Re: [TLS] Closing some open comments on draft-ietf-tls-renegotiation

Dr Stephen Henson <lists@drh-consultancy.demon.co.uk> Fri, 11 December 2009 21:21 UTC

Return-Path: <lists@drh-consultancy.demon.co.uk>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7E7193A681A for <tls@core3.amsl.com>; Fri, 11 Dec 2009 13:21:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.745
X-Spam-Level:
X-Spam-Status: No, score=-2.745 tagged_above=-999 required=5 tests=[AWL=-0.146, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uFiHgiaXywoM for <tls@core3.amsl.com>; Fri, 11 Dec 2009 13:21:47 -0800 (PST)
Received: from claranet-outbound-smtp03.uk.clara.net (claranet-outbound-smtp03.uk.clara.net [195.8.89.36]) by core3.amsl.com (Postfix) with ESMTP id 0622A3A657C for <tls@ietf.org>; Fri, 11 Dec 2009 13:21:46 -0800 (PST)
Received: from drh-consultancy.demon.co.uk ([80.177.30.10]:49948 helo=[192.168.7.8]) by relay03.mail.eu.clara.net (relay.clara.net [213.253.3.43]:10587) with esmtpa (authdaemon_plain:drh) id 1NJCvc-00063Y-CR for tls@ietf.org (return-path <lists@drh-consultancy.demon.co.uk>); Fri, 11 Dec 2009 21:21:33 +0000
Message-ID: <4B22B7E3.30903@drh-consultancy.demon.co.uk>
Date: Fri, 11 Dec 2009 21:21:39 +0000
From: Dr Stephen Henson <lists@drh-consultancy.demon.co.uk>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: tls@ietf.org
References: <r02010500-1049-533D56E4E69A11DE826D0030658F0F64@[192.168.1.5]>
In-Reply-To: <r02010500-1049-533D56E4E69A11DE826D0030658F0F64@[192.168.1.5]>
X-Enigmail-Version: 0.96.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: Re: [TLS] Closing some open comments on draft-ietf-tls-renegotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Dec 2009 21:21:53 -0000

Bill Frantz wrote:
> mike-list@pobox.com (Michael D'Errico) on Friday, December 11, 2009 wrote:
> 
>> Eric Rescorla wrote:
>>> 1. Replace "cipher suite" with magic cipher suite value (MCSV) 
>>>    throughout.
>> I'm not sure we want to call it "magic" in the RFC (even though I
>> am probably guilty of calling it that in previous messages).
>> Perhaps "special" would be a better adjective?
> 
> Or perhaps, in a moment of candor, kludge cipher suite value (KCSV).
> 

The test version of OpenSSL has it set to 0FEC which was roughly speaking my
reaction when I heard of the vulnerability in the first place.

Steve.
-- 
Dr Stephen N. Henson.
Core developer of the   OpenSSL project: http://www.openssl.org/
Freelance consultant see: http://www.drh-consultancy.co.uk/
Email: shenson@drh-consultancy.co.uk, PGP key: via homepage.