Re: [TLS] I-D ACTION:draft-ietf-tls-renegotiation-03.txt
"Robert Dugal" <rdugal@certicom.com> Wed, 06 January 2010 13:26 UTC
Return-Path: <rdugal@certicom.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 4BF0C3A68B0 for <tls@core3.amsl.com>; Wed, 6 Jan 2010 05:26:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.203
X-Spam-Level:
X-Spam-Status: No, score=-5.203 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WygafQ846GOk for <tls@core3.amsl.com>; Wed, 6 Jan 2010 05:26:40 -0800 (PST)
Received: from mhs04ykf.rim.net (mhs04ykf.rim.net [216.9.243.82]) by core3.amsl.com (Postfix) with ESMTP id 1A8463A6858 for <tls@ietf.org>; Wed, 6 Jan 2010 05:26:39 -0800 (PST)
X-AuditID: 0a666446-b7b7dae000004389-37-4b448f8c5f5d
Received: from XCH38YKF.rim.net ( [10.64.31.208]) by mhs04ykf.rim.net (RIM Mail) with SMTP id 93.B1.17289.C8F844B4; Wed, 6 Jan 2010 08:26:36 -0500 (EST)
Received: from XCH57YKF.rim.net ([10.64.31.54]) by XCH38YKF.rim.net with Microsoft SMTPSVC(6.0.3790.3959); Wed, 6 Jan 2010 08:26:36 -0500
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
content-transfer-encoding: quoted-printable
X-MimeOLE: Produced By Microsoft Exchange V6.5
Date: Wed, 06 Jan 2010 08:26:01 -0500
Message-ID: <7E1DF37F1F42AB4E877E492C308E6AC4031E5E9D@XCH57YKF.rim.net>
In-Reply-To: <20100105233002.07C2A3A67EF@core3.amsl.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [TLS] I-D ACTION:draft-ietf-tls-renegotiation-03.txt
Thread-Index: AcqOXwL3/OF/zdv7Sy2k5caVyuPHAQAdHmSw
References: <20100105233002.07C2A3A67EF@core3.amsl.com>
From: Robert Dugal <rdugal@certicom.com>
To: tls@ietf.org
X-OriginalArrivalTime: 06 Jan 2010 13:26:36.0557 (UTC) FILETIME=[DF174BD0:01CA8ED3]
X-Brightmail-Tracker: AAAAAQAAAZE=
Subject: Re: [TLS] I-D ACTION:draft-ietf-tls-renegotiation-03.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Jan 2010 13:26:41 -0000
In Section 3.2 For ClientHellos which are renegotiating, this field contains the "client_verify_data" specified in Section 3.2. I think this should be a reference to Section 3.1 -- Robert Dugal Senior Software Developer Certicom Corp. A Subsidiary of Research In Motion rdugal@certicom.com direct 905.501.3848 fax 905.507.4230 www.certicom.com -----Original Message----- From: tls-bounces@ietf.org [mailto:tls-bounces@ietf.org] On Behalf Of Internet-Drafts@ietf.org Sent: Tuesday, January 05, 2010 6:30 PM To: i-d-announce@ietf.org Cc: tls@ietf.org Subject: [TLS] I-D ACTION:draft-ietf-tls-renegotiation-03.txt A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Transport Layer Security Working Group of the IETF. Title : Transport Layer Security (TLS) Renegotiation Indication Extension Author(s) : E. Rescorla, N. Oskov, M. Ray, S. Dispensa Filename : draft-ietf-tls-renegotiation-03.txt Pages : 14 Date : 2010-1-5 SSL and TLS renegotiation are vulnerable to an attack in which the attacker forms a TLS connection with the target server, injects content of his choice, and then splices in a new TLS connection from a client. The server treats the client's initial TLS handshake as a renegotiation and thus believes that the initial data transmitted by the attacker is from the same entity as the subsequent client data. This specification defines a TLS extension to cryptographically tie renegotiations to the TLS connections they are being performed over, thus preventing this attack. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-tls-renegotiation-03.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --------------------------------------------------------------------- This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.
- [TLS] I-D ACTION:draft-ietf-tls-renegotiation-03.… Internet-Drafts
- Re: [TLS] I-D ACTION:draft-ietf-tls-renegotiation… Robert Dugal