Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dtls-connection-id-07
Peter Gutmann <pgut001@cs.auckland.ac.nz> Fri, 30 October 2020 12:39 UTC
Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C8C5F3A0E53 for <tls@ietfa.amsl.com>; Fri, 30 Oct 2020 05:39:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uU7f55v47VpG for <tls@ietfa.amsl.com>; Fri, 30 Oct 2020 05:39:18 -0700 (PDT)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [124.47.189.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D12ED3A0E51 for <tls@ietf.org>; Fri, 30 Oct 2020 05:39:17 -0700 (PDT)
Received: from AUS01-ME1-obe.outbound.protection.outlook.com (mail-me1aus01lp2055.outbound.protection.outlook.com [104.47.116.55]) (Using TLS) by relay.mimecast.com with ESMTP id au-mta-38-ullz4rqJM7mCCMEHIWJKyA-1; Fri, 30 Oct 2020 23:39:13 +1100
X-MC-Unique: ullz4rqJM7mCCMEHIWJKyA-1
Received: from HK2P15301CA0007.APCP153.PROD.OUTLOOK.COM (2603:1096:202:1::17) by MEXPR01MB2040.ausprd01.prod.outlook.com (2603:10c6:200:34::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3499.27; Fri, 30 Oct 2020 12:39:08 +0000
Received: from HK2APC01FT006.eop-APC01.prod.protection.outlook.com (2603:1096:202:1:cafe::59) by HK2P15301CA0007.outlook.office365.com (2603:1096:202:1::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3541.5 via Frontend Transport; Fri, 30 Oct 2020 12:39:07 +0000
X-MS-Exchange-Authentication-Results: spf=none (sender IP is 130.216.95.208) smtp.mailfrom=cs.auckland.ac.nz; ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cs.auckland.ac.nz
Received: from uxcn13-tdc-e.UoA.auckland.ac.nz (130.216.95.208) by HK2APC01FT006.mail.protection.outlook.com (10.152.248.74) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.3520.15 via Frontend Transport; Fri, 30 Oct 2020 12:39:06 +0000
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) by uxcn13-tdc-e.UoA.auckland.ac.nz (10.6.3.9) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Sat, 31 Oct 2020 01:39:04 +1300
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.5]) by uxcn13-ogg-d.UoA.auckland.ac.nz ([10.6.2.5]) with mapi id 15.00.1497.006; Sat, 31 Oct 2020 01:39:04 +1300
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Achim Kraus <achimkraus@gmx.net>, Eric Rescorla <ekr@rtfm.com>, Benjamin Kaduk <kaduk@mit.edu>
CC: "tls@ietf.org" <tls@ietf.org>, "draft-ietf-tls-dtls-connection-id@ietf.org" <draft-ietf-tls-dtls-connection-id@ietf.org>
Thread-Topic: [TLS] Fwd: Re: AD review of draft-ietf-tls-dtls-connection-id-07
Thread-Index: AQHWncvAQ77zt/Pb8kedODaFG/dZV6mN7DQAgAEC6QCAAKUsgIAA/woAgACGJYCAAAZgAIAAtp8AgAG6KgCAAJAuAIACqnYAgACTdQCAAKQkgIANPhMAgASciICAAAYhgIAAAduAgAV1SQCAANt2Aw==
Date: Fri, 30 Oct 2020 12:39:03 +0000
Message-ID: <1604061544196.52783@cs.auckland.ac.nz>
References: <13a821d3-30cc-94b8-842c-22a87d280f09@gmx.net> <CACsn0cn4QcnaoocQeoiUXgGoAvfOs+1+Ei76z1Kuq8MMqNEh3Q@mail.gmail.com> <0327abb0-6317-b848-28d0-1fc50f4bf50e@gmx.net> <20201012200548.GD1212@kduck.mit.edu> <bab402e6-3353-d750-a849-21c91081f94e@gmx.net> <20201014212428.GP50845@kduck.mit.edu> <a7110178-6220-175e-869d-fcc44400f773@gmx.net> <CABcZeBNocUYZO9yxuG-DYh33ss+Dum1EOxHYEdww5OCR=rKFXw@mail.gmail.com> <20201024021316.GN39170@kduck.mit.edu> <CABcZeBPP_PFWtaNB4Wr+2MoY2+8Mh1Vxt9A-Hp5LaCg9DiLCFw@mail.gmail.com> <20201027010029.GG39170@kduck.mit.edu> <CABcZeBOQxpWMSuJiiXDB0Cf62iNU+hU8Wpd_Pd_1HOgXJYc0Kg@mail.gmail.com>, <3e55d1fe-62b2-c62e-a085-032ecb43addb@gmx.net>
In-Reply-To: <3e55d1fe-62b2-c62e-a085-032ecb43addb@gmx.net>
Accept-Language: en-NZ, en-GB, en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: b6646132-70dd-4d3b-917b-08d87cd0cad1
X-MS-TrafficTypeDiagnostic: MEXPR01MB2040:
X-Microsoft-Antispam-PRVS: <MEXPR01MB2040EA96646BBD72ABCD7448EE150@MEXPR01MB2040.ausprd01.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:8882
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0
X-Microsoft-Antispam-Message-Info: bP3l/qZN9S6zA6rzZoxsjnJGh2HbS0r5wNoQL/QYNsnL16ywSZJMVZvGwNAVneP/bVr9SLiPO/M9EoIpwIJCuXLZm58pS8MzwOjgslqD/qEaO218YkdpMIgzzYusN/0VtdG3p9shHy/BgeFHsu9+LRyk04fG9iz+VWHAq5g7Gjp/dLKZQB13tNMP2D71kb7R9F/gmxH42bODPn1YL7MaPSmKhsacJc8sOMA6kmqthyWWprAcZej/CYkSJ0m/PVgBnIhx+1ILO0CF2PcQKFlsXjFRa679bgDHjkkpIE0JQREYlWMxpG/htHM1g3I/Y85xlzXSUqGpvR3QyxsbiD+6j2R30ZwKVHL00RGcJZN48UfYl9kC8n5Dy6kIpEl5JZEFpELhxTpNT5C3ugGxIiFGCQ==
X-Forefront-Antispam-Report: CIP:130.216.95.208; CTRY:NZ; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:uxcn13-tdc-e.UoA.auckland.ac.nz; PTR:natgate1-1.auckland.ac.nz; CAT:NONE; SFS:(4636009)(346002)(396003)(376002)(39850400004)(136003)(46966005)(8936002)(5660300002)(478600001)(7636003)(356005)(4744005)(8676002)(82740400003)(336012)(2616005)(47076004)(83380400001)(86362001)(2906002)(36906005)(26005)(70206006)(316002)(70586007)(110136005)(54906003)(186003)(82310400003)(786003)(4326008); DIR:OUT; SFP:1101
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Oct 2020 12:39:06.7220 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: b6646132-70dd-4d3b-917b-08d87cd0cad1
X-MS-Exchange-CrossTenant-Id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=d1b36e95-0d50-42e9-958f-b63fa906beaa; Ip=[130.216.95.208]; Helo=[uxcn13-tdc-e.UoA.auckland.ac.nz]
X-MS-Exchange-CrossTenant-AuthSource: HK2APC01FT006.eop-APC01.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MEXPR01MB2040
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Language: en-NZ
Content-Type: text/plain; charset="WINDOWS-1252"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/-quGduxsZD-2bx9gaLgOrsb8NvM>
Subject: Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dtls-connection-id-07
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Oct 2020 12:39:20 -0000
Achim Kraus <achimkraus@gmx.net> writes: >2. Why should a "uint16 iv_length" be added? To make it explicit which of the bits being hashed is the IV. This is one of the flaws of things like OAEP, there are a large number of implicitly-sized fields controlled by external, unauthenticated parameters, so you can make the verifier see fields as other, nearby fields (I'm using OAEP as an example because it's particularly bad, there are so many optional values controlled by external unauthenticated data that you can have all sorts of fun with it). >2.b If it should be added, why in the middle? It's not on the wire and so I >would assume, if at all, to have that at the begin. It precedes the IV, i.e. the field that it describes. Peter.
- [TLS] AD review of draft-ietf-tls-dtls-connection… Benjamin Kaduk
- Re: [TLS] AD review of draft-ietf-tls-dtls-connec… Achim Kraus
- Re: [TLS] AD review of draft-ietf-tls-dtls-connec… Benjamin Kaduk
- Re: [TLS] AD review of draft-ietf-tls-dtls-connec… Achim Kraus
- Re: [TLS] AD review of draft-ietf-tls-dtls-connec… Achim Kraus
- [TLS] Fwd: Re: AD review of draft-ietf-tls-dtls-c… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Benjamin Kaduk
- Re: [TLS] AD review of draft-ietf-tls-dtls-connec… Benjamin Kaduk
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] AD review of draft-ietf-tls-dtls-connec… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Benjamin Kaduk
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Michael D'Errico
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Joseph Salowey
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Watson Ladd
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Ilari Liusvaara
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… antoine
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… antoine
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Michael D'Errico
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Benjamin Kaduk
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Benjamin Kaduk
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Benjamin Kaduk
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Benjamin Kaduk
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Benjamin Kaduk
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Eric Rescorla
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Benjamin Kaduk
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Benjamin Kaduk
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Eric Rescorla
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Benjamin Kaduk
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Eric Rescorla
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Benjamin Kaduk
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Peter Gutmann
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Benjamin Kaduk
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Achim Kraus
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Benjamin Kaduk
- Re: [TLS] Fwd: Re: AD review of draft-ietf-tls-dt… Eric Rescorla