Re: [TLS] Last Call: <draft-ietf-tls-ssl2-must-not-03.txt>

Sean Turner <turners@ieca.com> Fri, 03 December 2010 20:26 UTC

Return-Path: <turners@ieca.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 789FA28C0DC for <tls@core3.amsl.com>; Fri, 3 Dec 2010 12:26:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.273
X-Spam-Level:
X-Spam-Status: No, score=-102.273 tagged_above=-999 required=5 tests=[AWL=0.325, BAYES_00=-2.599, UNPARSEABLE_RELAY=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mkWoIOyeXSB2 for <tls@core3.amsl.com>; Fri, 3 Dec 2010 12:26:00 -0800 (PST)
Received: from nm2-vm0.bullet.mail.ne1.yahoo.com (nm2-vm0.bullet.mail.ne1.yahoo.com [98.138.91.39]) by core3.amsl.com (Postfix) with SMTP id 610083A6995 for <tls@ietf.org>; Fri, 3 Dec 2010 12:26:00 -0800 (PST)
Received: from [98.138.90.51] by nm2.bullet.mail.ne1.yahoo.com with NNFMP; 03 Dec 2010 20:27:15 -0000
Received: from [98.138.89.253] by tm4.bullet.mail.ne1.yahoo.com with NNFMP; 03 Dec 2010 20:27:15 -0000
Received: from [127.0.0.1] by omp1045.mail.ne1.yahoo.com with NNFMP; 03 Dec 2010 20:27:15 -0000
X-Yahoo-Newman-Id: 790199.89652.bm@omp1045.mail.ne1.yahoo.com
Received: (qmail 9206 invoked from network); 3 Dec 2010 20:27:15 -0000
Received: from thunderfish.local (turners@71.191.10.69 with plain) by smtp113.biz.mail.mud.yahoo.com with SMTP; 03 Dec 2010 12:27:15 -0800 PST
X-Yahoo-SMTP: ZrP3VLSswBDL75pF8ymZHDSu9B.vcMfDPgLJ
X-YMail-OSG: 4PA1aIUVM1lHreLUOlU23rQr2tKjd.YYCszI69xxiofUBHB Ni4tmmsdAy0DnpRxrY0XMpuDTHCL2uF..G23t8evW3JhPsDPtlzgxDgyvSRs SAL9LvqDYPvI2c0.QKzLcDiRXcvJFVnFy_A7OO0CTNjqNFvkSTn8kfsdxDQl XPPrC3dCEWwIRx.0QJYI6.bPMTusR.YNmSLGjeeacjRNWYkaOktahR_95gts 3WtYrfLwqGz038vNbQDkvJGhRJo4_Va.qshrQQgi2TC2dOr.dZCAfZ7yWnRc cKSrBQntmcVBEi4tZze32kXGJnX7fveb9207aortvPYe1gv04rMpXB7bRlMH 94Us9G.ynKRK4
X-Yahoo-Newman-Property: ymail-3
Message-ID: <4CF952A2.2070904@ieca.com>
Date: Fri, 03 Dec 2010 15:27:14 -0500
From: Sean Turner <turners@ieca.com>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.12) Gecko/20101027 Lightning/1.0b2 Thunderbird/3.1.6
MIME-Version: 1.0
To: mrex@sap.com, Glen Zorn <gwz@net-zen.net>
References: <201012031958.oB3JweOg015633@fs4113.wdf.sap.corp>
In-Reply-To: <201012031958.oB3JweOg015633@fs4113.wdf.sap.corp>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: tls@ietf.org, ietf@ietf.org
Subject: Re: [TLS] Last Call: <draft-ietf-tls-ssl2-must-not-03.txt>
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Dec 2010 20:26:03 -0000

On 12/3/10 2:58 PM, Martin Rex wrote:
> Glen Zorn wrote:
>>
>> Martin Rex wrote:
>>>
>>> Glen Zorn wrote:
>>>>
>>>> Maybe I just don't understand the word "use".  It seems like if a
>>>> server accepts a protocol message it's using the protocol...
>>>
>>> With "negotiate" I meant returning a ServerHello handshake message with
>>> that version number (neither an SSL 2.0 SERVER-HELLO, nor an SSLv3
>>> ServerHello with a server version of { 0x02,0x00 }).
>>>
>>> With "use" I meant to successfully complete the handshake and start
>>> exchanging application data protected under protocol version
>>> {0x02,0x00}.
>>
>> Maybe you could spell these things out in the draft just as you have above?
>
> I'm sorry, my explanations were misleading.  I explained what I meant
> when I wrote these statements that ended up in the document.
>
>    http://www.ietf.org/mail-archive/web/tls/current/msg07091.html
>
> The author/editor of this I-D is Sean Turner.

I've got no problem with providing additional clarifying text.  How 
about we add the following (some minor tweaks to what you suggested) to 
explain what we mean by use and negotiate (send seems clear):

"negotiate" means returning a ServerHello handshake message with that 
version number (neither an SSL 2.0 SERVER-HELLO, nor an SSLv3 
ServerHello with a server version of { 0x02,0x00 }).

"use" means to successfully complete the handshake and start exchanging 
application data protected under protocol version {0x02,0x00}.

spt