Re: [TLS] ServerHello layout in TLS 1.3
Dave Garrett <davemgarrett@gmail.com> Sun, 13 December 2015 00:15 UTC
Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A78B41ACC87 for <tls@ietfa.amsl.com>; Sat, 12 Dec 2015 16:15:03 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QuZcj3P_-f8g for <tls@ietfa.amsl.com>; Sat, 12 Dec 2015 16:15:01 -0800 (PST)
Received: from mail-qg0-x230.google.com (mail-qg0-x230.google.com [IPv6:2607:f8b0:400d:c04::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 979F31AC447 for <tls@ietf.org>; Sat, 12 Dec 2015 16:15:01 -0800 (PST)
Received: by qgew101 with SMTP id w101so21957984qge.2 for <tls@ietf.org>; Sat, 12 Dec 2015 16:15:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-type:content-transfer-encoding:message-id; bh=TYO1kjtk9GG+zZomjB3mlONTWK6Q+d6Mmk5u/XeoARU=; b=AIhL/yz1kynUjf370EuUFl9E5iGCOhMCaAhN0Zqg+k0U0Oqjs/AsJccmwqZdxMLmT2 3BpcSSXEXrar/+ksZE6i0N53cw3pevW8zbbC+zfEkWkE0sXLdHLzmbCsFYI90RrSmtxz +rPV5FdMEJ3vKNXnURemdHa5nVb5sAMQGxOpuLNZ7Oe/XkaZ7eIxT9fGSbr7xBNCX2dN WQS1I7S4xFFFxjntlgJEfdfAEHIqneURS2nTuABH49qcmNzqeQtKHe1s23rz53OP5lqx CAW1StHtBlAlwIL2KuH/PKiUcxpl3A4LY/HP/ShfMSgRdz1bnI6DKGlI4+IRpvOujZj/ Pz8w==
X-Received: by 10.140.236.211 with SMTP id h202mr23769847qhc.7.1449965700828; Sat, 12 Dec 2015 16:15:00 -0800 (PST)
Received: from dave-laptop.localnet (pool-72-94-152-197.phlapa.fios.verizon.net. [72.94.152.197]) by smtp.gmail.com with ESMTPSA id g63sm11078415qgd.5.2015.12.12.16.14.59 (version=TLS1 cipher=AES128-SHA bits=128/128); Sat, 12 Dec 2015 16:14:59 -0800 (PST)
From: Dave Garrett <davemgarrett@gmail.com>
To: tls@ietf.org
Date: Sat, 12 Dec 2015 19:14:58 -0500
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
References: <566C0E25.5080703@mehnert.org> <CABcZeBPVMc9474149xQq5KkJc8N+FXfeqMZsgusiubDL2SE+Lw@mail.gmail.com>
In-Reply-To: <CABcZeBPVMc9474149xQq5KkJc8N+FXfeqMZsgusiubDL2SE+Lw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-Id: <201512121914.58569.davemgarrett@gmail.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/Sg9xuoTM3tVEGKvKv-kPdH0oc6I>
Subject: Re: [TLS] ServerHello layout in TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Dec 2015 00:15:03 -0000
On Saturday, December 12, 2015 03:28:01 pm Eric Rescorla wrote: > On Sat, Dec 12, 2015 at 4:08 AM, Hannes Mehnert <hannes@mehnert.org> wrote: > > while implementing the TLS 1.3 draft, I came across the modified > > ServerHello message - it does neither contain a SessionID nor a > > CompressionMethod field. This makes code which supports both TLS 1.3 > > and earlier versions more complicated*: a client sending out a > > ClientHello does not know which protocol version the server is willing > > to talk. > > > > Thus, depending on the protocol version inside of the server hello, the > > remainder of the packet needs to be parsed. > > > > I'm not sure whether it is worth to safe two bytes (empty SessionID and > > NULL CompressionMethod) to introduce such an intrinsic dependency. > > > > Is there a reason behind this change, apart from cleanup? > > I'm not aware of ay reason besides cleanup. I don't feel strongly > about the current state. Leaving cruft around increases risk of mistakes; if you leave in obsolete fields when they're not needed anymore, a dumb implementation might accidentally use it or be tricked into doing so by an attacker. That said, the world will not end if yet more kludgy placeholders are needed. I'd prefer to avoid that if at all possible, though. Dave
- [TLS] ServerHello layout in TLS 1.3 Hannes Mehnert
- Re: [TLS] ServerHello layout in TLS 1.3 Eric Rescorla
- Re: [TLS] ServerHello layout in TLS 1.3 Dave Garrett