Re: [TLS] Updated draft

Martin Rex <> Fri, 18 December 2009 17:14 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 6C0503A67F1 for <>; Fri, 18 Dec 2009 09:14:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -5.897
X-Spam-Status: No, score=-5.897 tagged_above=-999 required=5 tests=[AWL=-0.248, BAYES_00=-2.599, HELO_EQ_DE=0.35, J_CHICKENPOX_45=0.6, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id RmvZXTaFveHF for <>; Fri, 18 Dec 2009 09:14:11 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id C628C3A68E8 for <>; Fri, 18 Dec 2009 09:14:10 -0800 (PST)
Received: from by (26) with ESMTP id nBIHDoQI025064 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 18 Dec 2009 18:13:51 +0100 (MET)
From: Martin Rex <>
Message-Id: <>
Date: Fri, 18 Dec 2009 18:13:50 +0100
In-Reply-To: <> from "Marsh Ray" at Dec 18, 9 10:37:00 am
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-Scanner: Virus Scanner virwal05
X-SAP: out
Subject: Re: [TLS] Updated draft
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 18 Dec 2009 17:14:12 -0000

Marsh Ray wrote:
> Robert Dugal wrote:
> > Oops, you're right. I misstated what I'd like the draft to allow. 
> > What I'd like is the option to always send the SCSV in the
> > ClientHello and on renegotiation requests send the SCSV + RI
> > extension in the ClientHello.
> That certainly sounds like a reasonably minor change to make.

Full agreement.

> I don't recall seeing anyone propose wording changes that would allow
> such behavior,

I can help you solve that problem:

I know how you feel, I'm having analogus problem with my memory,
I can not remember anyone making a technical argument for this particular
MUST NOT here.  I already asked Pasi:

but he doesn't seem to recall anything either.

> Currently, the SCSV achieves its primary objective with a very simple
> definition. It has "exactly the same semantics as an empty
> 'renegotiation_info' extension".

That seems to be a fairly simple copy&paste error, and can easily
be fixed by simple wordsmithing.

It is fairly common that an initially beautiful wording turns
out to add unnecessary implementation complexity when the first
implementors get at the code.

That usually isn't a problem, since the IETF favours running code
over wording in the spec.  Implementors feedback is extremely

> Personally, I'd prefer that we don't propose (and re-propose) design
> features at this point.

We're discussing a simple implementation detail, it does not touch
the design of the underlying architecture.

> If anyone sees a security flaw or attack against a correct
> implementation of draft-ietf-tls-renegotiation-02, please please speak up.

If anyone sees a security flaw or technical problem with dropping
this MUST NOT, then please speak up.