IETF Logo Mail Archive

Re: [TLS] First TLS cached information draft posted

Simon Josefsson <simon@josefsson.org> Tue, 09 June 2009 14:19 UTC

Return-Path: <simon@josefsson.org>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3F4473A6A51 for <tls@core3.amsl.com>; Tue, 9 Jun 2009 07:19:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZSDWbauTl8Yj for <tls@core3.amsl.com>; Tue, 9 Jun 2009 07:19:24 -0700 (PDT)
Received: from yxa-v.extundo.com (yxa-v.extundo.com [83.241.177.39]) by core3.amsl.com (Postfix) with ESMTP id 2C5A03A6996 for <TLS@ietf.org>; Tue, 9 Jun 2009 07:19:23 -0700 (PDT)
Received: from mocca.josefsson.org (c80-216-24-60.bredband.comhem.se [80.216.24.60]) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5) with ESMTP id n59EJQKC004785 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Tue, 9 Jun 2009 16:19:28 +0200
From: Simon Josefsson <simon@josefsson.org>
To: martin.rex@sap.com
References: <87fxe9ki6m.fsf@mocca.josefsson.org> <200906091347.n59DlYva003622@fs4113.wdf.sap.corp>
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
X-Hashcash: 1:22:090609:martin.rex@sap.com::N7KqrLrrppUeIr5R:N4g
X-Hashcash: 1:22:090609:tls@ietf.org::JcoQ+wWcjrgvYoyp:KMQH
Date: Tue, 09 Jun 2009 16:19:26 +0200
In-Reply-To: <200906091347.n59DlYva003622@fs4113.wdf.sap.corp> (Martin Rex's message of "Tue, 9 Jun 2009 15:47:34 +0200 (MEST)")
Message-ID: <87ws7lfq1d.fsf@mocca.josefsson.org>
User-Agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.0.94 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: TLS@ietf.org
Subject: Re: [TLS] First TLS cached information draft posted
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jun 2009 14:19:25 -0000

Martin Rex <Martin.Rex@sap.com> writes:

> It might be sensible for the client to manage cache entries based
> on several attributes, and in particular distuigish also by the
> "server name" as used in the TLS extension "Server name indication"
> in order to support TLS-compatible virtual hosting.

That is a good point, and it would help implementers to make this
explicit.  Stefan, how about adding a sentence to explain this?  After
this paragraph

   Clients MAY include an extension of type "cached_information" in the
   (extended) client hello, which SHALL contain at least one
   CachedObject as specified in section 2.

you could add

   Clients MAY need the ability to cache different values depending on
   other information in the Client Hello that modify what values the
   server uses, in particular the Server Name Indication [RFC4366]
   value.

If XML source is available, I could send you a patch. ;)

Thanks,
/Simon

v2.23.0 | Report a Bug | By Email