Re: [TLS] Protocol version for inappropriate_fallback alerts
Bodo Moeller <bmoeller@acm.org> Fri, 14 November 2014 22:56 UTC
Return-Path: <bmoeller@acm.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 416431AD352 for <tls@ietfa.amsl.com>; Fri, 14 Nov 2014 14:56:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.262
X-Spam-Level:
X-Spam-Status: No, score=-0.262 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hRPPa-XxM4hd for <tls@ietfa.amsl.com>; Fri, 14 Nov 2014 14:56:53 -0800 (PST)
Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.17.13]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F0EB11AD33F for <tls@ietf.org>; Fri, 14 Nov 2014 14:56:52 -0800 (PST)
Received: from mail-ob0-f181.google.com (mail-ob0-f181.google.com [209.85.214.181]) by mrelayeu.kundenserver.de (node=mreue104) with ESMTP (Nemesis) id 0MekDA-1XeUeI3vtw-00OEkm; Fri, 14 Nov 2014 23:56:51 +0100
Received: by mail-ob0-f181.google.com with SMTP id gq1so883027obb.26 for <tls@ietf.org>; Fri, 14 Nov 2014 14:56:48 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.202.198.21 with SMTP id w21mr4182568oif.64.1416005808873; Fri, 14 Nov 2014 14:56:48 -0800 (PST)
Received: by 10.60.32.42 with HTTP; Fri, 14 Nov 2014 14:56:48 -0800 (PST)
In-Reply-To: <20141114185250.25A671AFD0@ld9781.wdf.sap.corp>
References: <CACsn0c=HmpZgmqohqqkq0tOoV9kMORfxmChH86PS3UWER9-3Yg@mail.gmail.com> <20141114185250.25A671AFD0@ld9781.wdf.sap.corp>
Date: Fri, 14 Nov 2014 23:56:48 +0100
Message-ID: <CADMpkcLL0VC3FOZ0N+AUt6VYVAJd3uQu=5_JsPxUAJbLjg1R7Q@mail.gmail.com>
From: Bodo Moeller <bmoeller@acm.org>
To: Martin Rex <mrex@sap.com>
Content-Type: multipart/alternative; boundary="001a11c17ac83d1e410507d98b43"
X-Provags-ID: V02:K0:qyfHJ0sMgP2xakRoaauxl0xI3lK9v+2gkQ8dmgr1NtP edQqlaM7FhDi0Sxguv2Sp5i1hwL8ttN1Hc6s4d4oOJ2ROY9X/u hCmOPW0acokp+SuBWQHys6/YvPdQGGn0pB44EAldxurZN9weBk ptcX4exp/WH/gOVXrCOQBuCk7JqIlUabbKgysKg9DQ8Spiij2u IugKWIvyn9kliD6Z2eXWhdqSiEMUi5ZoGR/Gm7siVsfo59meFH zBBaNVfUUCf+uwKK+UBrhXa2kTEMfB7IjaG2eZb+LxAAWRMn8G WjAZixM0TfoHgvr3/EqDOY7BPssvPF9srUXcX9E/fXY00XX24j ItCFHr84P4pUFFmpwQGqVY1ISdbrbssXIIQDQJ4j6D8QHn+rIe U8alexMVoivYaTXTgREg0nIYNzgoU3IAjKDdO+3XZwQOdtIgXa LiJMG
X-UI-Out-Filterresults: notjunk:1;
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/32YudT_QAc_frnzQimHwn13e-BY
Cc: Florian Weimer <fweimer@redhat.com>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Protocol version for inappropriate_fallback alerts
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Nov 2014 22:56:54 -0000
Martin Rex <mrex@sap.com>: Creating specification with ambiguities or undefined behaviour, > pushing the buck to implementors, is never a good idea. > Now I am thoroughly confused by what you're saying. A bit earlier you argued *against* specifying a MUST for the record-layer version number to be used with the inappropriate_fallback alert (as it appears in draft-ietf-tls-downgrade-scsv-02), proposing instead a wording that you said was "vague on purpose". I can't reconcile that with what you're saying here. The only constant theme I can make out is that whatever you're saying at a given time is undoubtedly right. (For the record, I'm still happy with what draft-ietf-tls-downgrade-scsv-02 says.) Bodo
- [TLS] I-D Action: draft-ietf-tls-downgrade-scsv-0… internet-drafts
- [TLS] Protocol version for inappropriate_fallback… Florian Weimer
- Re: [TLS] Protocol version for inappropriate_fall… Bodo Moeller
- Re: [TLS] Protocol version for inappropriate_fall… Florian Weimer
- Re: [TLS] Protocol version for inappropriate_fall… Martin Thomson
- Re: [TLS] Protocol version for inappropriate_fall… Bodo Moeller
- Re: [TLS] Protocol version for inappropriate_fall… Martin Rex
- Re: [TLS] Protocol version for inappropriate_fall… Martin Thomson
- Re: [TLS] Protocol version for inappropriate_fall… Bodo Moeller
- Re: [TLS] Protocol version for inappropriate_fall… Martin Rex
- Re: [TLS] Protocol version for inappropriate_fall… Bodo Moeller
- Re: [TLS] Protocol version for inappropriate_fall… Martin Rex
- Re: [TLS] Protocol version for inappropriate_fall… Bodo Moeller
- Re: [TLS] Protocol version for inappropriate_fall… Bodo Moeller
- Re: [TLS] Protocol version for inappropriate_fall… Florian Weimer
- Re: [TLS] Protocol version for inappropriate_fall… Bodo Moeller
- Re: [TLS] Protocol version for inappropriate_fall… Florian Weimer
- Re: [TLS] Protocol version for inappropriate_fall… Martin Rex
- Re: [TLS] Protocol version for inappropriate_fall… Ben Laurie
- Re: [TLS] Protocol version for inappropriate_fall… Martin Rex
- Re: [TLS] Protocol version for inappropriate_fall… Watson Ladd
- Re: [TLS] Protocol version for inappropriate_fall… Martin Rex
- Re: [TLS] Protocol version for inappropriate_fall… Bodo Moeller
- Re: [TLS] Protocol version for inappropriate_fall… Martin Rex