art@ietfa.amsl.com>; Tue, 6 Mar 2018 14:42:42 -0800 (PST)
Received: from mail-qk0-x233.google.com (mail-qk0-x233.google.com [IPv6:2607:f8b0:400d:c09::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 061321242F7 for <gen-art@ietf.org>; Tue, 6 Mar 2018 14:42:42 -0800 (PST)
Received: by mail-qk0-x233.google.com with SMTP id j4so352724qke.10 for <gen-art@ietf.org>; Tue, 06 Mar 2018 14:42:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fugue-com.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=fmXIRWsikUovHvYqP1/V0vpOn+QMX8twI3ss2ykVwgI=; b=vwYZ1jTe3CAqN4oybqSEJcwi46nH3t2i7ZXxFR0EMkNpRErGjHtxvJNgoTE3osbpeT la2dRYD3BwMsQAvRa8t+fFraQ3ZzIrnTL8kOdziNrjNR23q5B0iNi49HkUClQk1b5Gzh c98AoWmN6ar2Am8FvtHxNg3mEyM06C6xz+XyWzdHJiD11jb02SIEkQrPaBVjfVMyb++P pXxEK0sX3ValHOd2Fh9Lcw6sfAfkL1ArUCRC8xLRXr0gjKyblhouu9a+ZCbeypbcJu4T bnGPCFsXjoZjcXHnq2/TOYQyUtS5wtRFBhaWCIJ2vPvMpoPViPxItdwIFpIDudYuGaL9 UQdw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=fmXIRWsikUovHvYqP1/V0vpOn+QMX8twI3ss2ykVwgI=; b=fv6uz4kFcLiL2tJXVfL6fjsVg1L/zqzNphByMAgjj3Hr+bJQP1ECe9KZl4GRzNY163 BktHleuWZSSH9FOBsAOJqwFWKTYykl/WRAMHd5WprTktewF6U7NQrjsIy+InNyrvbklb CtH7XwJRukksK1XCS0WKUs/XMI0Npg531FrZa1zacIM/DtoADYPT7RHOOLCeApC74ydZ sBrD1IJ4XDRi0MQeDkYIoR6wB9EmPflPRV8F0nQVwYv4T1Kb7h+usFvxLz57RbTGx+b4 M5xwumbvK/oJA2+276UsMenx/zQIk1ZP8QkC1qbvQctM/0xXlq0dJcz5m2NeuikpfwGi o8ng==
X-Gm-Message-State: AElRT7F3PoXbJmFcoiUG2V2rrKxjOw3vhvlierIHY/pbMCS+Op52KzgL UUd1Tnd1uvhyIV//ZUARRzpb1rqmbFw=
X-Google-Smtp-Source: AG47ELsIjgwU64Jg2GXTgf3jNxWCvJXZsQ3oo9kzSEx11dmUlSwLtIrjpcPjvttdgJYT0fGEc3HwNg==
X-Received: by 10.55.152.133 with SMTP id a127mr19414918qke.100.1520376160988; Tue, 06 Mar 2018 14:42:40 -0800 (PST)
Received: from [10.0.1.12] ([8.20.190.66]) by smtp.gmail.com with ESMTPSA id m66sm10813314qkl.43.2018.03.06.14.42.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Mar 2018 14:42:40 -0800 (PST)
From: Ted Lemon <mellon@fugue.com>
Message-Id: <6EBE3EC6-AA06-4BA8-8824-FA4BEC924138@fugue.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_2EE582FA-37AC-4DE1-B570-27AA3C2C3770"
Mime-Version: 1.0 (Mac OS X Mail 11.2 \(3445.5.20\))
Date: Tue, 06 Mar 2018 17:42:39 -0500
In-Reply-To: <CAAF6GDcBFHhe8oWJqF-LVUfYdR7HRW_Gk9c0KgxNRKoQzauvpQ@mail.gmail.com>
Cc: Dale Worley <worley@ariadne.com>, gen-art@ietf.org, IETF <ietf@ietf.org>, draft-ietf-tls-tls13.all@ietf.org, "<tls@ietf.org>" <tls@ietf.org>
To: Colm MacCárthaigh <colm@allcosts.net>
References: <152004960327.8290.4628820807186314931@ietfa.amsl.com> <CAAF6GDcBFHhe8oWJqF-LVUfYdR7HRW_Gk9c0KgxNRKoQzauvpQ@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.5.20)
Archived-At: <https://mailarchive.ietf.org/arch/msg/gen-art/KZaWcX3ZvuvPhQ7SHcDswKdsnuo>
Subject: Re: [Gen-art] [TLS] Genart last call review of draft-ietf-tls-tls13-24
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/gen-art/>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Mar 2018 22:42:44 -0000

On Mar 6, 2018, at 5:35 PM, Colm MacCárthaigh <colm@allcosts.net> wrote:
> There's a general conjecture that the more information that is provided to attackers, the more easily they can leverage into a compromise. Personally I believe that conjecture, and would actually prefer to see fewer signals, ideally as few as one big error code. There is a trade-off against debugability, but I've only seen a handful of people have the skills to debug low level TLS issues and it doesn't seem worth the risk. Others disagree, which is valid, but it's at least an area of reasonable contention.  

This makes perfect sense.   Stuart Cheshire and I were having the same discussion a while back about DNS Session Signaling, and he pointed out (I was playing Dale's role) that there's an important distinction to be made between "buggy implementation" and "actionable notification where no bug exists."   Any alert that signals "buggy implementation" is bad, for the reason you've stated, and also because such signals are not actionable—if you've run into a bug you should probably just give up, and not try to somehow guess in your implementation what might work when the bug happens.   The only reason to send a signal is if there is a known and clear action to take upon receiving the signal, other than "we're borked, give up."

v2.23.0 | Report a Bug | By Email