Re: [TLS] [EXT] Re: Alert after sending ServerHello

Roelof Du Toit <Roelof_Dutoit@symantec.com> Wed, 26 April 2017 13:43 UTC

Return-Path: <Roelof_Dutoit@symantec.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55D47129BAC for <tls@ietfa.amsl.com>; Wed, 26 Apr 2017 06:43:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.221
X-Spam-Level:
X-Spam-Status: No, score=-4.221 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=symc.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IyVezJ3gSHyJ for <tls@ietfa.amsl.com>; Wed, 26 Apr 2017 06:43:51 -0700 (PDT)
Received: from tussmtoutape02.symantec.com (tussmtoutape02.symantec.com [155.64.38.232]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE179129BB5 for <tls@ietf.org>; Wed, 26 Apr 2017 06:43:51 -0700 (PDT)
Received: from tussmtmtaapi02.symc.symantec.com (tus3-f5-symc-ext-prd-snat1.net.symantec.com [10.44.130.1]) by tussmtoutape02.symantec.com (Symantec Messaging Gateway) with SMTP id 85.1E.57663.414A0095; Wed, 26 Apr 2017 13:43:51 +0000 (GMT)
X-AuditID: 0a2c7e32-effff7000000e13f-79-5900a4141034
Received: from tus3xchcaspin01.SYMC.SYMANTEC.COM (tus3-f5-symc-ext-prd-snat2.net.symantec.com [10.44.130.2]) by tussmtmtaapi02.symc.symantec.com (Symantec Messaging Gateway) with SMTP id 4A.2E.58529.414A0095; Wed, 26 Apr 2017 13:43:48 +0000 (GMT)
Received: from TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) by tus3xchcaspin01.SYMC.SYMANTEC.COM (10.44.91.13) with Microsoft SMTP Server (TLS) id 15.0.1236.3; Wed, 26 Apr 2017 06:43:47 -0700
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (10.44.128.2) by TUSXCHMBXWPI02.SYMC.SYMANTEC.COM (10.44.91.34) with Microsoft SMTP Server (TLS) id 15.0.1236.3 via Frontend Transport; Wed, 26 Apr 2017 06:43:48 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=symc.onmicrosoft.com; s=selector1-symantec-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=O/8Xtepn44lnN4JOyFwLYgmTp1c24SfyFBfF9+Q8xqA=; b=lhZ1paiVj4nbbI/xi9sn6cMRxg+q5etD8KamRLCBY37xfRkrIZTStUoB9YK9w/cCbUN7AqOMkJZ0Z4ft/Eaw9WwWaLwLWM+0xvlF4N7ZY3Ya1uBcxDXZFpB2abkreeya4Xl6BQo2lB9Paz0XrOA15r/gYxWSsgYynWOfZ+ORKyU=
Received: from DM5PR16MB1834.namprd16.prod.outlook.com (10.172.45.9) by DM5PR16MB1835.namprd16.prod.outlook.com (10.172.45.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1047.13; Wed, 26 Apr 2017 13:43:46 +0000
Received: from DM5PR16MB1834.namprd16.prod.outlook.com ([10.172.45.9]) by DM5PR16MB1834.namprd16.prod.outlook.com ([10.172.45.9]) with mapi id 15.01.1047.019; Wed, 26 Apr 2017 13:43:45 +0000
From: Roelof Du Toit <Roelof_Dutoit@symantec.com>
To: Martin Thomson <martin.thomson@gmail.com>, "mrex@sap.com" <mrex@sap.com>, "tls@ietf.org" <tls@ietf.org>, Ilari Liusvaara <ilariliusvaara@welho.com>
Thread-Topic: [EXT] Re: [TLS] Alert after sending ServerHello
Thread-Index: AQHSvjlr+zNFNWUWWk+l9HsX/u+t/qHXMieAgAAMZACAAFVogIAABLUA///OFQA=
Date: Wed, 26 Apr 2017 13:43:45 +0000
Message-ID: <D9728A88-2689-4E7D-94D6-820F83A49AB9@symantec.com>
References: <20170426071952.GA29159@LK-Perkele-V2.elisa-laajakaista.fi> <20170426122533.34A0D1A698@ld9781.wdf.sap.corp> <CABkgnnWj=vuFzwaUpdxb29SYVqaSx1RVenzTFrbbOo9UMphiSw@mail.gmail.com>
In-Reply-To: <CABkgnnWj=vuFzwaUpdxb29SYVqaSx1RVenzTFrbbOo9UMphiSw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: gmail.com; dkim=none (message not signed) header.d=none;gmail.com; dmarc=none action=none header.from=symantec.com;
x-originating-ip: [72.23.5.194]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; DM5PR16MB1835; 7:prG3g5QaTQtMcopJnups0semvsQ1Ee69agbLfilJatBQh32okwabU0rGPuUjSZZDBSUJS6JHMYGWg0kWW4KbQQq3BoqTAEtcH8InNvNY5oDAoZEheksFhSrmo3NkjgvFSHkhPZkPmV6uI6i4BrZsPx53Dq7r2ALCt+voFzxQSYQ2CFXMyDgPUgxBWtvaIk1R+B3jEIgCS0oqIdKi/Tq2awpJq0Tsw4+1fizeC/amqESpKc97AosTnyJYtmm0hazMpXhMAftx72g13wSrn43DF5pxy2+wAFFeSD243H5NZY6jfsJWgBx+AGES5+hEkwC8cvfZqQ9Kz8S6VMIzrGjsxg==
x-forefront-antispam-report: SFV:SKI; SCL:-1SFV:NSPM; SFS:(10009020)(24454002)(52544003)(377454003)(54356999)(6486002)(76176999)(50986999)(77096006)(122556002)(7110500001)(189998001)(81166006)(8676002)(99286003)(2900100001)(80792005)(8936002)(38730400002)(2501003)(33656002)(3846002)(54896002)(6116002)(10290500003)(6306002)(6512007)(102836003)(3280700002)(3660700001)(236005)(39060400002)(66066001)(2906002)(82746002)(10710500007)(53936002)(83716003)(25786009)(7736002)(2420400007)(15650500001)(2201001)(6246003)(8656002)(6506006)(36756003)(5660300001)(2950100002)(229853002)(6436002)(86362001)(53546009); DIR:OUT; SFP:1101; SCL:1; SRVR:DM5PR16MB1835; H:DM5PR16MB1834.namprd16.prod.outlook.com; FPR:; SPF:None; MLV:ovrnspm; PTR:InfoNoRecords; LANG:en;
x-ms-office365-filtering-correlation-id: 6062a6be-557c-4eda-955d-08d48caa426a
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(201703131423075)(201703031133081); SRVR:DM5PR16MB1835;
x-microsoft-antispam-prvs: <DM5PR16MB1835EB07FD821F122A7D35C4FA110@DM5PR16MB1835.namprd16.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(21748063052155)(55761251573089);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(93006095)(93001095)(6041248)(20161123560025)(20161123555025)(20161123564025)(20161123562025)(201703131423075)(201703061421075)(201703161042150)(6072148)(6042181); SRVR:DM5PR16MB1835; BCL:0; PCL:0; RULEID:; SRVR:DM5PR16MB1835;
x-forefront-prvs: 0289B6431E
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_D9728A8826894E7D94D6820F83A49AB9symanteccom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Apr 2017 13:43:45.0711 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 3b217a9b-6c58-428b-b022-5ad741ce2016
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR16MB1835
X-OriginatorOrg: symantec.com
X-Brightmail-Tracker: H4sIAAAAAAAAA02Sa0hTYRjHe3fO3HE6el3WHrSbC0MlrxQJWUlgLUxJ+6Im6NKTivPCNjX7 IFIqOLNimuLylqzEShyipZmXJMtsJgYuLywLJ1gJNi+Zhtp2zgS/HH7v8/z/5/8857wUITRw XaiUdCUtT5fKxHZ8kn/sFvIWaXdF++mmRYELXZVkoEG/iQJL/3UQgYsjKhRMSjo1Rp5Eq13j SMqX2pFkqqTa7jIZww9KpGUp2bTc90w8P/lPwXsicyj0RtngvF0+6rqoQvYU4ONgrryNVIhP CfEigiLdFGe7sTXxmGdlIf6LwNDlxooGEDRtNHLZwxyCztEWxk7iYgL032q5rKWcA9Nj8Sz3 I2heCbGyHfaHtT4143bGVQg0DT+ZvD04CCrbR5k8Z3wayjbmSJbDwdxitjBlSXAH/Ru+tSzA Z2G4oYZgp+hDsGBoJKwNexwBanUF40V4H6wOPWfeT2ARTJrqbLth0L4eIVjeCz9mNpmBEC5F oH2wymUbh2B69iNi+QB8rith1gR8h4D66l7bwcSFjfE+HqsKg9a2JltEHkwNqG0RqaB9MWar X4XN2S0ea57kgKFdR9xH3podI7KcABttT7gaZlcn+FBlIjWWT0BgT2h55ctK3KC85DuPZQ8o rK6xsQSGywZ4OzX1iHqKDiuzFIo0ZUaWUppJ+wX4KHLTEqwPqeWuJfgkZKS1Iua25QV0oEXd pX6EKSR2FCyV7YoWcqXZFqXlP1KE2FmwUmMpCRKluTdpeUacPEtGK/qRK0WKRYLJ2skoIU6S KulUms6k5dtdDmXvko9En3rO/ZofcX02k/NW5hhMRsYVq3r1Dh7yxXeD10McZCZVWGyuIYmy d1reWib0J472txal5ix/nQjZOrU+7lkQW79yrfnhye57ksGYI0k9Md3hv6ONLw+Wj3F3X9hf WFuRlWz0Ul7pjnMPPT8VsVp1l9e65tc3+8UcSZuNj2A9SkwqkqX+XoRcIf0P24irvmkDAAA=
X-Brightmail-Tracker: H4sIAAAAAAAAA02SfSzUcRzH+97vd3c/V+rbEZ8Oi1OkebpmdW0qW2tdIdU/VCq/zhVzJ+6O arUyy5anTUfM5fLQYaymRJGGbrMkQuXoZGpham1SCdPR3f3uj/757vV5eH8/D/tQBL+VLaAS k9UyZTItF3J4JM8/kxXgrF91PLi4XSyeaSshxcbeZSTOX2ohxD/7c1AYKWnVjnElev0iS1L0 qxlJRnPLOEfIE7zQeJk8MV2mDNoTx0v4c+MlkdITfqmw+zsnA7UdzEEOFOAQWPlQzbUyHy8g MLZ55SCehbsQ1Jlr2YwxjaB1sAFZDRJnE9D76S6bkRSxYHwojmEDggdz+63MwSJY7NTY1M64 FIG26hvLGnDCoVDSPGir54x3Q6F5mmT4MMw2zFqYslTYAr0veFa3I94LfVU6gumiE8GMsZaw BhzwUdBoim1ahF1gvue+7X8Cu4JpopzFzIZB/7yfYHgDfP2ybGsI4XwE+tvzbCawCcYnXyOG PeBtea5tTMB5BFSUddiNCTaYRzq5TFYkNDbV2Utcg9Eujb1EEuifDNn9J2F5coXLiE0sMDY/ JKyzAXaHe32nmFUIYOx9NipAftr/OmdYCuamGrbWtoL18Kp0gtRa1AT2g4ZnQUyKFxTlfuYy vBWyynR2lkBfYRf3/5wKRNUjT3WaSqVQK9Q0nZIYvD1QdVkhtT605dKkgdILikZku7V9G1uQ 4W+EAWEKCdc4SoZXYvhsOt2SaUBuFCl0daxdNMXw8XlaLUuSyVJkyjPKNLlMZUAsykGQgajY j1mctccGPG8iH07/QLLHI3lBgElxNnXEuTb6R7T3pEEXHrs01z4luOJCrzN1reY5eddXVHXL nRbCT+96M3Ug8hD2dgu5mKkSVYp+++T5X/eNStOyzjUN3erzWWwN2BGRKn08fCc+Kerp5tGd voHlOndljSA9TN5R2Wi++q5aSKoSaNE2Qqmi/wFCylFvTAMAAA==
X-CFilter-Loop: TUS02
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/DWOWvun0wE1kkK10DPxxAxtHnqo>
Subject: Re: [TLS] [EXT] Re: Alert after sending ServerHello
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Apr 2017 13:43:54 -0000

Yes, I agree that the problem is error handling.  I get that it is trivial to distinguish encrypted from unencrypted, but I would appreciate it if the spec could clarify the appropriate actions in the scenario where an unencrypted (non-appdata) record is received after keys have been installed in the connection state.  It would be strange to send an alert in response to an alert.

PS: I was testing with OpenSSL when I hit the interop issue.

From: Martin Thomson <martin.thomson@gmail.com>
Date: Wednesday, April 26, 2017 at 8:42 AM
To: "mrex@sap.com" <mrex@sap.com>
Cc: Ilari Liusvaara <ilariliusvaara@welho.com>, Roelof Du Toit <Roelof_Dutoit@symantec.com>, "tls@ietf.org" <tls@ietf.org>
Subject: [EXT] Re: [TLS] Alert after sending ServerHello

On 26 April 2017 at 22:25, Martin Rex <mrex@sap.com<mailto:mrex@sap.com>> wrote:
The code I was talking about was handling the special case that the
server might receive either encrypted or unencrypted alert in response
to its flight. And the difference it makes is just what error is
declared as abort reason.

Up to TLSv1.2 there was no confusion about whether a TLS record
was encrypted or not: everything before "ChangeCipherSpec" is cleartext,
everything thereafter is encrypted.

That's not a problem here either.  It's trivial to tell between an
encrypted record and an unencrypted one.  The question - if there is
any - is when to start encrypting if there happens to be an error.