[TLS] TLS 1.3 - ignoring version values in record protocol header
David Holmes <d.holmes@f5.com> Wed, 11 March 2015 23:43 UTC
Return-Path: <d.holmes@f5.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8CF5A1A8925 for <tls@ietfa.amsl.com>; Wed, 11 Mar 2015 16:43:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.911
X-Spam-Level:
X-Spam-Status: No, score=-6.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GyhvGt2SsZo6 for <tls@ietfa.amsl.com>; Wed, 11 Mar 2015 16:43:13 -0700 (PDT)
Received: from mail.f5.com (mail.f5.com [208.85.209.139]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4B95A1A8920 for <tls@ietf.org>; Wed, 11 Mar 2015 16:43:13 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="5.11,385,1422921600"; d="scan'208";a="152958514"
X-IPAS-Result: A2CkBADo0QBV/+sKqMBchDbDa4d/AQEBAQEBfYQWgQsBgQAnBNJclDwFrXKBdC4fgVCCM38BAQE
Received: from oracle-apps.f5net.com (HELO exchmail.f5net.com) ([192.168.10.235]) by mail.f5.com with ESMTP/TLS/AES256-SHA; 11 Mar 2015 23:43:13 +0000
Received: from SEAEXCHMBX02.olympus.F5Net.com (192.168.15.224) by SEAEXCHMBX05.olympus.F5Net.com (192.168.15.227) with Microsoft SMTP Server (TLS) id 15.0.1044.25; Wed, 11 Mar 2015 16:43:12 -0700
Received: from SEAEXCHMBX02.olympus.F5Net.com ([fe80::dd5e:c398:17d9:927f]) by seaexchmbx02.olympus.F5Net.com ([fe80::dd5e:c398:17d9:927f%13]) with mapi id 15.00.1044.021; Wed, 11 Mar 2015 16:43:12 -0700
From: David Holmes <d.holmes@f5.com>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: TLS 1.3 - ignoring version values in record protocol header
Thread-Index: AQHQXFUihw/4ytADb0u9ZC31Hgijrg==
Date: Wed, 11 Mar 2015 23:43:11 +0000
Message-ID: <D126211F.8BD8%d.holmes@f5.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.3.0.121105
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [192.168.15.239]
Content-Type: text/plain; charset="Windows-1252"
Content-ID: <7357540892D7904084B09E28C54B01F1@F5.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/Jut1F9YXWFjYM4rzD-8FrrsvKTY>
Subject: [TLS] TLS 1.3 - ignoring version values in record protocol header
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Mar 2015 23:43:15 -0000
On day 1 of the Seattle TLS 1.3 working group, it was questioned what to
do with the TLS version bytes in record protocol. Send but ignore seemed
to be the consensus, with ³pin to [3,4] forever"
In draft 5, if the version bytes are still included in the AEAD
computation, they shouldn¹t be ignored, right?
If we keep the record protocol version bytes, the most straightforward
action is to [continue with the tradition of having them] match the
version of TLS negotiated in the handshake. In this case [3,4].
6.2.2 Record Payload Protection
struct {
ContentType type;
ProtocolVersion version;
uint16 length;
opaque nonce_explicit[SecurityParameters.record_iv_length];
aead-ciphered struct {
opaque content[TLSPlaintext.length];
} fragment;
} TLSCiphertext;
Š
additional_data = seq_num + TLSPlaintext.type + TLSPlaintext.version
Š
AEADEncrypted = AEAD-Encrypt(write_key, nonce, plaintext, additional_data)
- [TLS] TLS 1.3 - ignoring version values in record… David Holmes
- Re: [TLS] TLS 1.3 - ignoring version values in re… Dave Garrett
- Re: [TLS] TLS 1.3 - ignoring version values in re… Martin Thomson