IETF Logo Mail Archive

Re: [TLS] Next Protocol Negotiation 03

Martin Rex <mrex@sap.com> Thu, 26 April 2012 17:21 UTC

Return-Path: <mrex@sap.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A0A7E21F8638 for <tls@ietfa.amsl.com>; Thu, 26 Apr 2012 10:21:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.117
X-Spam-Level:
X-Spam-Status: No, score=-10.117 tagged_above=-999 required=5 tests=[AWL=0.132, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3rVapf4MxuOS for <tls@ietfa.amsl.com>; Thu, 26 Apr 2012 10:21:05 -0700 (PDT)
Received: from smtpde01.sap-ag.de (smtpde01.sap-ag.de [155.56.68.170]) by ietfa.amsl.com (Postfix) with ESMTP id B90E621F8622 for <tls@ietf.org>; Thu, 26 Apr 2012 10:21:04 -0700 (PDT)
Received: from mail.sap.corp by smtpde01.sap-ag.de (26) with ESMTP id q3QHL0E6024661 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 26 Apr 2012 19:21:01 +0200 (MEST)
From: Martin Rex <mrex@sap.com>
Message-Id: <201204261721.q3QHL0lA014062@fs4113.wdf.sap.corp>
To: marsh@extendedsubset.com
Date: Thu, 26 Apr 2012 19:21:00 +0200
In-Reply-To: <4F9981FC.4000205@extendedsubset.com> from "Marsh Ray" at Apr 26, 12 12:12:28 pm
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-SAP: out
Cc: tls@ietf.org
Subject: Re: [TLS] Next Protocol Negotiation 03
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: mrex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Apr 2012 17:21:05 -0000

Marsh Ray wrote:
> 
> On 04/25/2012 02:32 PM, Marsh Ray wrote:
> >
> > I don't speak for the Tor project, but I don't think this design is
> > going to meet anyone's requirements for serious censorship resistance.
> >
> > Nevertheless, giving some privacy to the significant bits of the
> > handshake in a way that is more latency-friendly than full renegotiation
> > is very appealing. It seems likely to enable new and interesting
> > applications, SPDY is just one good example.
> 
> Just an update, I've made contact with the Tor project. As heavy users 
> of TLS, they are interested in the direction the protocol evolves. They 
> may also have some useful input here on this issue of privacy of 
> handshake records.

  http://tools.ietf.org/html/rfc4680

describes two additional generic handshake messages in the cleartext
part of the TLS handshake.

Maybe we should define something similar for the encrypted part of
the handshake, so that we don't have to add new handshake messages
for every new feature?


-Martin

v2.23.0 | Report a Bug | By Email