Re: [TLS] Wrapping up cached info

"Brian Smith" <brian@briansmith.org> Sun, 23 May 2010 21:40 UTC

Return-Path: <brian@briansmith.org>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 97B0A3A6D16 for <tls@core3.amsl.com>; Sun, 23 May 2010 14:40:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.463
X-Spam-Level:
X-Spam-Status: No, score=-0.463 tagged_above=-999 required=5 tests=[AWL=-0.464, BAYES_50=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id q1KJPGUHkqrv for <tls@core3.amsl.com>; Sun, 23 May 2010 14:40:56 -0700 (PDT)
Received: from mxout-08.mxes.net (mxout-08.mxes.net [216.86.168.183]) by core3.amsl.com (Postfix) with ESMTP id A70333A6D1C for <tls@ietf.org>; Sun, 23 May 2010 14:40:56 -0700 (PDT)
Received: from T60 (unknown [70.245.69.20]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id AD3D2509DB; Sun, 23 May 2010 17:40:42 -0400 (EDT)
From: "Brian Smith" <brian@briansmith.org>
To: "'Stefan Santesson'" <stefan@aaa-sec.com>, <tls@ietf.org>
References: <20100519165226.GG9605@oracle.com> <C819EB15.AF55%stefan@aaa-sec.com>
In-Reply-To: <C819EB15.AF55%stefan@aaa-sec.com>
Date: Sun, 23 May 2010 16:40:41 -0500
Message-ID: <003201cafac0$9a75d9c0$cf618d40$@briansmith.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Content-Language: en-us
Thread-Index: AQLQ7/4q/KLQVzxL8sxVWEl+M5k3YwIitPLtAc+v0M0=
Subject: Re: [TLS] Wrapping up cached info
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 23 May 2010 21:40:57 -0000

Stefan Santesson wrote:
> I will, provided that this seems acceptable still in a few days from now,
> write up a new draft that captures the changes which then hopefully can be
> ready for a WGLC.

There's another issue still. If the server sends the client an information
item X after the change cipher suite message, then the client must not send
a hash of that information item in its client hello message on another
connection, until it has verified the identity of the server on that second
connection. In other words, the client must ensure that it doesn't leak
information that would otherwise be confidential--including even certificate
messages and client certificate cipher suite messages that were received
over an encrypted connection.

Regards,
Brian