IETF Logo Mail Archive

Re: [TLS] RFC 5929 tls-unique clarification?

Simon Josefsson <simon@josefsson.org> Sat, 06 November 2010 09:47 UTC

Return-Path: <simon@josefsson.org>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 64E213A67D3; Sat, 6 Nov 2010 02:47:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1g1lzJcnpIMl; Sat, 6 Nov 2010 02:47:01 -0700 (PDT)
Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by core3.amsl.com (Postfix) with ESMTP id 129293A6781; Sat, 6 Nov 2010 02:47:00 -0700 (PDT)
Received: from latte.josefsson.org ([213.115.164.118]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id oA69l2DU002286 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Sat, 6 Nov 2010 10:47:05 +0100
From: Simon Josefsson <simon@josefsson.org>
To: mrex@sap.com
References: <87iq13k62s.fsf@mocca.josefsson.org> <201011060000.oA600Tja026012__47265.1795288131$1289001651$gmane$org@fs4113.wdf.sap.corp>
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
X-Hashcash: 1:22:101106:mrex@sap.com::REgRcMg9D8oVrmjN:A0Sh
X-Hashcash: 1:22:101106:kitten@ietf.org::D6JP0BhFdEA5LgJT:EH+K
X-Hashcash: 1:22:101106:tls@ietf.org::B1Dgbyqr56Z2QrF7:tG1E
Date: Sat, 06 Nov 2010 10:46:49 +0100
In-Reply-To: <201011060000.oA600Tja026012__47265.1795288131$1289001651$gmane$org@fs4113.wdf.sap.corp> (Martin Rex's message of "Sat, 6 Nov 2010 01:00:29 +0100 (MET)")
Message-ID: <8739revl6e.fsf@latte.josefsson.org>
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Virus-Scanned: clamav-milter 0.96.3 at yxa-v
X-Virus-Status: Clean
Cc: kitten@ietf.org, tls@ietf.org
Subject: Re: [TLS] RFC 5929 tls-unique clarification?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Nov 2010 09:47:02 -0000

Martin Rex <mrex@sap.com> writes:

> rfc5929 clearly says "Finished struct", which differs from the
> verify_data as used by rfc5246 (TLS extension RI) in that
> it WILL include the length field of the verify_data opaque vector.
>
> If there had been any mentioning of the CB sizes for tls-unique, similar
> to rfc5746 (12 octets for TLSv1.x and existing cipher suites,
> 36 octets for SSLv3), then I would not be wondering whether this
> spec really means what it says.
>
> What size does your tls-unique CB have for TLSv1.x?  12 or 13 octets?

Sigh.  I used 12 octets, but your interpretation suggests 13 octets even
though that is silly.  My new API is not in any stable GnuTLS release,
so there is still time to fix it.

Were anyone able to interop test against the Microsoft implementation
that were the justification to change the definition?

I'd love to do interop testing with someone else, to feel more confident
in the output.  I do support both TLSv1 and SSLv3 Finished messages, but
I'm striping the initial length octet.  I'll change that if there is
consensus on the interpretation.

/Simon

v2.23.0 | Report a Bug | By Email