[TLS] Antw: Re: Suspicious behaviour of TLS server implementations

"Andreas Walz" <andreas.walz@hs-offenburg.de> Wed, 21 September 2016 17:33 UTC

Return-Path: <andreas.walz@hs-offenburg.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 41A1612B798 for <tls@ietfa.amsl.com>; Wed, 21 Sep 2016 10:33:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.315
X-Spam-Level:
X-Spam-Status: No, score=-4.315 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-2.316] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=hs-offenburg.de
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QKy17clqzh6l for <tls@ietfa.amsl.com>; Wed, 21 Sep 2016 10:33:01 -0700 (PDT)
Received: from mx.hs-offenburg.de (mx.hs-offenburg.de [141.79.11.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 868DB12B76E for <tls@ietf.org>; Wed, 21 Sep 2016 10:33:00 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mx.hs-offenburg.de (Postfix) with ESMTP id 9A0B0E852B6 for <tls@ietf.org>; Wed, 21 Sep 2016 19:32:58 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=hs-offenburg.de; h=content-type:content-type:mime-version:in-reply-to:references :subject:subject:from:from:date:date:x-mailer:message-id :received:received:received; s=default; t=1474479178; x= 1475343179; bh=lM2dKAyr0i0tUkZu/9b+n59C83rV2EjGe+OkNCF/3Ho=; b=J EigqEmKcujL5dUd3a6Cy+TIBYOB/Zw2SvFR08oAJSCoMlfBJrERa9IDi05lbfn7r z7D4i4tjPr355r6K3fjyTDoO0uV0dndYBMmaR61xvvF3Cw4ApwoXJ7BHtNK9vTd1 u+U85QpJBtBUZKWDpEcv1dDK4v24LMayBXkAIbgW/g=
X-Virus-Scanned: amavisd-new at hs-offenburg.de
Received: from mx.hs-offenburg.de ([127.0.0.1]) by localhost (mx.hs-offenburg.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dKx62QaQ9Ao9 for <tls@ietf.org>; Wed, 21 Sep 2016 19:32:58 +0200 (CEST)
Received: from gwia2.rz.hs-offenburg.de (stud.hs-offenburg.de [141.79.10.30]) by mx.hs-offenburg.de (Postfix) with ESMTPS id B4609E852A7 for <tls@ietf.org>; Wed, 21 Sep 2016 19:32:56 +0200 (CEST)
Received: from gw_dom-gwia2-MTA by gwia2.rz.hs-offenburg.de with Novell_GroupWise; Wed, 21 Sep 2016 19:32:56 +0200
Message-Id: <57E2E068020000AC0011BFD4@gwia2.rz.hs-offenburg.de>
X-Mailer: Novell GroupWise Internet Agent 14.2.1
Date: Wed, 21 Sep 2016 19:32:56 +0200
From: "Andreas Walz" <andreas.walz@hs-offenburg.de>
To: <pgut001@cs.auckland.ac.nz>,<martin.thomson@gmail.com>
References: <57D2E218020000AC0011B17E@gwia2.rz.hs-offenburg.de> <20160909152901.9008C1A552@ld9781.wdf.sap.corp> <1473853106532.3256@cs.auckland.ac.nz> <57D96E34020000AC0011B73F@gwia2.rz.hs-offenburg.de> <57E25106020000AC0011BF3A@gwia2.rz.hs-offenburg.de> <CABkgnnX7X+21wjChxkW-uhd8WXAMyp5f1F74H5ja=1mui4POiQ@mail.gmail.com>, <57E272CB020000AC0011BF63@gwia2.rz.hs-offenburg.de> <1474473207998.35647@cs.auckland.ac.nz>
In-Reply-To: <1474473207998.35647@cs.auckland.ac.nz>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="=__Part4177F958.4__="
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/4GMSY9cQyvvBGVWpB23k3TqcjC4>
Cc: tls@ietf.org
Subject: [TLS] Antw: Re: Suspicious behaviour of TLS server implementations
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Sep 2016 17:33:05 -0000

>>> Peter Gutmann <pgut001@cs.auckland.ac.nz>; 21.09.16 17.54 Uhr >>>


> If you're writing a strict validating protocol parser than disconnecting in
> this case is a valid response, but if it's software that will be used by
> actual humans then failing a connect based on something like this makes no
> sense.


Wouldn't this argument apply to any "decode_error"?


Andi