IETF Logo Mail Archive

Re: [TLS] Working Group Last Call for draft-ietf-tls-downgrade-scsv-00

Watson Ladd <watsonbladd@gmail.com> Wed, 15 October 2014 19:02 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 05DCB1A9137 for <tls@ietfa.amsl.com>; Wed, 15 Oct 2014 12:02:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.999
X-Spam-Level:
X-Spam-Status: No, score=-3.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, GB_I_INVITATION=-2, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m-zK5o5IkyHK for <tls@ietfa.amsl.com>; Wed, 15 Oct 2014 12:02:52 -0700 (PDT)
Received: from mail-yh0-x235.google.com (mail-yh0-x235.google.com [IPv6:2607:f8b0:4002:c01::235]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 69B541A914C for <tls@ietf.org>; Wed, 15 Oct 2014 12:02:52 -0700 (PDT)
Received: by mail-yh0-f53.google.com with SMTP id b6so891105yha.12 for <tls@ietf.org>; Wed, 15 Oct 2014 12:02:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=LRFUOapUcOMK5hpYppnLX5dkUg+H+9GBU7AgUy4SZ1M=; b=cgUcpxylinj1xBY4MhAKeFcE6asvECVpHB5tm8n6obMXdFR9cy3lk+qUQLKOWXvyp1 CkO4qTGlYJWPmAyX5W8ZdR0OfsOK3cAnb6X7EVhA94VFYNgdjPY27KDLLw5F35ueky8T yygviSi2guKOw/BDsd9haMyUKsd6FddYE0o64vFnrMrSOyO3dI7fmcvyoGGzg4Gdu9iv pS2BDRUlhcIX3p1AUTDv4aRR54+Gpimj0mUgk2et2p8hVuiaJ1O4oHZtGn2GidPAcZO8 JrlmHAG6WKgpfUpxOMJOvXc5l0oD8PNcQcKah2uI9Axj16SjNrbtw2saTuhrae6P6gkd wZDA==
MIME-Version: 1.0
X-Received: by 10.236.103.170 with SMTP id f30mr12327605yhg.4.1413399771736; Wed, 15 Oct 2014 12:02:51 -0700 (PDT)
Received: by 10.170.195.149 with HTTP; Wed, 15 Oct 2014 12:02:51 -0700 (PDT)
Received: by 10.170.195.149 with HTTP; Wed, 15 Oct 2014 12:02:51 -0700 (PDT)
In-Reply-To: <20141015185216.EE6371AEDF@ld9781.wdf.sap.corp>
References: <543E2D81.1050700@redhat.com> <20141015185216.EE6371AEDF@ld9781.wdf.sap.corp>
Date: Wed, 15 Oct 2014 12:02:51 -0700
Message-ID: <CACsn0ckB59AQHOQcgrjst4FM4zdwxhD0_DsuCCVE+=dUhohGww@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: mrex@sap.com
Content-Type: multipart/alternative; boundary="001a113321ae51f0a005057ac75b"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/8Pizq5qNlyWWZxKBh8gOmfU_Ut8
Cc: Florian Weimer <fweimer@redhat.com>, tls@ietf.org
Subject: Re: [TLS] Working Group Last Call for draft-ietf-tls-downgrade-scsv-00
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Oct 2014 19:02:55 -0000

On Oct 15, 2014 11:52 AM, "Martin Rex" <mrex@sap.com> wrote:
>
> Florian Weimer wrote:
> > Joseph Salowey (jsalowey) wrote:
> >>
> >> This is an announcement for the working group last call for
> >> draft-ietf-tls-downgrade-scsv-00.  Please review the document
> >> and send your comments to the list by Friday, October 17, 2014.
> >
> > I'm strongly against this proposal.
>
> I'm also strongly opposed to this proposal, because it does not provide
> any value--there is not one single *additional* TLS handshake that it
> will make succeed, instead, the only thing that this proposal will
> provide is either zero benefit or fatal interop failure, i.e. it
> if there is any result from it it will be headaches to users, sysadmins
> and helpdesks.
>
> This proposal is as far opposite from the spirit of the IETF as
> one can possibly get.
>
>
> What we would need instead of this proposal, is one that will
>
>   (1) make more TLS handshakes succeed
>
>   (2) make more TLS handshakes succeed with new protocol features
>
>   (3) make more TLS handshakes succeed with new protocol features
>       for regular app clients that do not have re-connect fallback in
place,
>       and _without_ interfering with conservative ClientHellos that these
>       clients use to maintain interop with old, "broken" servers out
there.
>
>
> The "downgrade-scsv" has the effective semantics of
> "kick me if you can read this", which is pretty silly on my scorecard.
>
>
> A reasonable alternative SCSV would have the semantics
> "Dear Server, I'm a new, full-featured client and would really like
> to send you a full-featured ClientHello, but didn't dare doing as
> the first message on the connection because of all the old broken
> servers out there which choke on feature-rich ClientHellos".
>
> And a new Server's response to such an SCSV should be to
> respond with a ServerHello+ServerHelloDone which carries the SCSV
> in the ServerHello.cipher_suite = SCSV, which the client will
> recognize and understand as an invitation to send the desired
> full-featured ClientHello (on the very same existing connection
> transparently).

This proposal looks to me to be clearly better theoretically. It's more
robust in the face of transient network issues. OTOH, if the practical
difference is minor, I'd rather get done sooner than later. I'm also by no
means knowledgeable about the impact on stateful firewalls expecting to see
TLS with a particular flow, or if this even is an issue.
>
>
> -Martin
>
> _______________________________________________
> TLS mailing list
>TLS@ietf.org
>https://www.ietf.org/mailman/listinfo/
<https://www.ietf.org/mailman/listinfo/tls>tls

v2.23.0 | Report a Bug | By Email