Re: [TLS] I-D ACTION:draft-ietf-tls-rfc2246-bis-11.txt
"Yngve Nysaeter Pettersen" <yngve@opera.com> Tue, 24 May 2005 18:24 UTC
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dae5D-0002Yc-Cj; Tue, 24 May 2005 14:24:51 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1Dae5B-0002Wn-V9 for tls@megatron.ietf.org; Tue, 24 May 2005 14:24:50 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA28488 for <tls@ietf.org>; Tue, 24 May 2005 14:24:48 -0400 (EDT)
Received: from mx1.opera.com ([193.69.116.6]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1DaeNP-0007OZ-1A for tls@ietf.org; Tue, 24 May 2005 14:43:40 -0400
Received: from mailbox.opera.com (root@mail.opera.com [193.69.113.66]) by mx1.opera.com (8.13.3/8.13.3/Debian-6) with ESMTP id j4OIOX34022882 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <tls@ietf.org>; Tue, 24 May 2005 18:24:33 GMT
Received: from killashandra.oslo.opera.com (pc079.lan024.oslo.opera.com [10.20.24.79] (may be forged)) by mailbox.opera.com (8.13.2/8.13.2/Debian-1) with ESMTP id j4OIOXlL006180 for <tls@ietf.org>; Tue, 24 May 2005 18:24:33 GMT
Date: Tue, 24 May 2005 20:29:25 +0200
From: Yngve Nysaeter Pettersen <yngve@opera.com>
To: tls@ietf.org
Subject: Re: [TLS] I-D ACTION:draft-ietf-tls-rfc2246-bis-11.txt
References: <200505181951.PAA01480@ietf.org>
Organization: Opera Software
Content-Type: text/plain; format="flowed"; delsp="yes"; charset="iso-8859-15"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-ID: <opsralnbjtvqd7e2@killashandra.oslo.opera.com>
In-Reply-To: <200505181951.PAA01480@ietf.org>
User-Agent: Opera M2/7.54 (Win32, build 3929)
X-Virus-Scanned: ClamAV 0.83/892/Mon May 23 17:52:19 2005 on mx1.opera.com
X-Virus-Status: Clean
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 21c69d3cfc2dd19218717dbe1d974352
Content-Transfer-Encoding: 8bit
Cc:
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: yngve@opera.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Sender: tls-bounces@lists.ietf.org
Errors-To: tls-bounces@lists.ietf.org
Hello all, A couple of question and comments: Sec. 6 says "If a TLS implementation receives a record type it does not understand, it SHOULD just ignore it." If such a record is received after the parties have started encrypting the records, should it try to decrypt the data, or should the implementation throw the record away immediately? Sec A.5 specifically forbids the negotiation of 40 bit export ciphers. Does this also apply to the 56 bit export ciphers that was defined just before the export restrictions were eased? My reading of the document indicates "Yes". But should not also the single DES suites (e.g. TLS_RSA_WITH_DES_CBC_SHA) and perhaps also IDEA also be phased out in a similar manner? About compatibility: Back in August/September 2004 Opera Software performed a test where we released a Technology Preview version of Opera with TLS 1.1 and TLS Extensions enabled. During this test our users identified more than 120 services (including major banks) that did not interoperate with a client using either TLS 1.1 or TLS Extensions, or both. I have so far not been able to find out what is causing the problem. Is it within the scope of this draft to discuss how to handle this situation? We did, after all, have similar problems when TLS 1.0 was introduced. -- Sincerely, Yngve N. Pettersen ******************************************************************** Senior Developer Email: yngve@opera.com Opera Software ASA http://www.opera.com/ Phone: +47 24 16 42 60 Fax: +47 24 16 40 01 ******************************************************************** _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] I-D ACTION:draft-ietf-tls-rfc2246-bis-11.txt Internet-Drafts
- Re: [TLS] I-D ACTION:draft-ietf-tls-rfc2246-bis-1… Yngve Nysaeter Pettersen
- [TLS] PKCS #1 block type Satoshi Akimoto
- Re: [TLS] I-D ACTION:draft-ietf-tls-rfc2246-bis-1… Bodo Moeller
- Re: [TLS] PKCS #1 block type Peter Gutmann
- Re: [TLS] PKCS #1 block type EKR
- Re: [TLS] I-D ACTION:draft-ietf-tls-rfc2246-bis-1… Eric Rescorla
- Re: [TLS] I-D ACTION:draft-ietf-tls-rfc2246-bis-1… Franke, Markus
- Re: [TLS] I-D ACTION:draft-ietf-tls-rfc2246-bis-1… EKR
- Re: [TLS] I-D ACTION:draft-ietf-tls-rfc2246-bis-1… Eric Rescorla
- Re: [TLS] I-D ACTION:draft-ietf-tls-rfc2246-bis-1… Yngve N. Pettersen (Developer Opera Software ASA)