Re: [TLS] draft-rescorla-tls-renegotiate and MITM resistance

David-Sarah Hopwood <david-sarah@jacaranda.org> Mon, 09 November 2009 19:37 UTC

Return-Path: <djhopwood@googlemail.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0F3B328C1F3 for <tls@core3.amsl.com>; Mon, 9 Nov 2009 11:37:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Sqg6VrHdjgET for <tls@core3.amsl.com>; Mon, 9 Nov 2009 11:37:28 -0800 (PST)
Received: from mail-ew0-f207.google.com (mail-ew0-f207.google.com [209.85.219.207]) by core3.amsl.com (Postfix) with ESMTP id DB34B3A68C1 for <tls@ietf.org>; Mon, 9 Nov 2009 11:37:27 -0800 (PST)
Received: by ewy3 with SMTP id 3so3477982ewy.37 for <tls@ietf.org>; Mon, 09 Nov 2009 11:37:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:sender:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :x-enigmail-version:content-type; bh=Ksxngh3CmZchHij0P8wVjaNjLPIkmERKuVb6CShrTP8=; b=J80u5ZMqtmyvPytyy5AXU5Y6OM+Dw9KB47i5dVTgfW1MwEQ/ufRTX0NPey4JQscPTs jCKJKNJX5Nh5VcSOuv6SCKSRGea6WOB5HsDr2GjJDJp5hJ19S5W1YgEWfbdSpG1X2DIV Fwr2j7Qwj5oO8qg+Mc7dy75UMGwYOTuf84Uh4=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=sender:message-id:date:from:user-agent:mime-version:to:subject :references:in-reply-to:x-enigmail-version:content-type; b=Pf2INqbjbci6/mZrqTH18bNHL0H25XXw8SReGQQ5yaH5/g+6YYA1HjZy6PfwZsvGXp C9wluZPfAepKmAiXk5cLbdgWaNw5x4+pYycRP0ZHTXcD12I9kD28KHm18tMFtJJO2701 xiiuJEmQ4FiMbQFqkhH2NA6i+BWCDk1MTX+pg=
Received: by 10.213.1.28 with SMTP id 28mr3767832ebd.70.1257795469265; Mon, 09 Nov 2009 11:37:49 -0800 (PST)
Received: from ?192.168.0.2? (5e057cdf.bb.sky.com [94.5.124.223]) by mx.google.com with ESMTPS id 5sm2725eyh.42.2009.11.09.11.37.48 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 09 Nov 2009 11:37:48 -0800 (PST)
Sender: David-Sarah Hopwood <djhopwood@googlemail.com>
Message-ID: <4AF86F8A.7090505@jacaranda.org>
Date: Mon, 09 Nov 2009 19:37:46 +0000
From: David-Sarah Hopwood <david-sarah@jacaranda.org>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.8.1.3) Gecko/20070326 Thunderbird/2.0.0.0 Mnenhy/0.7.5.666
MIME-Version: 1.0
To: tls@ietf.org
References: <200911091646.nA9GkW6n008821@fs4113.wdf.sap.corp>
In-Reply-To: <200911091646.nA9GkW6n008821@fs4113.wdf.sap.corp>
X-Enigmail-Version: 0.96.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------enig7F162FF9478CA06AEBFC7F86"
Subject: Re: [TLS] draft-rescorla-tls-renegotiate and MITM resistance
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Nov 2009 19:37:29 -0000

Martin Rex wrote:
> There may be SSLv3 servers out there that choke on extension data
> in the ClientHello.  But that doesn't mean that one could not
> upgrade SSLv3 servers to support TLS extensions.  The more interesting
> question is IMHO -- which TLS clients will choke when an SSLv3 server
> returns a ServerHello extension?  spec-wise, a ServerHello extension
> is as unusual to SSLv3 as it is to TLSv1.0.

Why would that situation arise? For that to happen, an SSL server
library would have to be upgraded to support extensions but not to
support TLS. Are there any SSL-only libraries being actively
maintained?

-- 
David-Sarah Hopwood  ⚥  http://davidsarah.livejournal.com