IETF Logo Mail Archive

Re: [TLS] [Technical Errata Reported] RFC5246 (4382)

Dave Garrett <davemgarrett@gmail.com> Fri, 29 May 2015 16:12 UTC

Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B1D1F1A87CB for <tls@ietfa.amsl.com>; Fri, 29 May 2015 09:12:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s0ZnpCmUdJLa for <tls@ietfa.amsl.com>; Fri, 29 May 2015 09:12:15 -0700 (PDT)
Received: from mail-qk0-x22d.google.com (mail-qk0-x22d.google.com [IPv6:2607:f8b0:400d:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D15851A87AA for <tls@ietf.org>; Fri, 29 May 2015 09:12:14 -0700 (PDT)
Received: by qkx62 with SMTP id 62so47520415qkx.3 for <tls@ietf.org>; Fri, 29 May 2015 09:12:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=Mu63ZEtzKYzzyHXyHtuVDki5t882xu/ka/zzjjGU6pg=; b=titv1Vz1Q5+mQqkeVZLW+EliNiLgqfi1GrFtyLv/Oo2yqS0jUOfv+m5FrXqNy7ABJF t8Q0KBIFOalkQ97MQHGXVmgjsaVxUdPAx2qVAXXe3+jsPve4lAoRdHZ5Y7MJJ7RGNsXf g0tL1XsKcf6I9U7UEoJH8veS7EEHk9j7okKTIBeJXRZoFlrzYrmM8T4CSIoz+T47mUHP HlxGm2eioeGszcV8kJeRBTivJ8QmYATXKF2SvNdyggcVXkWC/FjESXNvI763OnlK9lhE nqUTYrG/qs51u2U60kLyAsii2ieVPtKHRCvh/vD8pesqA9SanIKG4HJLsy2BnYEO9Mo3 G2Jg==
X-Received: by 10.140.25.208 with SMTP id 74mr10245908qgt.104.1432915934088; Fri, 29 May 2015 09:12:14 -0700 (PDT)
Received: from dave-laptop.localnet (pool-96-245-254-195.phlapa.fios.verizon.net. [96.245.254.195]) by mx.google.com with ESMTPSA id e104sm2866422qgd.29.2015.05.29.09.12.13 (version=TLSv1 cipher=RC4-SHA bits=128/128); Fri, 29 May 2015 09:12:13 -0700 (PDT)
From: Dave Garrett <davemgarrett@gmail.com>
To: tls@ietf.org
Date: Fri, 29 May 2015 12:12:11 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
References: <20150529113932.97453180204@rfc-editor.org> <CABcZeBOWO=rp0-YrRngGRvmRKksxDk9_8rpH2dJKLUbv0LKGDA@mail.gmail.com>
In-Reply-To: <CABcZeBOWO=rp0-YrRngGRvmRKksxDk9_8rpH2dJKLUbv0LKGDA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <201505291212.12413.davemgarrett@gmail.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/CcWZweaJpV5R-Ygg52aOMbyosEI>
Cc: lscorco@nsa.gov, Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com>, RFC Errata System <rfc-editor@rfc-editor.org>
Subject: Re: [TLS] [Technical Errata Reported] RFC5246 (4382)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 May 2015 16:12:16 -0000

Based on the definition, the current text is correct. I think the definition is confusing and not particularly helpful, but it's correct.

opaque Datum[3];  // 3 bytes
Datum Data[9];      // 9 bytes
Datum Data<3>;   // 9 bytes

The second notation is only used in RFC5246 in the specification of the SSL2 CLIENT-HELLO for "cipher_specs". Relevant lines quoted:

>      uint8 V2CipherSpec[3];
[...]
>          V2CipherSpec cipher_specs[V2ClientHello.cipher_spec_length];
[...]
>
>   cipher_spec_length
>      This field is the total length of the field cipher_specs.  It
>      cannot be zero and MUST be a multiple of the V2CipherSpec length
>      (3).

The length definition does say it's the total length of the array, not number of elements, so it appears to be using the notation correctly.


Dave


On Friday, May 29, 2015 08:38:51 am Eric Rescorla wrote:
> I do not believe that this report is correct:
> 
> "A vector (single-dimensioned array) is a stream of homogeneous data
> elements.
> The size of the vector may be specified at documentation time or left
> unspecified until runtime. In either case, the length declares the number of
> bytes, not the number of elements, in the vector."
> 
> 
> On Fri, May 29, 2015 at 4:39 AM, RFC Errata System <
> rfc-editor@rfc-editor.org> wrote:
> 
> > The following errata report has been submitted for RFC5246,
> > "The Transport Layer Security (TLS) Protocol Version 1.2".
> >
> > --------------------------------------
> > You may review the report below and at:
> > http://www.rfc-editor.org/errata_search.php?rfc=5246&eid=4382
> >
> > --------------------------------------
> > Type: Technical
> > Reported by: Laura Corcoran <lscorco@nsa.gov>
> >
> > Section: 4.3
> >
> > Original Text
> > -------------
> > In the following example, Datum is defined to be three consecutive
> >    bytes that the protocol does not interpret, while Data is three
> >    consecutive Datum, consuming a total of nine bytes.
> >
> >       opaque Datum[3];      /* three uninterpreted bytes */
> >       Datum Data[9];        /* 3 consecutive 3 byte vectors */
> >
> >
> > Corrected Text
> > --------------
> > In the following example, Datum is defined to be three consecutive
> >    bytes that the protocol does not interpret, while Data is three
> >    consecutive Datum, consuming a total of nine bytes.
> >
> >       opaque Datum[3];      /* three uninterpreted bytes */
> >       Datum Data[3];        /* 3 consecutive 3 byte vectors */
> >
> >
> > Notes
> > -----
> > The 9 in "Datum Data[9]" should be a 3 because Datum is a data type that
> > consumes 3 bytes, so as written the Data vector is 27 bytes long. To make
> > it a 9 byte vector the 9 must change to a 3.
> >
> > Instructions:
> > -------------
> > This erratum is currently posted as "Reported". If necessary, please
> > use "Reply All" to discuss whether it should be verified or
> > rejected. When a decision is reached, the verifying party (IESG)
> > can log in to change the status and edit the report, if necessary.
> >
> > --------------------------------------
> > RFC5246 (draft-ietf-tls-rfc4346-bis-10)
> > --------------------------------------
> > Title               : The Transport Layer Security (TLS) Protocol Version
> > 1.2
> > Publication Date    : August 2008
> > Author(s)           : T. Dierks, E. Rescorla
> > Category            : PROPOSED STANDARD
> > Source              : Transport Layer Security
> > Area                : Security
> > Stream              : IETF
> > Verifying Party     : IESG

v2.23.0 | Report a Bug | By Email