Re: [TLS] Comments/Questions on draft-gutmann-tls-encrypt-then-mac-00.txt

Peter Gutmann <> Thu, 26 September 2013 04:27 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9263F21F9AA3 for <>; Wed, 25 Sep 2013 21:27:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.586
X-Spam-Status: No, score=-2.586 tagged_above=-999 required=5 tests=[AWL=0.013, BAYES_00=-2.599]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 1mbpVZhRtOjb for <>; Wed, 25 Sep 2013 21:27:21 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id C593221F99C3 for <>; Wed, 25 Sep 2013 21:27:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;;; q=dns/txt; s=uoa; t=1380169640; x=1411705640; h=from:to:subject:date:message-id: content-transfer-encoding:mime-version; bh=1ol/5EzjjXCnB02f1fNVBHSh89XAjj3EOhXRBbcyhxc=; b=eIDcBCyPOO5qTuKpVWzkRK5uQhCzYICzxLhNZI2FWks7heM/GZtfFO86 xDLCbPyLXQP4GIYtaJkKrNXpKIjE8hzFS3YXWJItHYrsE4x+AQ5OywmTk 3azqol9y0ioiyZUsU8a4r7D85GFIM6dBHgTAg6tU0aIDWyW1csGbIwGam k=;
X-IronPort-AV: E=Sophos;i="4.90,982,1371038400"; d="scan'208";a="214283124"
X-Ironport-Source: - Outgoing - Outgoing
Received: from ([]) by with ESMTP/TLS/AES128-SHA; 26 Sep 2013 16:27:17 +1200
Received: from ([]) by ([]) with mapi id 14.02.0318.004; Thu, 26 Sep 2013 16:27:16 +1200
From: Peter Gutmann <>
To: "<>" <>
Thread-Topic: [TLS] Comments/Questions on draft-gutmann-tls-encrypt-then-mac-00.txt
Thread-Index: Ac66cK4NqVuVho6TShis7a3twaoyzg==
Date: Thu, 26 Sep 2013 04:27:15 +0000
Message-ID: <>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [TLS] Comments/Questions on draft-gutmann-tls-encrypt-then-mac-00.txt
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 26 Sep 2013 04:27:26 -0000

Michael D'Errico <> writes:

>Instead of particular versions, it seems to me that an indicator of "I
>tried to connect using a higher version than I'm using now but had to
>fall back to this verion" would cover any case now or later.

That seems more intuitively useful from the server admin's point of view,
you could use it to gather traffic stats on forced fallbacks, detect
middleboxes, and so on.  It'd also allow you to make informed decisions
on how far you want to fall back, for example you could use it to 
determine that only 0.5% of users are having to fall back to SSLv3 and 
therefore refuse to connect below TLS 1.0.