IETF Logo Mail Archive

Re: [TLS] judging consensus on keys used in handshake and data messages

Eric Rescorla <ekr@rtfm.com> Thu, 07 July 2016 00:39 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3F88812B054 for <tls@ietfa.amsl.com>; Wed, 6 Jul 2016 17:39:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bpoom0VT0J0L for <tls@ietfa.amsl.com>; Wed, 6 Jul 2016 17:39:44 -0700 (PDT)
Received: from mail-yw0-x22a.google.com (mail-yw0-x22a.google.com [IPv6:2607:f8b0:4002:c05::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 59AA012B00D for <tls@ietf.org>; Wed, 6 Jul 2016 17:39:44 -0700 (PDT)
Received: by mail-yw0-x22a.google.com with SMTP id l125so2340745ywb.2 for <tls@ietf.org>; Wed, 06 Jul 2016 17:39:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=VUECvPz3QWcKikUKteQxVnUqlSE3PRRQ+hpsRPnphzc=; b=CImGjBRc+YWJM8pqFMw9lUpit/tnLh2K329ajc2Wyq6VWtGLuVU7xKmHqnOl0gC1s7 EgpvIO5wDLLrop467Fn2ujCBxNG5rHtKORiMJ5M9Kc30mmMnMBf3Bang2JHaiYiCRFEq /V8J3qoocw6tmny6aLuxmUBkH5GEEAKOOsZlThvrzB92EHJ9UZXlRyvBUYVDbmiTAEYn XVd8N1p5yFGQP++FJGtbgug1mJG7Q1BpZCG9MiiYZauN9/DlkwFiDNiW4iBWfzn1I2Uo rF4R2KAB3yj1aKCTQvq2u01U6+N7nYi8FCekgFjnlK7gXRsnrfWuYtt0D+ciuFicL/J+ KJAw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=VUECvPz3QWcKikUKteQxVnUqlSE3PRRQ+hpsRPnphzc=; b=Or2rsFR2TYipRBfgXSpTS3MGmBWlz/s6vT1DzYayYD7/UHSo6if9nxDjJ2iSDImd39 H7QKYG6P0GfTELvcbiE97qO8jP/giZwngal2mD/BP22OzSFQJHcfvWuzYwlhQ7VHviTK /3BvlZksIeNejekPVijHml4Cq1RcGtq3Pl8QvSjgLBQoGPrQ0SZZ7RYgLcmVs9meKmal F51lR4EF1RlHUlXE4+dknE81Mdg/KSstzPbUgWU4URZPVUnSnlUGr34JtUfVktCU/wym JV/+U8aM+x4noZfCSZuJKyWb8gvap6+kHFSvU9a0kGfXParAf6h5QKmehdY21Htwi+Xi 9qlg==
X-Gm-Message-State: ALyK8tID26OuyBiWzKXduViSOwl4hbVEXrsQTx/2eCnK4jQV8U3at8VCy7kwwysjoPb1/BuQxGP3iTsgvuo0JQ==
X-Received: by 10.13.199.68 with SMTP id j65mr18076313ywd.289.1467851983562; Wed, 06 Jul 2016 17:39:43 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.129.132.211 with HTTP; Wed, 6 Jul 2016 17:39:04 -0700 (PDT)
In-Reply-To: <201607062024.46745.davemgarrett@gmail.com>
References: <CAOgPGoA2RmAUMR=4bOOwepSSdrJ2tUGD1B+hieQzZaRVnwXo=A@mail.gmail.com> <A2C29D69-FF97-4C16-941B-87C0022C6362@gmail.com> <CAF8qwaC+iXoJ_Z9xuB4UqR4-7EmXUmr2pRRcBDxtDP-eZ8LzAg@mail.gmail.com> <201607062024.46745.davemgarrett@gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Wed, 06 Jul 2016 17:39:04 -0700
Message-ID: <CABcZeBO_Nh_u+++wOqH68j3mNfkM3A+W+4ZR7-J0ciV0-4q1KA@mail.gmail.com>
To: Dave Garrett <davemgarrett@gmail.com>
Content-Type: multipart/alternative; boundary="001a114dfc4a105bf0053700ec5f"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/L3hGwa6PwYQOcRdNshjfY6DtFFg>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] judging consensus on keys used in handshake and data messages
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jul 2016 00:39:46 -0000

On Wed, Jul 6, 2016 at 5:24 PM, Dave Garrett <davemgarrett@gmail.com> wrote:

> On Wednesday, July 06, 2016 06:19:29 pm David Benjamin wrote:
> > I'm also curious which post-handshake messages are the problem. If we
> were
> > to rename "post-handshake handshake messages" to "post-handshake bonus
> > messages" with a distinct bonus_message record type, where would there
> > still be an issue? (Alerts and application data share keys and this seems
> > to have been fine.)
>
> Recasting all the post-handshake handshake messages as not something named
> "handshake" does make a degree of sense, on its own. (bikeshedding: I'd
> name it something more descriptive like "secondary negotiation" messages or
> something, though.) Even if this doesn't directly help with the issue at
> hand here, does forking these into a new ContentType sound like a useful
> move, in general?


I'm not sure what this would accomplish.

-Ekr


>
>
> Dave
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

v2.23.0 | Report a Bug | By Email