IETF Logo Mail Archive

Re: [TLS] Next steps for draft-agl-tls-padding

Watson Ladd <watsonbladd@gmail.com> Mon, 07 April 2014 17:40 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C68E1A0836 for <tls@ietfa.amsl.com>; Mon, 7 Apr 2014 10:40:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fXmCbO2dL0p7 for <tls@ietfa.amsl.com>; Mon, 7 Apr 2014 10:40:44 -0700 (PDT)
Received: from mail-yh0-x22c.google.com (mail-yh0-x22c.google.com [IPv6:2607:f8b0:4002:c01::22c]) by ietfa.amsl.com (Postfix) with ESMTP id 4A47B1A07EF for <tls@ietf.org>; Mon, 7 Apr 2014 10:40:16 -0700 (PDT)
Received: by mail-yh0-f44.google.com with SMTP id f10so6114235yha.3 for <tls@ietf.org>; Mon, 07 Apr 2014 10:40:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=cYQoJV9aEaH3WqQfwvHxQ45boJhlVNfeePAnfVzMLsM=; b=PAuWjp22b1Qqek7n2inCkPlqaVTYjEa04cPXBdCxRgYT1ksItDvG8aLuhm/PfPqEPi 8D7qNTzHe7HOehPakcM8uMOZaNfQk7IqmnPBgoCNbxI0DwG5IVTwK5gPzTnIscXyr59U ptap7UYuJNFbt7NIm1LRWvQEOZ950aijQotiNB4SG4b0ldZENua6PbYKZ6n8Fepg51h6 wcEfuG0lswIavGW9L/MEJjnm+Sqfwv7hxgNl/s96ObkT3m7Lz+pQsac20fRu48P/ax2U m3DnEGbaGvp4TZ4LN6SYOh6F3ddu01nD5leDyEbBi08XZYvN4vimALRhTCAHMIkUM/AQ 0QJQ==
MIME-Version: 1.0
X-Received: by 10.236.198.243 with SMTP id v79mr24277447yhn.87.1396892410482; Mon, 07 Apr 2014 10:40:10 -0700 (PDT)
Received: by 10.170.63.197 with HTTP; Mon, 7 Apr 2014 10:40:10 -0700 (PDT)
Received: by 10.170.63.197 with HTTP; Mon, 7 Apr 2014 10:40:10 -0700 (PDT)
In-Reply-To: <CABkgnnXMHTW2cfeFgYoO1Ui_PgBeDgMMaG+hco7MXi5qnEHD+g@mail.gmail.com>
References: <cf049a7104934cc7a4bddced33cd00a2@BL2PR03MB419.namprd03.prod.outlook.com> <20140107201722.ECDA01AB93@ld9781.wdf.sap.corp> <CAL9PXLzawuetexEvU5PECUwuuiLvq5T0bxnhiky3cevQpetjNQ@mail.gmail.com> <CABcZeBNMAB40p+zxTGh354MCtEu+TbikS4w=C0SDyHNCdu=djw@mail.gmail.com> <CAK6vND_4umziyfG=XWe37tUmv=ahVP08jFX+YrgaSG+_THFWUA@mail.gmail.com> <5341EFA4.7070808@brainhub.org> <CABkgnnXMHTW2cfeFgYoO1Ui_PgBeDgMMaG+hco7MXi5qnEHD+g@mail.gmail.com>
Date: Mon, 07 Apr 2014 10:40:10 -0700
Message-ID: <CACsn0cnzMs9t0bDii+JxnBOs43rG6Hhs=F4kHP27S32s4X=Vxw@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
Content-Type: multipart/alternative; boundary="089e0160bea6eab39804f6775b84"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/EsIs-iLVlRsSshD9ZNhqZVsGXfU
Cc: tls@ietf.org
Subject: Re: [TLS] Next steps for draft-agl-tls-padding
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Apr 2014 17:40:50 -0000

On Apr 7, 2014 10:21 AM, "Martin Thomson" <martin.thomson@gmail.com> wrote:
>
> On 6 April 2014 17:21, Andrey Jivsov <crypto@brainhub.org> wrote:
> > The spec would benefit from a suggestion about what the recommended use
of
> > the padding extension is (i.e. to which size one should pad).
>
>
> This has been discussed extensively, here and elsewhere.  See for
> instance, http://www.ietf.org/mail-archive/web/tls/current/msg10423.html
> or https://www.imperialviolet.org/2013/10/07/f5update.html or
> https://code.google.com/p/chromium/issues/detail?id=315828 .
>
> I expect that the draft authors are being sensitive to the fact there
> is no need to create a more public, permanent record of what is a
> transient problem.

I read the F5 explaination. It's worth keeping it around so in the future,
when tempted to upgrade a binary protocol we ask the guy proposing the
upgrade how to distinguish old and new.

In particular,  tossing it down the memory hole out of misguided
professional courtesy would probably mean making the same mistake in the
future.

In particular treating this extension's proper use as something to be
passed on by word of mouth hurts new implementors who don't know the magic
number. Embarrassment for F5 is nowhere near as serious.

Sincerely,
Watson Ladd
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email