Re: [TLS] Rizzo claims implementation attach, should be interesting

Eric Rescorla <ekr@rtfm.com> Tue, 20 September 2011 03:47 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9E1021F8B08 for <tls@ietfa.amsl.com>; Mon, 19 Sep 2011 20:47:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.903
X-Spam-Level:
X-Spam-Status: No, score=-102.903 tagged_above=-999 required=5 tests=[AWL=0.074, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BqKhH6eYWgOl for <tls@ietfa.amsl.com>; Mon, 19 Sep 2011 20:47:23 -0700 (PDT)
Received: from mail-wy0-f172.google.com (mail-wy0-f172.google.com [74.125.82.172]) by ietfa.amsl.com (Postfix) with ESMTP id 0E3F121F8AFF for <tls@ietf.org>; Mon, 19 Sep 2011 20:47:22 -0700 (PDT)
Received: by wyg24 with SMTP id 24so99411wyg.31 for <tls@ietf.org>; Mon, 19 Sep 2011 20:49:47 -0700 (PDT)
Received: by 10.227.165.202 with SMTP id j10mr326532wby.18.1316490587228; Mon, 19 Sep 2011 20:49:47 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.227.55.82 with HTTP; Mon, 19 Sep 2011 20:49:27 -0700 (PDT)
In-Reply-To: <4E77FAF6.90707@extendedsubset.com>
References: <201109200053.p8K0r5Pv012913@fs4113.wdf.sap.corp> <4E77FAF6.90707@extendedsubset.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Mon, 19 Sep 2011 20:49:27 -0700
Message-ID: <CABcZeBM5CK2Tdr3v5662DfKtzPvRHntPRQsAwzz3JaeNtHBrKw@mail.gmail.com>
To: Marsh Ray <marsh@extendedsubset.com>
Content-Type: text/plain; charset=ISO-8859-1
Cc: Steingruebl Andy <asteingruebl@paypal-inc.com>, tls@ietf.org
Subject: Re: [TLS] Rizzo claims implementation attach, should be interesting
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Sep 2011 03:47:23 -0000

On Mon, Sep 19, 2011 at 7:31 PM, Marsh Ray <marsh@extendedsubset.com> wrote:
> Does anyone believe there would be support for a TLS 1.0 Hello extension
> that could compatibly negotiate the use of empty messages in each direction
> as a mitigation for this attack?

The difference between TLS 1.0 and TLS 1.1 is so slight that if TLS
1.1 is indeed
immune it would probably be easier to just have servers upgrade to 1.1.

-Ekr