Re: [TLS] TLS 1.3 Problem?

Michael D'Errico <mike-list@pobox.com> Mon, 28 September 2020 04:18 UTC

Return-Path: <mike-list@pobox.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 389363A0D6D for <tls@ietfa.amsl.com>; Sun, 27 Sep 2020 21:18:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.798
X-Spam-Level:
X-Spam-Status: No, score=-2.798 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=pobox.com header.b=JJp5OKUy; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=WC2Ye+e/
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vswWfrP757cq for <tls@ietfa.amsl.com>; Sun, 27 Sep 2020 21:18:48 -0700 (PDT)
Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04E4E3A0D69 for <tls@ietf.org>; Sun, 27 Sep 2020 21:18:47 -0700 (PDT)
Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 212425C0196 for <tls@ietf.org>; Mon, 28 Sep 2020 00:18:47 -0400 (EDT)
Received: from imap21 ([10.202.2.71]) by compute2.internal (MEProxy); Mon, 28 Sep 2020 00:18:47 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pobox.com; h= mime-version:message-id:in-reply-to:references:date:from:to :subject:content-type; s=fm1; bh=IiRsV5eIwTZ4XlxL27hn0dgc/tHJ5MR tn0C40Se5cZA=; b=JJp5OKUyanVDPCdo6mjn8qSBVXLLg18S8n2cP9RiF/fcMv7 5+QItsfBANU5D9ES8OjM6CtQ2WVgQe9icWYXnPmQ59a+xcBAo4qIaZolIIuTc3WJ d9yOydRkMUVZlcuj8AAbKCOm3vF3DoiGtfRod6aQhVbgjkl1Xrznfce8KgweV13r +4mK9UDJ0lyLimL4JpGqYdQuRdbWcXamupobVtywU/jkKU8F5wC1648XQ6TZ0A7X PWoBii6e9bclVdEGGQm22FJbPBShpgTJcWXHWBxcoqpx8ZYPACSb41gu7KBcVK3Q QcFyBoypFHkimeST4PtyAitIlgvFa2yba+a5HQA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=IiRsV5 eIwTZ4XlxL27hn0dgc/tHJ5MRtn0C40Se5cZA=; b=WC2Ye+e/9UNxKoEHHckFY/ yVCr6PirpcrgQIZnUw+2mjmftVePfHS4/xTWP9Wnk/dooUf6voJIsigh6B1tjSf/ AooKQfPbaDXbxmSZyfCDORTxuLwur+642wGL/VODlgPjsPttpv1A6zcbhgR8OxWi odgVutBXHThQ2vYxa2hM9kXBvLdkf4wRuxJUAm3DOUfG0/LQQ7gGhzkiZGd0p2j8 S+94Ypqip/1txTNs2rg1zpCiqQZAW/eqv9Xm1jSzDj6QwjYpv/6X8tD16hyEJ3Kg mgilumBl2EMVOGDex+o5o+uzeoFkyrrmFKmKVgiIy7//aQa+MFOB1L3ip/0T5FDg ==
X-ME-Sender: <xms:JmRxX4O2gCuEGL3OLmD10e_RoDf1GJL8O60zzSNXwj_sQbb9mxyD6Q> <xme:JmRxX--DgUwsOctgNB6-cBrAnTRclMQYc_cut9iB-o2e-JW7lFXEmwfgcrOVtpLO1 6tRUXTsVuQUD6WZgQ>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrvdehgdekvdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkjghffffhvffutgesthdtre dtreertdenucfhrhhomhepfdfoihgthhgrvghlucffkdfgrhhrihgtohdfuceomhhikhgv qdhlihhsthesphhosghogidrtghomheqnecuggftrfgrthhtvghrnhepieejueegheelgf ehtddvueetteefuefgffdvkeehteeutdekffejtedtiefggfdtnecuvehluhhsthgvrhfu ihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepmhhikhgvqdhlihhsthesphhosg hogidrtghomh
X-ME-Proxy: <xmx:JmRxX_Q-Yska3HJ-QlRBM9GR5y_9g07XC7PEvOX3ukoxS64l5dllJw> <xmx:JmRxXwtyN-l7fQMvp0GxqvbLH_ZDE8dcwGNp2sARu6lr8L9xpqwL5w> <xmx:JmRxXwc1eQXY31fcpMGJxN1WD4cofE42PtscPOOGkubv9GqAhfiT7g> <xmx:J2RxX6pOMtew3LaR60zEs5dCiUmZev0s6uNhG39ysa9obix8sKHBxw>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id C013D660069; Mon, 28 Sep 2020 00:18:38 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-355-g3ece53b-fm-20200922.004-g3ece53b9
Mime-Version: 1.0
Message-Id: <5deb07c9-1754-4cf4-9762-1177dd1e2a5f@www.fastmail.com>
In-Reply-To: <76b11b36-db4e-4bac-80e0-96565013c158@www.fastmail.com>
References: <0c31f2d6-5f8e-2fd6-9a1a-08b7902dd135@pobox.com> <CA+_8xu0TvfHkvL0jRsP8+fiXD=7s5CyPK31GhRv9oEnMJQsFFQ@mail.gmail.com> <76b11b36-db4e-4bac-80e0-96565013c158@www.fastmail.com>
Date: Mon, 28 Sep 2020 00:18:09 -0400
From: "Michael D'Errico" <mike-list@pobox.com>
To: tls@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/LnQOgmgX3NrUkeQVzhPjZ56Qfr4>
Subject: Re: [TLS] TLS 1.3 Problem?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Sep 2020 04:18:49 -0000

On Sun, Sep 27, 2020, at 22:28, Michael D'Errico wrote:
> 
> I'm afraid to keep reading....

In section 4, HandshakeType and Handshake are missing the
value for the HelloRetryRequest message.

Oh wait, never mind, it's the same value as ServerHello (?).

Everything appears to be a hack within a hack....

If I hadn't already implemented TLS 1.0..1.2 I'd be completely
lost reading RFC 8446.  In fact I AM completely lost reading it.

There's a mention of stateless HelloRetryRequest where the
server sends a "cookie" containing a hash of the ClientHello.
Is it supposed to rely on the client to echo this back?  What
if it doesn't?  Or it puts in a different value?  Or it gets
modified in transit?  Or it sends an initial ClientHello with a
cookie extension as if it got a HelloRetryRequest?  Am I
worried about nothing here?

OK, time for bed....

Mike