Re: [TLS] Abbreviated Handshake != Renegotiated Handshake

Ravi Ganesan <ravi@findravi.com> Sun, 20 December 2009 00:57 UTC

Return-Path: <ravi@findravi.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B73C73A690E for <tls@core3.amsl.com>; Sat, 19 Dec 2009 16:57:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.165
X-Spam-Level:
X-Spam-Status: No, score=-2.165 tagged_above=-999 required=5 tests=[AWL=-0.189, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8+6g1lQpJ91E for <tls@core3.amsl.com>; Sat, 19 Dec 2009 16:57:08 -0800 (PST)
Received: from mail-pz0-f176.google.com (mail-pz0-f176.google.com [209.85.222.176]) by core3.amsl.com (Postfix) with ESMTP id 08E2E3A690A for <tls@ietf.org>; Sat, 19 Dec 2009 16:57:07 -0800 (PST)
Received: by pzk6 with SMTP id 6so3064547pzk.29 for <tls@ietf.org>; Sat, 19 Dec 2009 16:56:50 -0800 (PST)
MIME-Version: 1.0
Received: by 10.114.237.37 with SMTP id k37mr3752431wah.31.1261270610269; Sat, 19 Dec 2009 16:56:50 -0800 (PST)
In-Reply-To: <200912192334.nBJNYfU0011268@fs4113.wdf.sap.corp>
References: <3561bdcc0912191507y45ec359bma3b32f12dbcad07@mail.gmail.com> <200912192334.nBJNYfU0011268@fs4113.wdf.sap.corp>
Date: Sat, 19 Dec 2009 16:56:50 -0800
Message-ID: <3561bdcc0912191656y16ec84f3g21862a90eaf4ea28@mail.gmail.com>
From: Ravi Ganesan <ravi@findravi.com>
To: mrex@sap.com
Content-Type: multipart/alternative; boundary="0016e64b95b6b0d926047b1e7240"
Cc: tls@ietf.org
Subject: Re: [TLS] Abbreviated Handshake != Renegotiated Handshake
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Dec 2009 00:57:08 -0000

> The HelloRequest handshake message does not carry an indicators
> why a server requests renegotiation, so a client can only guess.
> The most commonly known usage in popular applications on
> the internet seems the request for a client certificate after
> having seen the clients request.
>

Sure, and in this case if the Client responds with a Client Hello with the
initial session ID then the server has to anyway respond with a full
handshake server-hello (else it cannot get client-auth).

My only point is that we are relying on app that requests a "renegotiate" of
its underlying SSL stack to differentiate between two cases: (i) where the
renegotiate with full handshake really happens and (ii) when a previous
session is resumed. If there is no need for case (ii) it seemed to me to be
better to not let this happen, and hope the app can tell the difference.

Sounds like everyone else thinks this is fine -- so be it.

Cheers,

Ravi