Re: [TLS] Triple Handshake Fix.
Bodo Moeller <bmoeller@acm.org> Mon, 05 May 2014 21:13 UTC
Return-Path: <SRS0=RURu=2D=acm.org=bmoeller@srs.kundenserver.de>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ABDEA1A0198 for <tls@ietfa.amsl.com>; Mon, 5 May 2014 14:13:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.579
X-Spam-Level:
X-Spam-Status: No, score=-1.579 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U8Wl7cvRk7Km for <tls@ietfa.amsl.com>; Mon, 5 May 2014 14:13:52 -0700 (PDT)
Received: from mout.kundenserver.de (mout.kundenserver.de [212.227.17.24]) by ietfa.amsl.com (Postfix) with ESMTP id 978171A011A for <tls@ietf.org>; Mon, 5 May 2014 14:13:51 -0700 (PDT)
Received: from mail-yk0-f180.google.com (mail-yk0-f180.google.com [209.85.160.180]) by mrelayeu.kundenserver.de (node=mreue103) with ESMTP (Nemesis) id 0LejD4-1XCZAj0TU6-00qUzF; Mon, 05 May 2014 23:13:47 +0200
Received: by mail-yk0-f180.google.com with SMTP id q9so6688515ykb.39 for <tls@ietf.org>; Mon, 05 May 2014 14:13:46 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.236.148.244 with SMTP id v80mr1105900yhj.19.1399324426189; Mon, 05 May 2014 14:13:46 -0700 (PDT)
Received: by 10.170.65.3 with HTTP; Mon, 5 May 2014 14:13:46 -0700 (PDT)
In-Reply-To: <CAK3OfOjk714z8NaMm6EuKkrVPkhHoGGwvytjA9zL1x_3=AMJ3g@mail.gmail.com>
References: <CAL9PXLyGjM0R-NRdqzbfKWOvbLjT+mwE9uT0BQTpiFt5p27ATQ@mail.gmail.com> <CALR0ui+RfdFiQ4-1Odb8DKa3Kc_Ont__eBnpMNa9Obm1FeCi2A@mail.gmail.com> <CADMpkc+JeDDebHs0G3G3f17AGw9EjOe=EcK1dh_mikKjyF1DbQ@mail.gmail.com> <CA+_8ft7fwatXJjDmcsHvXG5W+CRPAx8N1+cT9Mh86pntQ7=_vQ@mail.gmail.com> <CAK3OfOgrXFeBEx8EWHaxvp7ZtQJ2YAap1myn5BHWKesTMCYEXA@mail.gmail.com> <CADMpkcKTYhNAdNVypGiGu-axNWitLGRKzE3R6Rc81qJ2Jq6_bA@mail.gmail.com> <CAK3OfOiD3RcO2u0v+u1nxtGo31iNY_NorLtMcaCqOr3BxazPXA@mail.gmail.com> <CADMpkcLKaAMGcHmjOQzPqT=6fywgq8fhD9h7gxpvGzM6Esrb7g@mail.gmail.com> <CAK3OfOjk714z8NaMm6EuKkrVPkhHoGGwvytjA9zL1x_3=AMJ3g@mail.gmail.com>
Date: Mon, 05 May 2014 23:13:46 +0200
Message-ID: <CADMpkc+1iwE1Sy2R+ZGeZ-uiF4SHVx30HGeMU6ixVyGzrRt3=A@mail.gmail.com>
From: Bodo Moeller <bmoeller@acm.org>
To: Nico Williams <nico@cryptonector.com>
Content-Type: multipart/alternative; boundary="20cf303a2edf5942be04f8ad9b16"
X-Provags-ID: V02:K0:37xKjOgCPohn3sjb96lCxiYIuwe2cu5RKRfwwX6+6g/ x2kWCoz/zzCA0Ptol56RIxNtMWMdVkeTJ2BA3wj6/MvP5iQMQc 7MyAm/zPjvwUmyXo0OcPyZm7WTWjZEdTrSvN965gAfL09D+fhD UcLs5omjyjuHpmiX0r/MYe3FKhEl8V/S+7z9XgraO9woZIOD87 NYxT8IW1OwDLaJ7AcBgCSTRC44VwRVZBplMfv840F3B4Sa9le+ gpQcUX0sR4TlfzIEMqKi4Jj+z62q7TMlswEFjQ2gBkovJ74+GT ZlMOBCVqhVNEqKgsqEm5tY39mpgb484EYBZR4W4FpE/19hfG0n D3Jy1PlVERQpsNChvHYbO43YEXntt/aHNgozPocjOhBkiLpRHW bjOnWHJw7g9ngnNBxqXfSG/xIK51A2XXuWugTF/rTHZz1wg6qe pbWTz
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/JxiO0Ev46RUrx6-oClHXHMptNWA
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Triple Handshake Fix.
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 May 2014 21:13:52 -0000
> > > We all need resumption fixed, and we're getting pretty good at > deploying new TLS implementations (because goto fail bug, because > heartbleed). Well, these examples have fixes that you can just roll out fully on whatever system you control without causing any disruption by doing so, other than potentially to attackers: with these, there's no penalty for moving first. (2), unfortunately, isn't that easy.
- [TLS] Triple Handshake Fix. Adam Langley
- Re: [TLS] Triple Handshake Fix. Alfredo Pironti
- Re: [TLS] Triple Handshake Fix. Yngve N. Pettersen
- Re: [TLS] Triple Handshake Fix. Nico Williams
- Re: [TLS] Triple Handshake Fix. Martin Rex
- Re: [TLS] Triple Handshake Fix. Martin Thomson
- Re: [TLS] Triple Handshake Fix. Geoffrey Keating
- Re: [TLS] Triple Handshake Fix. Nico Williams
- Re: [TLS] Triple Handshake Fix. Watson Ladd
- Re: [TLS] Triple Handshake Fix. Bodo Moeller
- Re: [TLS] Triple Handshake Fix. Bodo Moeller
- Re: [TLS] Triple Handshake Fix. Karthik Bhargavan
- Re: [TLS] Triple Handshake Fix. Karthik Bhargavan
- Re: [TLS] Triple Handshake Fix. Geoffrey Keating
- Re: [TLS] Triple Handshake Fix. Nico Williams
- Re: [TLS] Triple Handshake Fix. Bodo Moeller
- Re: [TLS] Triple Handshake Fix. Nico Williams
- Re: [TLS] Triple Handshake Fix. Martin Thomson
- Re: [TLS] Triple Handshake Fix. Bodo Moeller
- Re: [TLS] Triple Handshake Fix. Bodo Moeller
- Re: [TLS] Triple Handshake Fix. Nico Williams
- Re: [TLS] Triple Handshake Fix. Bodo Moeller
- Re: [TLS] Triple Handshake Fix. Watson Ladd
- Re: [TLS] Triple Handshake Fix. Nico Williams
- Re: [TLS] Triple Handshake Fix. Bodo Moeller