Re: [TLS] Last Call: <draft-ietf-tls-ssl2-must-not-03.txt> (Prohibiting SSL Version 2.0) to Proposed Standard

Matt McCutchen <matt@mattmccutchen.net> Thu, 02 December 2010 06:01 UTC

Return-Path: <matt@mattmccutchen.net>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5D11B3A68BF for <tls@core3.amsl.com>; Wed, 1 Dec 2010 22:01:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.011
X-Spam-Level:
X-Spam-Status: No, score=-2.011 tagged_above=-999 required=5 tests=[AWL=0.588, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ep5t5tjzCTeY for <tls@core3.amsl.com>; Wed, 1 Dec 2010 22:01:01 -0800 (PST)
Received: from homiemail-a62.g.dreamhost.com (mx1.spunky.mail.dreamhost.com [208.97.132.47]) by core3.amsl.com (Postfix) with ESMTP id 6B01D3A68BC for <tls@ietf.org>; Wed, 1 Dec 2010 22:01:00 -0800 (PST)
Received: from homiemail-a62.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a62.g.dreamhost.com (Postfix) with ESMTP id D750363406E; Wed, 1 Dec 2010 22:02:15 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=mattmccutchen.net; h=subject:from :to:cc:in-reply-to:references:content-type:date:message-id :mime-version:content-transfer-encoding; q=dns; s= mattmccutchen.net; b=OpzExZMqo+5Jy+1nVxLtvD8M6HshEYCa+CA6XN2MJNF cti/bFQe5cpM3cqRMwi8VG/jJr8GF5qktPhh6wTMm3s6dPmhK3I4O5p5XmPJS/fF p8XvMJDKcrvLOkwpRnqJVVefJrErhsNocFjDZEyQUlefxkOVwSA3ZTzGbzk/00YE =
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=mattmccutchen.net; h= subject:from:to:cc:in-reply-to:references:content-type:date :message-id:mime-version:content-transfer-encoding; s= mattmccutchen.net; bh=y+x33PGKCaofloL3FhXFcLyG3jQ=; b=QpVAfpDmgB 8thhAE2M1DJendQJLtPHM+lfZBYAQuCDeIKsgb+HcR9PGpf+M+220FtXYhv0Xm1h nsHcCkT+44dcojV1OHs5u5TRA06UldGlJXI4fGrGwF0njIw6QOCf5H/obxizgjz1 qQxsE1Az5Pdm78DIJ0Z9bpQ5HdZax2XBE=
Received: from [129.2.249.209] (ml2.student.umd.edu [129.2.249.209]) (Authenticated sender: matt@mattmccutchen.net) by homiemail-a62.g.dreamhost.com (Postfix) with ESMTPA id 7DEE7634064; Wed, 1 Dec 2010 22:02:15 -0800 (PST)
From: Matt McCutchen <matt@mattmccutchen.net>
To: Michael D'Errico <mike-list@pobox.com>
In-Reply-To: <4CF7337D.2030302@pobox.com>
References: <20101201135503.20212.98672.idtracker@localhost> <002a01cb91c8$ff8f4fe0$feadefa0$@net> <4CF7283C.2030905@pobox.com> <1291267457.13496.12.camel@mattlaptop2.local> <4CF7337D.2030302@pobox.com>
Content-Type: text/plain; charset="UTF-8"
Date: Thu, 02 Dec 2010 01:02:14 -0500
Message-ID: <1291269734.13496.16.camel@mattlaptop2.local>
Mime-Version: 1.0
X-Mailer: Evolution 2.32.1
Content-Transfer-Encoding: 7bit
Cc: Glen Zorn <gwz@net-zen.net>, tls@ietf.org
Subject: Re: [TLS] Last Call: <draft-ietf-tls-ssl2-must-not-03.txt> (Prohibiting SSL Version 2.0) to Proposed Standard
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Dec 2010 06:01:02 -0000

On Wed, 2010-12-01 at 21:49 -0800, Michael D'Errico wrote:
> Matt McCutchen wrote:
> > On Wed, 2010-12-01 at 21:01 -0800, Michael D'Errico wrote:
> >> The reason it is OK to accept CLIENT-HELLO is because it can carry the SCSV
> >> cipher suite value used to plug the renegotiation security hole (RFC 5746).
> > 
> > Why is that relevant?  The draft only retires SSL 2.0, for reasons
> > unrelated to the renegotiation issue.
> 
> If you couldn't put the SCSV into the CLIENT-HELLO, then it would not
> be OK for servers to accept that message; it would have to be a MUST
> NOT.

You have just said the same thing again.  Why?  What potential security
problem be prevented by the server not accepting a SSL 2.0 CLIENT-HELLO?

-- 
Matt