IETF Logo Mail Archive

Re: [TLS] 2nd WGLC: draft-ietf-tls-downgrade-scsv

Bodo Moeller <bmoeller@acm.org> Thu, 04 December 2014 08:54 UTC

Return-Path: <bmoeller@acm.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DD7131A8966 for <tls@ietfa.amsl.com>; Thu, 4 Dec 2014 00:54:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.262
X-Spam-Level:
X-Spam-Status: No, score=-0.262 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_SOFTFAIL=0.665] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f65cMLI3YgMP for <tls@ietfa.amsl.com>; Thu, 4 Dec 2014 00:53:56 -0800 (PST)
Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.17.24]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7DFD91A8963 for <tls@ietf.org>; Thu, 4 Dec 2014 00:53:56 -0800 (PST)
Received: from mail-ob0-f169.google.com (mail-ob0-f169.google.com [209.85.214.169]) by mrelayeu.kundenserver.de (node=mreue105) with ESMTP (Nemesis) id 0LbJdK-1XYv3A0K5a-00kyOI; Thu, 04 Dec 2014 09:53:54 +0100
Received: by mail-ob0-f169.google.com with SMTP id vb8so2483904obc.0 for <tls@ietf.org>; Thu, 04 Dec 2014 00:53:53 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.182.111.229 with SMTP id il5mr5810449obb.31.1417683233013; Thu, 04 Dec 2014 00:53:53 -0800 (PST)
Received: by 10.60.32.42 with HTTP; Thu, 4 Dec 2014 00:53:52 -0800 (PST)
In-Reply-To: <CABkgnnXfN65t2rGYd3fjag_cXN7qYEZY_jSK5LPQXkS7wHOMuA@mail.gmail.com>
References: <8FB8D433-184E-41DA-8DBD-E929B9E8E9C2@ieca.com> <CAFewVt5XrE_qc7ejqW3Zwa-qfvzBksZevsytt6e3G4CaQTiQeA@mail.gmail.com> <CABkgnnXfN65t2rGYd3fjag_cXN7qYEZY_jSK5LPQXkS7wHOMuA@mail.gmail.com>
Date: Thu, 04 Dec 2014 09:53:52 +0100
Message-ID: <CADMpkc+UA4r7ceguKV3mqfpOgbzdO1yEDMDdYM-7uGyskd3m-g@mail.gmail.com>
From: Bodo Moeller <bmoeller@acm.org>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="089e01536896820a430509601900"
X-Provags-ID: V02:K0:HWo5m3eGGwsYJ/CfkN1OukV+uqcQ+hvkWHqDvh9IgkP 3dUrzAHU2EpEgRnjGa4egYVSJW7YWEDOOeEk/BY4K2rHOzco5A 80FkSO0XlsfGzFbec73cv7ubUJUrpYCJk0lVrrI04MqwZPqTz/ NsOJw76yVP99xrcaIHo6jV7BH+6IJFybMrcojmw8Dev+6RBPBH FX/TOERFUht08d67Z/SL8XuGNQNFlUYh6oBe+nihdzaAhaJtRK tKP8VGinW5hGxZ41O7LVxxlgOLcALVManQlr59ATQSecr4NjGi cDKiF3ooD+PXpoR0BKZtN7TiDfYdFr3H6vc54o7HQG3jkRUmSW svSYD0zgm+d5drbIOqwsOVhsjqnGhH+6WSBpn5XKtlCIkHrPbW PZaUjC+LmUOPvopW/xZtSLi5p2ICe1ThQpgkZmqWZKUxF8PmTw cX1MQ
X-UI-Out-Filterresults: notjunk:1;
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/445pbMS7o6ISak5PpXvtb4pS2M8
Subject: Re: [TLS] 2nd WGLC: draft-ietf-tls-downgrade-scsv
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Dec 2014 08:54:01 -0000

Martin Thomson <martin.thomson@gmail.com>:

> On 3 December 2014 at 15:37, Brian Smith <brian@briansmith.org> wrote:



> > The text in the draft should be changed to read something like
> > "Clients SHOULD put the TLS_FALLBACK_SCSV after all cipher suites that
> > the client actually intends to negotiate."


Your edit makes sense.
>

Yes, I agree.

(The recommended behavior will be exactly the same, the change is only that
it will be explicitly RECOMMENDED using RFC 2119 magic words where the
current wording is possibly too vague, and certainly too complicated.)

Bodo

v2.23.0 | Report a Bug | By Email