IETF Logo Mail Archive

Re: [TLS] Next Protocol Negotiation 03

Wan-Teh Chang <wtc@google.com> Tue, 22 May 2012 00:13 UTC

Return-Path: <wtc@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3659621F854A for <tls@ietfa.amsl.com>; Mon, 21 May 2012 17:13:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.977
X-Spam-Level:
X-Spam-Status: No, score=-102.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lDDmNmCRduMR for <tls@ietfa.amsl.com>; Mon, 21 May 2012 17:12:59 -0700 (PDT)
Received: from mail-gh0-f172.google.com (mail-gh0-f172.google.com [209.85.160.172]) by ietfa.amsl.com (Postfix) with ESMTP id 9ECA021F84FD for <tls@ietf.org>; Mon, 21 May 2012 17:12:59 -0700 (PDT)
Received: by ghbg16 with SMTP id g16so700144ghb.31 for <tls@ietf.org>; Mon, 21 May 2012 17:12:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding:x-system-of-record; bh=sBDm37CtCj4xnyWimC+t1FPbYsgE2BHt3XQU03672Ic=; b=NneMBXn+nSI4vpKAXa3DXpdB7lITYsviigJAUpoHamfc9J9dz8X9iggMVse2puETcQ oNpqpSzawneV5hQbsSGFX5dUnWxoVQ/+Im2ZlkLKaWFmR8lxUAOXSL6ClVy6iHmn3KFe zCHsglMIRkYNEnnnfFjPNsPP8Pl5aeF8824EmSnWu480oSGOWizlgEcvbmc/1sLoo6pG 3jBVFxp5gPgYqx+W1i+8RuqVc5hLxyG7/5tMgnl6c2R8F+c/PMbf8/9hrpbA3qRuQAkh +UKkNAguAm1UT99VQSCtg1LNkwp3yIh91yuGkpp+mVb5beUadcQ2xk+qyF94Yu68kw66 QSqw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding:x-system-of-record :x-gm-message-state; bh=sBDm37CtCj4xnyWimC+t1FPbYsgE2BHt3XQU03672Ic=; b=DPqxJUMtUVdr/lHCQ6OgrtPwfSZyd5OocPWe2BVhoX7HY5Eu/EcyEzEPaErL7gu5zQ E0TUfURNzzT1wn8qGQQ7LYdbObGQVvgco2KL2HMCJtngsRT+VXOZIOPYhr3kEbbsgfIN FbkWJ6WuNIsxGg8EoC4CPvS3s1ZmapR5gtCfDp3IAwpxEOM7r6hA3Hi1aKzqhd6KMVX5 Qo0wonSp5UYHeXxDScn+ZMYbi/13RADTNDPEY7E8RdWYylgPaZCunjSltgHQR1dGi7bL z0JFkkQq8cAWlkSfymQQ9kk2ke2a9Jm/Y4ziiJbs7IpHSMAfXnVPh4MEFNG5RDggzU9G IClQ==
Received: by 10.50.94.133 with SMTP id dc5mr8165943igb.16.1337645578778; Mon, 21 May 2012 17:12:58 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.50.94.133 with SMTP id dc5mr8165934igb.16.1337645578630; Mon, 21 May 2012 17:12:58 -0700 (PDT)
Received: by 10.231.122.204 with HTTP; Mon, 21 May 2012 17:12:58 -0700 (PDT)
In-Reply-To: <4FBAC851.8090305@extendedsubset.com>
References: <4F9981FC.4000205@extendedsubset.com> <201204261721.q3QHL0lA014062@fs4113.wdf.sap.corp> <CAL9PXLwkMqyaSfDLssGH_oT5gHFeV2s64v-gTiYFH+dSq9ZvAQ@mail.gmail.com> <CAL9PXLyX0NKtjK4DcmSq-J3X3yNhNm2BUC3HPLbpEALzR0NmYg@mail.gmail.com> <4FBAC851.8090305@extendedsubset.com>
Date: Mon, 21 May 2012 17:12:58 -0700
Message-ID: <CALTJjxH-w1Xc_-oFLLX_SYYwTxJxpVu=J6+oJDUCG5SxJ70WFA@mail.gmail.com>
From: Wan-Teh Chang <wtc@google.com>
To: Marsh Ray <marsh@extendedsubset.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
X-System-Of-Record: true
X-Gm-Message-State: ALoCoQmQjDOrjKPLMsEvn8MspLt7nzRhVlyYjdA6oboDKF1yWTdrEOjBD2N0WL4iFC53QbABhLxkVGm752kkMCmSMxWsZ19mbznF6cXd7WaP7Q/SQjItDZUqjnIgFMjoBR56hFD5NkQR
Cc: Adam Langley <agl@chromium.org>, tls@ietf.org
Subject: Re: [TLS] Next Protocol Negotiation 03
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 May 2012 00:13:00 -0000

On Mon, May 21, 2012 at 3:57 PM, Marsh Ray <marsh@extendedsubset.com> wrote:
> On 05/21/2012 04:36 PM, Adam Langley wrote:
>>
>> On Thu, Apr 26, 2012 at 1:29 PM, Adam Langley<agl@chromium.org>  wrote
>>>
>>> So, in short, "still thinking".
>>
>>
>> I've respun the draft in order to change the NextProtocol message into
>> an EncryptedExtensions message which has the same format as the
>> extension block in the hello messages. Everything else is the same.
>>
>> This allows the client's protocol selection to remain under
>> encryption. The server's list of protocols is still in the clear, but
>> that can be fixed via an orthogonal change like Marsh's encrypted
>> handshake.
>>
>> https://tools.ietf.org/html/draft-agl-tls-nextprotoneg-04
>
> That's seems like a cleaner version of the same approach.

Yes.  The EncryptedExtensions handshake message can also be used by
other extensions that are negotiated in a three-step, half-encrypted
manner.  It avoids a proliferation of new handshake messages for these
extensions and the need to specify an order between them.

> Now we can drop the parenthesis in "NP(N)"!

Could you explain the different between "NPN" and "NP(N)"?  Thanks.

> If it's intended to be usable by more than just NPN, perhaps it should be
> described in a separate document?

I agree.

Wan-Teh

v2.23.0 | Report a Bug | By Email