Re: [TLS] Minutes from Tuesday
mrex@sap.com (Martin Rex) Tue, 21 October 2014 15:05 UTC
Return-Path: <mrex@sap.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2CB2F1A8740 for <tls@ietfa.amsl.com>; Tue, 21 Oct 2014 08:05:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.551
X-Spam-Level:
X-Spam-Status: No, score=-6.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ic-7NbE1Cehl for <tls@ietfa.amsl.com>; Tue, 21 Oct 2014 08:05:39 -0700 (PDT)
Received: from smtpde01.smtp.sap-ag.de (smtpde01.smtp.sap-ag.de [155.56.68.170]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89EC81A873F for <tls@ietf.org>; Tue, 21 Oct 2014 08:05:39 -0700 (PDT)
Received: from mail05.wdf.sap.corp (mail05.sap.corp [194.39.131.55]) by smtpde01.smtp.sap-ag.de (Postfix) with ESMTPS id 116B254D01; Tue, 21 Oct 2014 17:05:36 +0200 (CEST)
Received: from ld9781.wdf.sap.corp (ld9781.wdf.sap.corp [10.21.82.193]) by mail05.wdf.sap.corp (Postfix) with ESMTP id E163A41728; Tue, 21 Oct 2014 17:05:36 +0200 (CEST)
Received: by ld9781.wdf.sap.corp (Postfix, from userid 10159) id DA17C1AEFE; Tue, 21 Oct 2014 17:05:36 +0200 (CEST)
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C71D3A8C4AA6@USMBX1.msg.corp.akamai.com>
To: "Salz, Rich" <rsalz@akamai.com>
Date: Tue, 21 Oct 2014 17:05:36 +0200
X-Mailer: ELM [version 2.4ME+ PL125 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20141021150536.DA17C1AEFE@ld9781.wdf.sap.corp>
From: mrex@sap.com
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/9w6WQ5TKZbKfoq6gM0DLETHjaHo
Cc: "TLS@ietf.org (tls@ietf.org)" <tls@ietf.org>
Subject: Re: [TLS] Minutes from Tuesday
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: mrex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Oct 2014 15:05:45 -0000
Salz, Rich wrote: > > Bodo slides are at https://github.com/tlswg/wg-materials/blob/master/20141021_interim/TLS_FALLBACK_SCSV_IETF_TLS_Interim_Oct_2014.pdf Based on list feedback, going to add some clarifications (no changes to the mechanism). False start I-D needs to be updated since attacker can force a version; Bodo to do that. Discussion of distinguishing between TCP reset (in FF) and version intolerance. Discussion of when to 'guess' failure is transient or version intolerance. Need to add some guidance to the I-D: mixing SCSV and version-intolerant servers will cause a pain. Sean went through issues raised on mailing list. The current fallback-scsv is embarrassing. Rather than aborthing the TLS handshake, the server ought to include a TLS extension in the ServerHello indicating that he recognized a potentially inappropriate fallback and otherwise continue the TLS handshake in the regular fashion, leaving the decision of whether&how to continue entirely up to those clients who do perform insecure fallbacks. This would also allow clients (browsers probably) to gather real data on potentially incorrect fallbacks, rather than have users face random connection failures. Connection failures for singular object may appear easy to identify, but if it affects only small objects within complex pages, the underlying cause of problems may be hard to identify. And it would then be a decision of the (fallback-performing) clients whether and when to start hard-failing, once they've sorted out their connection management and figured out how to deal with false positives in their fallback heuristics. -Martin
- Re: [TLS] Minutes from Tuesday Martin Rex
- [TLS] Minutes from Tuesday Salz, Rich
- Re: [TLS] Minutes from Tuesday Bodo Moeller
- Re: [TLS] Minutes from Tuesday Bodo Moeller
- Re: [TLS] Minutes from Tuesday Bodo Moeller
- Re: [TLS] Minutes from Tuesday Marsh Ray
- Re: [TLS] Minutes from Tuesday Adam Langley
- Re: [TLS] Minutes from Tuesday Salz, Rich
- Re: [TLS] Minutes from Tuesday Florian Weimer
- Re: [TLS] Minutes from Tuesday Martin Rex
- Re: [TLS] Minutes from Tuesday Bodo Moeller
- Re: [TLS] Minutes from Tuesday Martin Rex
- Re: [TLS] Minutes from Tuesday Manuel Pégourié-Gonnard
- Re: [TLS] Minutes from Tuesday Bodo Moeller
- Re: [TLS] Minutes from Tuesday Martin Rex
- Re: [TLS] Minutes from Tuesday Bodo Moeller
- Re: [TLS] Minutes from Tuesday Brian Smith