Re: [TLS] CCS and key reset and renegotiation

Paul Lambert <paul@marvell.com> Fri, 06 June 2014 15:48 UTC

Return-Path: <paul@marvell.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89A181A0037 for <tls@ietfa.amsl.com>; Fri, 6 Jun 2014 08:48:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.267
X-Spam-Level:
X-Spam-Status: No, score=-2.267 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zyv5fIp2_tCp for <tls@ietfa.amsl.com>; Fri, 6 Jun 2014 08:48:11 -0700 (PDT)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 27C471A0039 for <tls@ietf.org>; Fri, 6 Jun 2014 08:48:10 -0700 (PDT)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.14.5/8.14.5) with SMTP id s56FlwuC004113; Fri, 6 Jun 2014 08:47:58 -0700
Received: from sc-owa04.marvell.com ([199.233.58.150]) by mx0b-0016f401.pphosted.com with ESMTP id 1madcs7bkj-11 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Fri, 06 Jun 2014 08:47:58 -0700
Received: from SC-vEXCH2.marvell.com ([10.93.76.134]) by SC-OWA04.marvell.com ([fe80::e56e:83a7:9eef:b5a1%16]) with mapi; Fri, 6 Jun 2014 08:47:57 -0700
From: Paul Lambert <paul@marvell.com>
To: "Salz, Rich" <rsalz@akamai.com>, Peter Gutmann <pgut001@cs.auckland.ac.nz>, "<tls@ietf.org>" <tls@ietf.org>
Date: Fri, 6 Jun 2014 08:47:53 -0700
Thread-Topic: [TLS] CCS and key reset and renegotiation
Thread-Index: Ac+Bnq+efi0MdDAPTNaMmiBtZMGcIA==
Message-ID: <CFB729E0.3D084%paul@marvell.com>
References: <9A043F3CF02CD34C8E74AC1594475C738DEC335D@uxcn10-tdc06.UoA.auckland.ac.nz> <2A0EFB9C05D0164E98F19BB0AF3708C7130F434D72@USMBX1.msg.corp.akamai.com>
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C7130F434D72@USMBX1.msg.corp.akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.4.1.140326
acceptlanguage: en-US
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.12.52, 1.0.14, 0.0.0000 definitions=2014-06-06_06:2014-06-06,2014-06-06,1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1402240000 definitions=main-1406060208
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/Ol8V5xiO7c1cNCri98Ntu6Bspz0
Subject: Re: [TLS] CCS and key reset and renegotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jun 2014 15:48:13 -0000


On 6/6/14, 7:46 AM, "Salz, Rich" <rsalz@akamai.com> wrote:

>So, of course, a ladder is a state machine where there's no going
>backward or loops.  That means that it's simpler, right?

Š and incomplete.  The ladder diagram or sequence diagram represents one
possible path through the state transitions.  With enough ladder diagrams
you might cover all the behavior, but this is rarely done.  Often a few
diagrams cover all the interesting Œnormal¹ behavior, but of course the
many error condition behaviors are ignored.

On the down side, state machines are hard to draw in ASCII text in an RFC.

Paul 


>
>Perhaps someone can go to https://www.websequencediagrams.com and sketch
>it out?
>
>	/r$
>
>--  
>Principal Security Engineer
>Akamai Technologies, Cambridge, MA
>IM: rsalz@jabber.me; Twitter: RichSalz
>
>_______________________________________________
>TLS mailing list
>TLS@ietf.org
>https://www.ietf.org/mailman/listinfo/tls