Re: [TLS] SCSV vs RI when both specified. Was: Updated draft
Marsh Ray <marsh@extendedsubset.com> Tue, 12 January 2010 16:31 UTC
Return-Path: <marsh@extendedsubset.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 00F663A6804 for <tls@core3.amsl.com>; Tue, 12 Jan 2010 08:31:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jf0vWi42A+Zd for <tls@core3.amsl.com>; Tue, 12 Jan 2010 08:31:24 -0800 (PST)
Received: from mho-01-ewr.mailhop.org (mho-01-ewr.mailhop.org [204.13.248.71]) by core3.amsl.com (Postfix) with ESMTP id DBDE928C0F2 for <tls@ietf.org>; Tue, 12 Jan 2010 08:31:23 -0800 (PST)
Received: from xs01.extendedsubset.com ([69.164.193.58]) by mho-01-ewr.mailhop.org with esmtpa (Exim 4.68) (envelope-from <marsh@extendedsubset.com>) id 1NUjeK-0009Je-RF; Tue, 12 Jan 2010 16:31:20 +0000
Received: from [127.0.0.1] (localhost [127.0.0.1]) by xs01.extendedsubset.com (Postfix) with ESMTP id 593EB6076; Tue, 12 Jan 2010 16:31:18 +0000 (UTC)
X-Mail-Handler: MailHop Outbound by DynDNS
X-Originating-IP: 69.164.193.58
X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/mailhop/outbound_abuse.html for abuse reporting information)
X-MHO-User: U2FsdGVkX1/G5Bz+1F/+6QyU0DQRtMrR2706XpcPxj4=
Message-ID: <4B4CA3D7.1020002@extendedsubset.com>
Date: Tue, 12 Jan 2010 10:31:19 -0600
From: Marsh Ray <marsh@extendedsubset.com>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: Steve Dispensa <dispensa@phonefactor.com>
References: <201001121440.o0CEe7k1026688@fs4113.wdf.sap.corp> <4B4C928C.5050105@extendedsubset.com> <D0E89820-41D3-4263-9427-0FA0166F8CFC@phonefactor.com>
In-Reply-To: <D0E89820-41D3-4263-9427-0FA0166F8CFC@phonefactor.com>
X-Enigmail-Version: 0.96.0
OpenPGP: id=1E36DBF2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: "Kemp David P." <DPKemp@missi.ncsc.mil>, tls@ietf.org
Subject: Re: [TLS] SCSV vs RI when both specified. Was: Updated draft
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Jan 2010 16:31:25 -0000
Steve Dispensa wrote: > > Now, of course, it's a client attack at that point, not a server attack, > so one might reasonably wonder whether it's the server's responsibility > to defend against it. If it were a buffer overflow in the client or server code, then it would be a client- or server-specific attack. In this case, it's doable with ordinary valid protocol structures and at least one case doesn't depend on the particulars of the implementation of either side. To me, that makes it a protocol attack. Turn it around: Consider the demonstrated attack where MitM renegotiated with the Twitter server and caused the user of the client to publicly tweet his own password. Just because it was the server which saw the renegotiation does that make it only the concern of the server? A year from now, will you be willing to conduct your online banking with an unpatched server on the logic that it's "not my responsibility"? Again, TLS is a general-purpose network data security protocol that's supposed to offer some basic guarantees. Any break in those guarantees is a break in the protocol. Whether or not the loss of any specific guarantee represents a significant problem for a specific party using some specific application layer protocol is irrelevent to the security analysis of TLS. - Marsh
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Marsh Ray
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Michael D'Errico
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Marsh Ray
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Michael D'Errico
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Martin Rex
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Steve Checkoway
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Blumenthal, Uri - 0662 - MITLL
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Steve Checkoway
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Blumenthal, Uri - 0662 - MITLL
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Steve Checkoway
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Martin Rex
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Blumenthal, Uri - 0662 - MITLL
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Pasi.Eronen
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Yoav Nir
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Blumenthal, Uri - 0662 - MITLL
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Martin Rex
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Marsh Ray
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Michael D'Errico
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Dr Stephen Henson
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Martin Rex
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Michael D'Errico
- Re: [TLS] SCSV vs RI when both specified - consen… Marsh Ray
- Re: [TLS] SCSV vs RI when both specified - consen… Nasko Oskov
- Re: [TLS] SCSV vs RI when both specified - consen… Marsh Ray
- Re: [TLS] SCSV vs RI when both specified - consen… Michael D'Errico
- Re: [TLS] SCSV vs RI when both specified - consen… Marsh Ray
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Blumenthal, Uri - 0662 - MITLL
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Yoav Nir
- Re: [TLS] SCSV vs RI when both specified - consen… Yoav Nir
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Marsh Ray
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Marsh Ray
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Kemp, David P.
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Blumenthal, Uri - 0662 - MITLL
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Ben Laurie
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Kemp, David P.
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Blumenthal, Uri - 0662 - MITLL
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Martin Rex
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Marsh Ray
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Martin Rex
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Steve Dispensa
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Kemp, David P.
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Marsh Ray
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Martin Rex
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Martin Rex
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Marsh Ray
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Marsh Ray
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Martin Rex
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Kemp, David P.
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Marsh Ray
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Martin Rex
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Marsh Ray
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Kyle Hamilton