Re: [TLS] RFC-4366-bis and the unrecognized_name(112) alert

Peter Gutmann <pgut001@cs.auckland.ac.nz> Tue, 08 June 2010 04:00 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 225223A6888 for <tls@core3.amsl.com>; Mon, 7 Jun 2010 21:00:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.001
X-Spam-Level:
X-Spam-Status: No, score=0.001 tagged_above=-999 required=5 tests=[BAYES_50=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dC0TzasMiVXG for <tls@core3.amsl.com>; Mon, 7 Jun 2010 21:00:08 -0700 (PDT)
Received: from mx2-int.auckland.ac.nz (mx2-int.auckland.ac.nz [130.216.12.41]) by core3.amsl.com (Postfix) with ESMTP id E2BB63A63C9 for <tls@ietf.org>; Mon, 7 Jun 2010 21:00:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=pgut001@cs.auckland.ac.nz; q=dns/txt; s=uoa; t=1275969609; x=1307505609; h=from:to:subject:cc:in-reply-to:message-id:date; z=From:=20Peter=20Gutmann=20<pgut001@cs.auckland.ac.nz> |To:=20mrex@sap.com|Subject:=20Re:=20[TLS]=20RFC-4366-bis =20and=20the=20unrecognized_name(112)=20alert|Cc:=20tls@i etf.org|In-Reply-To:=20<201006072010.o57KAPUN018758@fs411 3.wdf.sap.corp>|Message-Id:=20<E1OLpyn-0007OA-TL@wintermu te02.cs.auckland.ac.nz>|Date:=20Tue,=2008=20Jun=202010=20 15:59:57=20+1200; bh=lZtMDlEoaCZTmzIZqhtsuq+xdsoRdlFxKNrKQWOUjTg=; b=pIe6F40mWAZ8eW6n0KT83LLLUUFR6qAfAgGcFMmksIH/GmSf4znFykJR VzqYjQ/KCjpVALQyUwwDeNvZh1ocJ4NouiCK9oQTybkBfS5ULixeZOM9o h6sRkQath6EaYLDP7jQ6MlY1EKSjTzHqLkASglRdDwEOq8u4W8d2G64UN A=;
X-IronPort-AV: E=Sophos;i="4.53,382,1272801600"; d="scan'208";a="9992241"
X-Ironport-HAT: UNIVERSITY - $RELAY-THROTTLE
X-Ironport-Source: 130.216.207.92 - Outgoing - Outgoing
Received: from wintermute02.cs.auckland.ac.nz ([130.216.207.92]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 08 Jun 2010 15:59:58 +1200
Received: from pgut001 by wintermute02.cs.auckland.ac.nz with local (Exim 4.69) (envelope-from <pgut001@cs.auckland.ac.nz>) id 1OLpyn-0007OA-TL; Tue, 08 Jun 2010 15:59:57 +1200
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: mrex@sap.com
In-Reply-To: <201006072010.o57KAPUN018758@fs4113.wdf.sap.corp>
Message-Id: <E1OLpyn-0007OA-TL@wintermute02.cs.auckland.ac.nz>
Date: Tue, 08 Jun 2010 15:59:57 +1200
Cc: tls@ietf.org
Subject: Re: [TLS] RFC-4366-bis and the unrecognized_name(112) alert
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jun 2010 04:00:09 -0000

Martin Rex <mrex@sap.com> writes:

>If there are protocol elements that convey information between to
>communication peers, then the semantics of that piece of information must be
>well-defined for both, sender and receipient.

... unless the protocol is IPsec, OCSP, CMP, TSP, portions of SSH, uhh... what
else is there... well, in any case I think I've made my point.

>The IETF golden rule for protocol applies here "be liberal in what you
>accept".

What people usually omit when they quote this is the footnote in the appendix
to the apocrypha:

"... unless it's a security protocol".

Peter.