Re: [TLS] Working Group Last Call for draft-ietf-tls-downgrade-scsv-00

"Salz, Rich" <rsalz@akamai.com> Wed, 15 October 2014 16:13 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 802201A88C7 for <tls@ietfa.amsl.com>; Wed, 15 Oct 2014 09:13:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.21
X-Spam-Level:
X-Spam-Status: No, score=-4.21 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CQJhbni21Nnk for <tls@ietfa.amsl.com>; Wed, 15 Oct 2014 09:13:16 -0700 (PDT)
Received: from prod-mail-xrelay02.akamai.com (prod-mail-xrelay02.akamai.com [72.246.2.14]) by ietfa.amsl.com (Postfix) with ESMTP id 843FC1A8903 for <tls@ietf.org>; Wed, 15 Oct 2014 09:12:05 -0700 (PDT)
Received: from prod-mail-xrelay02.akamai.com (localhost [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id DE7412858E; Wed, 15 Oct 2014 16:12:04 +0000 (GMT)
Received: from prod-mail-relay07.akamai.com (prod-mail-relay07.akamai.com [172.17.121.112]) by prod-mail-xrelay02.akamai.com (Postfix) with ESMTP id CCAD72858B; Wed, 15 Oct 2014 16:12:04 +0000 (GMT)
Received: from email.msg.corp.akamai.com (usma1ex-cas2.msg.corp.akamai.com [172.27.123.31]) by prod-mail-relay07.akamai.com (Postfix) with ESMTP id C621C80047; Wed, 15 Oct 2014 16:12:04 +0000 (GMT)
Received: from USMA1EX-CASHUB4.kendall.corp.akamai.com (172.27.105.20) by usma1ex-dag1mb4.msg.corp.akamai.com (172.27.123.104) with Microsoft SMTP Server (TLS) id 15.0.913.22; Wed, 15 Oct 2014 12:12:04 -0400
Received: from USMBX1.msg.corp.akamai.com ([169.254.1.71]) by USMA1EX-CASHUB4.kendall.corp.akamai.com ([172.27.105.20]) with mapi; Wed, 15 Oct 2014 12:12:03 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: "Salz, Rich" <rsalz@akamai.com>, Florian Weimer <fweimer@redhat.com>, "tls@ietf.org" <tls@ietf.org>
Date: Wed, 15 Oct 2014 12:12:01 -0400
Thread-Topic: [TLS] Working Group Last Call for draft-ietf-tls-downgrade-scsv-00
Thread-Index: Ac/ojaggEQT3N+NSSmiVB2Ux5b7dVwABDQQgAAAyk+A=
Message-ID: <2A0EFB9C05D0164E98F19BB0AF3708C71D39ECE9D3@USMBX1.msg.corp.akamai.com>
References: <2112FCAD-4820-49D9-9871-6501C83A554D@cisco.com> <5438CFEA.7000401@brainhub.org> <543E9435.8000905@redhat.com> <2A0EFB9C05D0164E98F19BB0AF3708C71D39ECE9C9@USMBX1.msg.corp.akamai.com>
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C71D39ECE9C9@USMBX1.msg.corp.akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/D3C3LuFLhVI4bmgDFKLzRpz4_Q0
Subject: Re: [TLS] Working Group Last Call for draft-ietf-tls-downgrade-scsv-00
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Oct 2014 16:13:17 -0000

> Yes, exactly.  If a browser is going to fallback, it could ask the user "I'm going
> to retry, and you'll lose PFS; if the server is ever cracked by the NSA all your
> data will be readable.  Proceed?" If the usre clicks yes, then the browser tries
> again with the fallback SCSV.   (I would hope that the user-agent would
> provide more understable message, but I'm not optimistic.)

Arrgh.  Tries again WITHOUT the fallback SCSV.
 
> The point kis that a transient network error has highly visible security
> implications.
> 
> HTTP doesn't auto-retry, either.

--  
Principal Security Engineer, Akamai Technologies
IM: rsalz@jabber.me Twitter: RichSalz