IETF Logo Mail Archive

Re: [TLS] inappropriate_fallback

"Short, Todd" <tshort@akamai.com> Thu, 09 August 2018 14:09 UTC

Return-Path: <tshort@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C1AFD12F1A2 for <tls@ietfa.amsl.com>; Thu, 9 Aug 2018 07:09:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.71
X-Spam-Level:
X-Spam-Status: No, score=-2.71 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Clyp1xHqEVgY for <tls@ietfa.amsl.com>; Thu, 9 Aug 2018 07:09:05 -0700 (PDT)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8BBB61277C8 for <tls@ietf.org>; Thu, 9 Aug 2018 07:09:05 -0700 (PDT)
Received: from pps.filterd (m0122330.ppops.net [127.0.0.1]) by mx0b-00190b01.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w79E8FIF006418 for <tls@ietf.org>; Thu, 9 Aug 2018 15:09:04 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=jan2016.eng; bh=MGNDDIG4TdxmQRfDYPhdOsXejWDwE2qAh/tS+Tb5y0Y=; b=I6/QOLl0Oi088Hy2XKCUtK7OzGDdI9C1KpZ516aSvrzjvlTtskjZg/FwzPwroA9Lbirw 4F9ikeofaM+I+k8coI+JROh2YRR+CcCE0W59TSpzQi55FLgbyOEZChhyh1T4hTeNFXyG SXcpOwOCbT/ilgjLehj0vTor6lJX+w0luPYdu+7woelr+uUdv6vzJfB/Dnr1P5QDVcGq XKCH6ku00JTiH84PlxFio7mlg9AeNGAVxwLsgJsJj6A8hjNSd1PB841WrQxOKSYVVWjv rf+kBIlvSWQuAAkWX2s4gKaDxqsIvJdKqjEPBjLPY/yAqUKMg2WoiRQlxHAIVq/+DG8O Mw==
Received: from prod-mail-ppoint1 (prod-mail-ppoint1.akamai.com [184.51.33.18]) by mx0b-00190b01.pphosted.com with ESMTP id 2kqww5bts1-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <tls@ietf.org>; Thu, 09 Aug 2018 15:09:04 +0100
Received: from pps.filterd (prod-mail-ppoint1.akamai.com [127.0.0.1]) by prod-mail-ppoint1.akamai.com (8.16.0.21/8.16.0.21) with SMTP id w79E53a0023128 for <tls@ietf.org>; Thu, 9 Aug 2018 10:09:03 -0400
Received: from email.msg.corp.akamai.com ([172.27.123.30]) by prod-mail-ppoint1.akamai.com with ESMTP id 2kn7furmhx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <tls@ietf.org>; Thu, 09 Aug 2018 10:09:03 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb4.msg.corp.akamai.com (172.27.123.104) with Microsoft SMTP Server (TLS) id 15.0.1365.1; Thu, 9 Aug 2018 10:09:02 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1365.000; Thu, 9 Aug 2018 10:09:02 -0400
From: "Short, Todd" <tshort@akamai.com>
To: "<tls@ietf.org>" <tls@ietf.org>
Thread-Topic: [TLS] inappropriate_fallback
Thread-Index: AQHULxh75kG8k7OPYk+Jc40sIvbVU6S2GmWAgAABSwCAAAVYAIAAAeqAgAACqoCAAAEfAIABLiYAgABINICAAAifgIAAAZcAgAASnYA=
Date: Thu, 09 Aug 2018 14:09:02 +0000
Message-ID: <084E22DD-9B7E-4F68-A0F9-AE17CD1830A6@akamai.com>
References: <2fd24f64-bee5-18ed-cf0d-0fc999add395@openssl.org> <20180808132151.GQ28516@akamai.com> <4fe1cef1-2dd2-3838-9019-a97dd4dbe776@openssl.org> <CABcZeBM2Fmo03S=acb=ouZcyV=5-H5dV3is6TJjAJj-SDeRmBw@mail.gmail.com> <b18313b5-ca58-cf66-be72-46ad9ffb4ae0@openssl.org> <20180808140159.GR28516@akamai.com> <CABcZeBOgg0=1G4ENBF+wqZNFLfD6Q60674_G8cJqPZr7oQ9FMw@mail.gmail.com> <1533802033644.1196@cs.auckland.ac.nz> <CABcZeBPSYsCTn0pOuBPreT4oBrH+ha-PoMP94CnAvOiOr_e_sA@mail.gmail.com> <1533819390717.16753@cs.auckland.ac.nz> <9fec7f0c-9591-703a-066f-2eab54a57515@openssl.org>
In-Reply-To: <9fec7f0c-9591-703a-066f-2eab54a57515@openssl.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.38.126]
Content-Type: text/plain; charset="utf-8"
Content-ID: <025753A60F9CCC45938AD57BCC87F4B7@akamai.com>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-08-09_05:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=643 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1807170000 definitions=main-1808090147
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-08-09_05:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=628 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1807170000 definitions=main-1808090147
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/BNDFzJdFIh7mCJrzSt9cUv0_hsA>
Subject: Re: [TLS] inappropriate_fallback
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 09 Aug 2018 14:09:08 -0000


> On Aug 9, 2018, at 9:02 AM, Matt Caswell <matt@openssl.org> wrote:
> 
> 
> 
> On 09/08/18 13:56, Peter Gutmann wrote:
>> ​Eric Rescorla <ekr@rtfm.com> writes:
>> 
>>> So if the server wants TLS 1.1, then it doesn't set the bytes.
>> 
>> If that's the case then the text that says:
>> 
>>   If negotiating TLS 1.1 or below, TLS 1.3 servers MUST and TLS 1.2
>>   servers SHOULD set the last eight bytes of their Random value ...
>> 
>> needs to be fixed, beause as far as I can tell that's saying that if the
>> server wants TLS 1.1 then it has to set the bytes, not that it doesn't set the
>> bytes.
>> 
>> Here's an example of where this causes problems.  A TLS 1.2 client connects to
>> the server.  The server, a TLS 1.2 server, is configured to use TLS 1.1, so it
>> responds with the signalling bytes in its random value.
> 
> That's not the way I read it. If a server is configured to use TLSv1.1
> then its not a TLSv1.3 server and this text doesn't apply (regardless of
> whether the binary could do TLSv1.3 if it was configured differently).
> 
> Matt
> 

Agreed.

If a TLS 1.2 (capable) server is negotiating TLS 1.1 with a TLS 1.2 client, then it can’t be considered a TLS 1.2 server, otherwise, it would negotiate TLS 1.2.

It must be considered a TLS 1.1 server, since that is the maximum version it is configured to support.

--
-Todd Short
// tshort@akamai.com
// "One if by land, two if by sea, three if by the Internet."


> 
>> The client is now
>> required to abort the handshake even though everything is running as it
>> should.
>> 
>> Peter.
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>> 
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email