Re: [TLS] Version negotiation, take two

Benjamin Kaduk <> Thu, 15 September 2016 17:14 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id DE2CC12B154 for <>; Thu, 15 Sep 2016 10:14:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.208
X-Spam-Status: No, score=-4.208 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 1V6seldtRmY0 for <>; Thu, 15 Sep 2016 10:14:00 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 9C26C12B7D8 for <>; Thu, 15 Sep 2016 09:51:32 -0700 (PDT)
Received: from (localhost.localdomain []) by postfix.imss70 (Postfix) with ESMTP id D908D433429; Thu, 15 Sep 2016 16:51:31 +0000 (GMT)
Received: from ( []) by (Postfix) with ESMTP id BE079433404; Thu, 15 Sep 2016 16:51:31 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=a1; t=1473958291; bh=ynYIhNbidiN90wHIg63tKaxMAgdQB8gtaq+07HhP+VU=; l=2407; h=To:References:Cc:From:Date:In-Reply-To:From; b=wxtPIT5yVqojo/uvvtxFBUY88cC2G5Iym0dyfKIcFo66kCA7NR5pxDSmho7r4+jym CxTX+1IfOS8/G4XA7RaZruuXBdz0ivrjpDKyz8cMw9VdjJt6hWw4KlnxaiLA1kIg6m gfsZFaRC+SS2xo83B0QMHfUG28VssznVj8zVu4Tc=
Received: from [] ( []) by (Postfix) with ESMTP id 90EDB1FC86; Thu, 15 Sep 2016 16:51:31 +0000 (GMT)
To: Andrei Popov <>
References: <> <> <> <> <>
From: Benjamin Kaduk <>
X-Enigmail-Draft-Status: N1110
Message-ID: <>
Date: Thu, 15 Sep 2016 11:51:31 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/alternative; boundary="------------221CE10A44E4B66D3EEA6FC8"
Archived-At: <>
Cc: "" <>
Subject: Re: [TLS] Version negotiation, take two
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 15 Sep 2016 17:14:03 -0000

On 09/14/2016 02:02 PM, Andrei Popov wrote:
> Basically, I don't feel strongly about the switch to the proposed version negotiation mechanism. But if we are going to make this change based on the theory of having only one extension point and actively defending it, then we should probably follow the theory and send a separate TLS extension per TLS version.

To me, the (ordered) list of client supported versions in a single
extension feels more intuitively natural, so I want to try harder to
understand the reasoning that leads you to prefer a separate extension
for each version.  Is it just that doing an additional "negotiation"
within the extension body constitutes another extension point that we
would have to actively defend, or is there something else about what a
TLS extension is philosophically supposed to indicate?