Re: [TLS] Suspicious behaviour of TLS server implementations
Ilari Liusvaara <ilariliusvaara@welho.com> Thu, 22 September 2016 06:54 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C9C412B137 for <tls@ietfa.amsl.com>; Wed, 21 Sep 2016 23:54:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.216
X-Spam-Level:
X-Spam-Status: No, score=-4.216 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-2.316] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LEYZFbfbTCaw for <tls@ietfa.amsl.com>; Wed, 21 Sep 2016 23:54:51 -0700 (PDT)
Received: from welho-filter1.welho.com (welho-filter1.welho.com [83.102.41.23]) by ietfa.amsl.com (Postfix) with ESMTP id CE64712B927 for <tls@ietf.org>; Wed, 21 Sep 2016 23:54:46 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by welho-filter1.welho.com (Postfix) with ESMTP id 679E011020 for <tls@ietf.org>; Thu, 22 Sep 2016 09:54:45 +0300 (EEST)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp2.welho.com ([IPv6:::ffff:83.102.41.85]) by localhost (welho-filter1.welho.com [::ffff:83.102.41.23]) (amavisd-new, port 10024) with ESMTP id EHLuitbT62w6 for <tls@ietf.org>; Thu, 22 Sep 2016 09:54:45 +0300 (EEST)
Received: from LK-Perkele-V2 (87-100-237-87.bb.dnainternet.fi [87.100.237.87]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by welho-smtp2.welho.com (Postfix) with ESMTPSA id 2459727B for <tls@ietf.org>; Thu, 22 Sep 2016 09:54:45 +0300 (EEST)
Date: Thu, 22 Sep 2016 09:54:41 +0300
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: tls@ietf.org
Message-ID: <20160922065441.GA26434@LK-Perkele-V2.elisa-laajakaista.fi>
References: <57D2E218020000AC0011B17E@gwia2.rz.hs-offenburg.de> <20160909152901.9008C1A552@ld9781.wdf.sap.corp> <1473853106532.3256@cs.auckland.ac.nz> <57D96E34020000AC0011B73F@gwia2.rz.hs-offenburg.de> <57E25106020000AC0011BF3A@gwia2.rz.hs-offenburg.de> <CABkgnnX7X+21wjChxkW-uhd8WXAMyp5f1F74H5ja=1mui4POiQ@mail.gmail.com> <57E272CB020000AC0011BF63@gwia2.rz.hs-offenburg.de> <1474473207998.35647@cs.auckland.ac.nz> <CABkgnnWUwPeSeLBO8OyvKmb6MBBfNxPWEXw59_Kzkuby-WqDNQ@mail.gmail.com> <1474521100084.53938@cs.auckland.ac.nz>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <1474521100084.53938@cs.auckland.ac.nz>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/5wCrceOt2WCOgNpCT5If57XUHpY>
Subject: Re: [TLS] Suspicious behaviour of TLS server implementations
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Sep 2016 06:54:53 -0000
On Thu, Sep 22, 2016 at 05:11:39AM +0000, Peter Gutmann wrote: > Martin Thomson <martin.thomson@gmail.com> writes: > > >The advantage with deploying a new protocol is that you can be strict. If, > >for example, all of the browsers implement TLS 1.3 and are strict, then > >Amazon won't be able to deploy a buggy 1.3 implementation without noticing > >pretty quickly. You might suggest that that's aspiration to the point of > >delusion, but in fact it worked out pretty well with HTTP/2 deployment. We > >didn't squash ALL of the nasty bugs, but we got most of them. > > It also means you're going to be in for a rude shock when you encounter the > ocean of embedded/SCADA/IoT devices with non-mainstream TLS implementations. That did not check for interop with any mainstream TLS library? Also, code to "recover" tends to introduce security issues if used in security protocols. Just because I don't have to deal with simple bugs like buffer overflows leading to RCE or data races does not mean I can do whatever I want and expect the code to have low number of security issues. The existing stuff is way more than enough. (Just fixed a bug where NotBefore/NotAfter of dedicated OCSP responder certificate were not validated... Not related to recovery in any way, but still some special code). > The reason why HTTP/2 "works" is that it essentially forked HTTP, HTTP/2 for > Google, Amazon, etc, and the browser vendors, and HTTP 1.1 for everything > else that uses HTTP as its universal substrate. As a result there will be > two versions of HTTP in perpetuity, HTTP 1.1 and HTTP-whatever-the-current- > version-is. Well, the problem you encounter first with HTTP/2 is that it really dislikes unencrypted operation. Which impiles you pretty much need encryption. Which impiles you pretty much need the WebPKI certificate model... Which tends to be poor match for anything except named servers on the internet, which tends not be suitable for IoT stuff... > (Should I mention TLS-LTS here? :-). Ugh... -Ilari
- [TLS] Suspicious behaviour of TLS server implemen… Andreas Walz
- Re: [TLS] Suspicious behaviour of TLS server impl… Martin Rex
- Re: [TLS] Suspicious behaviour of TLS server impl… Martin Thomson
- [TLS] Antw: Re: Suspicious behaviour of TLS serve… Andreas Walz
- Re: [TLS] Suspicious behaviour of TLS server impl… Hubert Kario
- Re: [TLS] Suspicious behaviour of TLS server impl… Peter Gutmann
- Re: [TLS] Suspicious behaviour of TLS server impl… Andreas Walz
- Re: [TLS] Suspicious behaviour of TLS server impl… Hubert Kario
- Re: [TLS] Suspicious behaviour of TLS server impl… Andreas Walz
- Re: [TLS] Suspicious behaviour of TLS server impl… Martin Thomson
- Re: [TLS] Suspicious behaviour of TLS server impl… Andreas Walz
- Re: [TLS] Suspicious behaviour of TLS server impl… Hubert Kario
- Re: [TLS] Suspicious behaviour of TLS server impl… Peter Gutmann
- Re: [TLS] Suspicious behaviour of TLS server impl… Ilari Liusvaara
- [TLS] Antw: Re: Suspicious behaviour of TLS serve… Andreas Walz
- Re: [TLS] Suspicious behaviour of TLS server impl… Martin Thomson
- Re: [TLS] Antw: Re: Suspicious behaviour of TLS s… Peter Gutmann
- Re: [TLS] Suspicious behaviour of TLS server impl… Peter Gutmann
- Re: [TLS] Suspicious behaviour of TLS server impl… Yoav Nir
- Re: [TLS] Suspicious behaviour of TLS server impl… Ilari Liusvaara
- Re: [TLS] Suspicious behaviour of TLS server impl… Hubert Kario
- [TLS] Antw: Re: Antw: Re: Suspicious behaviour of… Andreas Walz
- Re: [TLS] Antw: Re: Antw: Re: Suspicious behaviou… Viktor Dukhovni
- Re: [TLS] Antw: Re: Antw: Re: Suspicious behaviou… Martin Thomson
- Re: [TLS] Suspicious behaviour of TLS server impl… Peter Gutmann
- Re: [TLS] Suspicious behaviour of TLS server impl… Peter Gutmann
- Re: [TLS] Antw: Re: Antw: Re: Suspicious behaviou… Peter Gutmann
- Re: [TLS] Antw: Re: Antw: Re: Suspicious behaviou… Hubert Kario
- Re: [TLS] Antw: Re: Antw: Re: Suspicious behaviou… Christian Huitema
- Re: [TLS] Antw: Re: Antw: Re: Suspicious behaviou… Andrei Popov