Re: [secdir] SecDir review of draft-ietf-tls-downgrade-scsv-03

Bodo Moeller <bmoeller@acm.org> Mon, 19 January 2015 19:56 UTC

Return-Path: <SRS0=tODm=CG=acm.org=bmoeller@srs.kundenserver.de>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EEAA11B2C30; Mon, 19 Jan 2015 11:56:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.938
X-Spam-Level:
X-Spam-Status: No, score=-0.938 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ExLp8A1HuiEU; Mon, 19 Jan 2015 11:56:15 -0800 (PST)
Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.126.130]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B6A8C1B2C1B; Mon, 19 Jan 2015 11:56:14 -0800 (PST)
Received: from mail-lb0-f182.google.com ([209.85.217.182]) by mrelayeu.kundenserver.de (mreue004) with ESMTPSA (Nemesis) id 0M2pyk-1XvDsj1x3e-00sbF8; Mon, 19 Jan 2015 20:56:11 +0100
Received: by mail-lb0-f182.google.com with SMTP id l4so4578101lbv.13; Mon, 19 Jan 2015 11:56:10 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.112.13.103 with SMTP id g7mr16318380lbc.29.1421697370817; Mon, 19 Jan 2015 11:56:10 -0800 (PST)
Received: by 10.25.25.145 with HTTP; Mon, 19 Jan 2015 11:56:10 -0800 (PST)
In-Reply-To: <CADMpkcLJY0ioL3bqZy+MH1rZohYXUb1Sos_w2SkLTUd4bwKQHg@mail.gmail.com>
References: <B85F10BC-18FD-4220-B5E2-719068E814CC@gmail.com> <CADMpkcKdEEL5JWCj8y=Sit6Pw4RJNsETGmeF6x8s-211DCYo7w@mail.gmail.com> <63164CA2-62C1-4E6C-A3F1-F67F92C26F0F@gmail.com> <CADMpkcLJY0ioL3bqZy+MH1rZohYXUb1Sos_w2SkLTUd4bwKQHg@mail.gmail.com>
Date: Mon, 19 Jan 2015 20:56:10 +0100
Message-ID: <CADMpkc+tw5PNjRzLB=vEfTd2LDUaZPFYB=wGr_1yzQo--kO+JA@mail.gmail.com>
From: Bodo Moeller <bmoeller@acm.org>
To: Yoav Nir <ynir.ietf@gmail.com>
Content-Type: multipart/alternative; boundary=001a11c39f56c40ca3050d06b63e
X-Provags-ID: V03:K0:mRHqYi479MxgY1dExX0NwjBfPeGlZ641PZ93+7FMJX9XIaKWdKK B5fBjIDt6ao9pFs6JUnoSkN7igA2+H59UUStCWm98Xwa3ltHri+C4BY0/OA0gZ3/JMWIcIY WmxDqQrZ0/knVzT/1OyQC54zY2yLElTz6EGuUr8zCtx6xCv1pPtz/yxYWI11IjmIE3qutcm Uhf9gFPBiVX+U/eOXuI3Q==
X-UI-Out-Filterresults: notjunk:1;
Archived-At: <http://mailarchive.ietf.org/arch/msg/secdir/mYjUrZDtPV1ZwjT2icmR6IGPxgI>
Cc: "draft-ietf-tls-downgrade-scsv.all@tools.ietf.org" <draft-ietf-tls-downgrade-scsv.all@tools.ietf.org>, The IESG <iesg@ietf.org>, Adam Langley <agl@google.com>, secdir <secdir@ietf.org>
Subject: Re: [secdir] SecDir review of draft-ietf-tls-downgrade-scsv-03
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Jan 2015 19:57:18 -0000

> A few missing articles:
>>> "The fallback SCSV defined in this document is not *a* suitable
>>> substitute"
>>> "if *the* TLS implementations also include support for (the) predecessor
>>> protocol SSL 3.0"
>>
>>

> I don't think either of these is technically necessary, but I'l entirely
>> leave the decision about these articles to my co-author :-)
>>
>>
I've just received Russ Housley's Gen-ART review, in which he also asked to
change "is not suitable substitute" into "is not a suitable substitute"; so
I'll do that.

Bodo