Re: [TLS] One approach to rollback protection

Martin Rex <> Tue, 27 September 2011 00:30 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id DA07E21F8E4F for <>; Mon, 26 Sep 2011 17:30:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -10.054
X-Spam-Status: No, score=-10.054 tagged_above=-999 required=5 tests=[AWL=0.195, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-8]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 9qEmIceEfhFt for <>; Mon, 26 Sep 2011 17:30:28 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id EA06321F8E38 for <>; Mon, 26 Sep 2011 17:30:27 -0700 (PDT)
Received: from by (26) with ESMTP id p8R0XA9Z002453 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 27 Sep 2011 02:33:10 +0200 (MEST)
From: Martin Rex <>
Message-Id: <>
To: (Eric Rescorla)
Date: Tue, 27 Sep 2011 02:33:10 +0200 (MEST)
In-Reply-To: <> from "Eric Rescorla" at Sep 26, 11 04:53:22 pm
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
X-SAP: out
Subject: Re: [TLS] One approach to rollback protection
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 27 Sep 2011 00:30:31 -0000

Eric Rescorla wrote:
> P.S. Yes, I know this is a big stinking hack.

We've been seeing a significant delay in adoption of TLSv1.1.
So while it might smell like a dirty hack to some, I think it is a
reasonable approach to ease the transition pain for the installed base.

As it turned out, the TLS cipher suites were the only protocol extensibility
that had been really interop tested from the beginning, probably because the
list of cipher suites was already quite long when Netscape brought
SSLv3 to the IETF for standardization and most new implementors
started interop testing with much fewer cipher suites in their
initial implementations.

If you look at slowly IPv6 adoption is progressing, it looks like they
do not have enough "dirty hacks" in place yet.  :-]