Re: [TLS] Fwd: [Technical Errata Reported] RFC2246 (3481)
Simon Josefsson <simon@josefsson.org> Mon, 12 August 2013 21:21 UTC
Return-Path: <simon@josefsson.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B63921F9F4F for <tls@ietfa.amsl.com>; Mon, 12 Aug 2013 14:21:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wYi-wjiZSYlW for <tls@ietfa.amsl.com>; Mon, 12 Aug 2013 14:21:12 -0700 (PDT)
Received: from duva.sjd.se (duva.sjd.se [IPv6:2001:9b0:1:1702::100]) by ietfa.amsl.com (Postfix) with ESMTP id 802A621F9F44 for <tls@ietf.org>; Mon, 12 Aug 2013 14:21:11 -0700 (PDT)
Received: from latte.josefsson.org (static-213-115-179-130.sme.bredbandsbolaget.se [213.115.179.130]) (authenticated bits=0) by duva.sjd.se (8.14.4/8.14.4/Debian-4) with ESMTP id r7CLL4BQ011923 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Mon, 12 Aug 2013 23:21:05 +0200
From: Simon Josefsson <simon@josefsson.org>
To: Sean Turner <turners@ieca.com>
References: <20130208220123.1011DB1E004@rfc-editor.org> <52094A48.5010304@ieca.com>
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
X-Hashcash: 1:22:130812:tls@ietf.org::9tV5QzYjm+JCEtSt:CUvO
X-Hashcash: 1:22:130812:turners@ieca.com::9eFj5OB3vPvQl/73:DhLh
Date: Mon, 12 Aug 2013 23:21:04 +0200
In-Reply-To: <52094A48.5010304@ieca.com> (Sean Turner's message of "Mon, 12 Aug 2013 16:49:12 -0400")
Message-ID: <87wqnqzjun.fsf@latte.josefsson.org>
User-Agent: Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: clamav-milter 0.97.8 at duva.sjd.se
X-Virus-Status: Clean
Cc: tls@ietf.org
Subject: Re: [TLS] Fwd: [Technical Errata Reported] RFC2246 (3481)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Aug 2013 21:21:13 -0000
Sean Turner <turners@ieca.com> writes: > Yes I know this is an errata against TLS 1.0, but should it be adopted? I think that fixing the spec for TLSv1.0 to match with what's deployed would be quite useful, but this may be opening the floodgates since there are so many issues. Perhaps a 2246bis-document to describe TLSv1.0 is an easier way to manage this. /Simon > -------- Original Message -------- > Subject: [Technical Errata Reported] RFC2246 (3481) > Date: Fri, 8 Feb 2013 14:01:22 -0800 (PST) > From: RFC Errata System <rfc-editor@rfc-editor.org> > To: tdierks@certicom.com, pck@netcom.com, relyea@netscape.com, > jar@netscape.com, msabin@netcom.com, dansimon@microsoft.com, > tomw@netscape.com, hugo@watson.ibm.com, stephen.farrell@cs.tcd.ie, > turners@ieca.com, ekr@networkresonance.com, jsalowey@cisco.com, > ekr@rtfm.com > CC: mrex@sap.com, tls@ietf.org, rfc-editor@rfc-editor.org > > > The following errata report has been submitted for RFC2246, > "The TLS Protocol Version 1.0". > > -------------------------------------- > You may review the report below and at: > http://www.rfc-editor.org/errata_search.php?rfc=2246&eid=3481 > > -------------------------------------- > Type: Technical > Reported by: Martin Rex <mrex@sap.com> > > Section: 8.1.2 > > Original Text > ------------- > 8.1.2. Diffie-Hellman > > > > A conventional Diffie-Hellman computation is performed. The > > negotiated key (Z) is used as the pre_master_secret, and is converted > > into the master_secret, as specified above. > > > > Corrected Text > -------------- > 8.1.2. Diffie-Hellman > > > > A conventional Diffie-Hellman computation is performed. The > > negotiated key (Z) is used as the pre_master_secret, and is converted > > into the master_secret, as specified above. Leading bytes of Z that > > contain all zero bits are stripped before it is used as the > > pre_master_secret. > > > > Notes > ----- > Adopting the clarification from rfc4346 Section 8.1.2. Not stripping > the leading zero bits of Z will cause interop problems (handshake > failures) with the installed base. Rfc2246 is still the authoritative > spec for TLSv1.0. One can not implement TLSv1.0 from rfc4346. > > Instructions: > ------------- > This errata is currently posted as "Reported". If necessary, please > use "Reply All" to discuss whether it should be verified or > rejected. When a decision is reached, the verifying party (IESG) > can log in to change the status and edit the report, if necessary. > > -------------------------------------- > RFC2246 (no draft string recorded) > -------------------------------------- > Title : The TLS Protocol Version 1.0 > Publication Date : January 1999 > Author(s) : T. Dierks, C. Allen > Category : PROPOSED STANDARD > Source : Transport Layer Security > Area : Security > Stream : IETF > Verifying Party : IESG > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] [Technical Errata Reported] RFC2246 (3481) RFC Errata System
- [TLS] Fwd: [Technical Errata Reported] RFC2246 (3… Sean Turner
- Re: [TLS] Fwd: [Technical Errata Reported] RFC224… Bodo Moeller
- Re: [TLS] Fwd: [Technical Errata Reported] RFC224… Simon Josefsson
- Re: [TLS] Fwd: [Technical Errata Reported] RFC224… Sean Turner
- [TLS] [Errata Rejected] RFC2246 (3481) RFC Errata System