Re: [TLS] Revision of draft-friedl-tls-applayerprotoneg posted
Yoav Nir <ynir@checkpoint.com> Thu, 07 February 2013 15:19 UTC
Return-Path: <ynir@checkpoint.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BF8F21F851F for <tls@ietfa.amsl.com>; Thu, 7 Feb 2013 07:19:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.489
X-Spam-Level:
X-Spam-Status: No, score=-10.489 tagged_above=-999 required=5 tests=[AWL=0.109, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2upCOdT0tH3m for <tls@ietfa.amsl.com>; Thu, 7 Feb 2013 07:19:05 -0800 (PST)
Received: from smtp.checkpoint.com (smtp.checkpoint.com [194.29.34.68]) by ietfa.amsl.com (Postfix) with ESMTP id CA0B021F84E6 for <tls@ietf.org>; Thu, 7 Feb 2013 07:19:04 -0800 (PST)
Received: from DAG-EX10.ad.checkpoint.com ([194.29.34.150]) by smtp.checkpoint.com (8.13.8/8.13.8) with ESMTP id r17FIxHv007348; Thu, 7 Feb 2013 17:19:00 +0200
X-CheckPoint: {5113C21B-0-1B221DC2-2FFFF}
Received: from IL-EX10.ad.checkpoint.com ([169.254.2.18]) by DAG-EX10.ad.checkpoint.com ([169.254.3.103]) with mapi id 14.02.0328.009; Thu, 7 Feb 2013 17:18:59 +0200
From: Yoav Nir <ynir@checkpoint.com>
To: "Stephan Friedl (sfriedl)" <sfriedl@cisco.com>
Thread-Topic: [TLS] Revision of draft-friedl-tls-applayerprotoneg posted
Thread-Index: Ac4EF3brTia13etfR2Sso99Nw3fbAABHbiqA
Date: Thu, 07 Feb 2013 15:18:58 +0000
Message-ID: <4613980CFC78314ABFD7F85CC30277211199E346@IL-EX10.ad.checkpoint.com>
References: <2AA4F2B7B0341A4CA4DAB10D4EDA0D7C12B65AB5@xmb-aln-x02.cisco.com>
In-Reply-To: <2AA4F2B7B0341A4CA4DAB10D4EDA0D7C12B65AB5@xmb-aln-x02.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [172.31.20.154]
x-kse-antivirus-interceptor-info: scan successful
x-kse-antivirus-info: Clean
Content-Type: multipart/alternative; boundary="_000_4613980CFC78314ABFD7F85CC30277211199E346ILEX10adcheckpo_"
MIME-Version: 1.0
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Revision of draft-friedl-tls-applayerprotoneg posted
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Feb 2013 15:19:06 -0000
Hi I support the adoption of this draft. I think it solves the problem of multiplexing multiple protocols on a single TLS-protected port. I prefer it to NPN for the following reasons: 1. It is a simpler solution - just another extension and a simple selection mechanism on the server. Implementing this would require less LoC in pretty much any implementation. 2. I do not believe that the choice of HTTP/1, HTTP/2 or various versions of SPDY (which should be experimental anyway) needs to be secret. The value space is small enough that whatever advantage an attacker might get by having the protocol revealed, can be gotten by trial and error as well. 3. More similar to existing TLS, so less surprises by proxies and middleware, so less need to fall back. 4. More friendly to middleware - TLS proxies that will anyway drop HTTP/2 can do so earlier. I realize some will not consider this an advantage… Reading through it, I have a few suggestions: I think there should be a special alert message to note that none of the applications are supported. Call it no_application_chosen, rather than use handshake_failure. I think the SPDY variants should be prefixed by exp and not registered by IANA Also, I think there should be a prefix for private protocols, not marked as experimental. For example, we could have it say P-author_identifier-name. So if Microsoft wanted to negotiate the sue of SSTP, they could mark it as P-MSFT-SSTP Yoav On Feb 6, 2013, at 5:09 AM, Stephan Friedl (sfriedl) <sfriedl@cisco.com<mailto:sfriedl@cisco.com>> wrote: Hello All, A revised version of ‘Transport Layer Security (TLS) Application Layer Protocol Negotiation Extension’ (draft-friedl-tls-applayerprotoneg-01) has been posted. This version includes a number of significant improvements to the original draft including: 1. Use of a single extension for both the ClientHello and ServerHello messages 2. Definition of ProtocolIdentifiers as opaque, non-empty byte strings and the list of protocols is serialized as a concatenation of 8-bit, length prefixed byte strings 3. Clarification of the suggested order of client-side ProtocolIdentifiers 4. Clarification that the server-side extension_data MUST contain exactly one ProtocolIdentifier 5. Should the server support none of the protocols advertised by the client, then the server SHALL respond with a ‘fatal handshake failure alert’. 6. Addition of Andrei Popov of Microsoft as a co-author These changes were largely proposed by Andrei and have greatly improved the draft. I would greatly appreciate any comments and feedback on the draft. Thanks and Best Wishes, Stephan
- [TLS] Revision of draft-friedl-tls-applayerproton… Stephan Friedl (sfriedl)
- Re: [TLS] Revision of draft-friedl-tls-applayerpr… Adam Langley
- Re: [TLS] Revision of draft-friedl-tls-applayerpr… Andrei Popov
- Re: [TLS] Revision of draft-friedl-tls-applayerpr… Yoav Nir
- Re: [TLS] Revision of draft-friedl-tls-applayerpr… Brian Raymor (MS OPEN TECH)