Re: [TLS] Last Call: <draft-ietf-tls-downgrade-scsv-03.txt> (TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks) to Proposed Standard

Colm MacCárthaigh <colm@allcosts.net> Sun, 18 January 2015 20:32 UTC

Return-Path: <colm@allcosts.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE3B61ACE17 for <tls@ietfa.amsl.com>; Sun, 18 Jan 2015 12:32:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.678
X-Spam-Level:
X-Spam-Status: No, score=-1.678 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mggX_0Mrm9o9 for <tls@ietfa.amsl.com>; Sun, 18 Jan 2015 12:32:53 -0800 (PST)
Received: from mail-ob0-f171.google.com (mail-ob0-f171.google.com [209.85.214.171]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 01CB51ACE10 for <tls@ietf.org>; Sun, 18 Jan 2015 12:32:53 -0800 (PST)
Received: by mail-ob0-f171.google.com with SMTP id va2so16173247obc.2 for <tls@ietf.org>; Sun, 18 Jan 2015 12:32:52 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=/qDXqQV480N85UppqKbkErudLi9P9Yoev62pcaEh/Fc=; b=iW8wjPeNJkj9OghaTJ7cd3XN7RrHegApaf5noylUMJozJWGOT+QWz/vqOrwWhEhU3o 5wDmPhtfhgA9hNGEhjDrtQQMOop2j3wgzUrJSkbh8+ymvI3T8X4NUjxYxg9z+ixKaDkp E+Ik/MRgooVkQpkxUFAUF9T78cwm6wySzEwdrfKazJA0WBVaY5dzA8h1tA0XOeTW8rPL uaKy/gKA4M7yAOjuDlesjXbI4DYmvi6/mOxs1iLWYlvkA6aY/t3fqE7+F2COOScpISdX RhyLYu/uOYwtrPuIG3zzqkJXyyXtYoyjxIPVMDoh/ty+jndvH+o1usrM9n0JexVZiyZj 23BQ==
X-Gm-Message-State: ALoCoQlLwpBwStmtgehLjdDTcRxaPFwkTojdqpJA67myw0AnVEMaspDccX2Lrdp9grnCvJUFwBTy
MIME-Version: 1.0
X-Received: by 10.202.228.9 with SMTP id b9mr6813953oih.40.1421613172272; Sun, 18 Jan 2015 12:32:52 -0800 (PST)
Received: by 10.76.129.235 with HTTP; Sun, 18 Jan 2015 12:32:52 -0800 (PST)
In-Reply-To: <20150109180539.22231.7270.idtracker@ietfa.amsl.com>
References: <20150109180539.22231.7270.idtracker@ietfa.amsl.com>
Date: Sun, 18 Jan 2015 12:32:52 -0800
Message-ID: <CAAF6GDd=U6a6bV6dRmcJVj72Z9jk9kTY0q8zmeM4pqd7Zupu=Q@mail.gmail.com>
From: Colm MacCárthaigh <colm@allcosts.net>
To: ietf@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/MsCYkRzt7IWXejLwBay4eJQJVE0>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Last Call: <draft-ietf-tls-downgrade-scsv-03.txt> (TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks) to Proposed Standard
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Jan 2015 20:32:54 -0000

On Fri, Jan 9, 2015 at 10:05 AM, The IESG <iesg-secretary@ietf.org> wrote:
>
> The IESG has received a request from the Transport Layer Security WG
> (tls) to consider the following document:
> - 'TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing
>    Protocol Downgrade Attacks'
>   <draft-ietf-tls-downgrade-scsv-03.txt> as Proposed Standard
>
> The IESG plans to make a decision in the next few weeks, and solicits
> final comments on this action. Please send substantive comments to the
> ietf@ietf.org mailing lists by 2015-01-23. Exceptionally, comments may be
> sent to iesg@ietf.org instead. In either case, please retain the
> beginning of the Subject line to allow automated sorting.

+1 on making this document a standard.

The mechanism seems sensible and pragmatic.  I have implemented the
mechanism on the server side and the document was clear and helpful;
it took only a few minutes.

I'm not clear on how the IANA process works, but if the document
progresses to RFC (in any status); it'd be great if the existing
extension number and alert values were to remain the same.

-- 
Colm