Re: [TLS] Updated draft
Michael D'Errico <mike-list@pobox.com> Fri, 18 December 2009 19:24 UTC
Return-Path: <mike-list@pobox.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A215C3A6890 for <tls@core3.amsl.com>; Fri, 18 Dec 2009 11:24:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.532
X-Spam-Level:
X-Spam-Status: No, score=-3.532 tagged_above=-999 required=5 tests=[AWL=1.067, BAYES_00=-2.599, GB_I_INVITATION=-2]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2DUuna1Vi-cI for <tls@core3.amsl.com>; Fri, 18 Dec 2009 11:24:16 -0800 (PST)
Received: from sasl.smtp.pobox.com (a-pb-sasl-sd.pobox.com [64.74.157.62]) by core3.amsl.com (Postfix) with ESMTP id 2E6833A6ABF for <tls@ietf.org>; Fri, 18 Dec 2009 11:24:16 -0800 (PST)
Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-sd.pobox.com (Postfix) with ESMTP id E64EAA8588 for <tls@ietf.org>; Fri, 18 Dec 2009 14:24:00 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=message-id :date:from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; s=sasl; bh=4zgqQCJiltlR PKui7YVWrPQDNAc=; b=IHwojz6wQxacoI6g/d4vHgd4oa0pwzgKtHkNdV8SVuBk qrFeYNGWpJQ2CDMHgOiWbvYUu+tE96Wxx56/MHgX4S9lfOctc+9/q82z1jJnQ6k0 wQ5VPDcgyOGIVhMGFwWvBed2aiERJ6WA9CAh5awMFV5ruInEMcVg9mgRZ2+F5e4=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=message-id:date :from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; q=dns; s=sasl; b=NIwlXN P0X6T2Bx7VnYRP4ghO+l1lhlRiSK5gzQ41S4EpHjhLnewuCdVRHzOJVMAakPq5W+ Y4ozrR2RFku35jPdGNNAISzhlI4Kh2VYXiv5JV0l4pfSiuerOz/zTvs8ATl6MtpP rNS+I9xvaEwpjd5B1E0x2Q6SBqpDJeamukg0Y=
Received: from a-pb-sasl-sd.pobox.com (unknown [127.0.0.1]) by a-pb-sasl-sd.pobox.com (Postfix) with ESMTP id E2468A8587 for <tls@ietf.org>; Fri, 18 Dec 2009 14:24:00 -0500 (EST)
Received: from administrators-macbook-pro.local (unknown [24.234.114.35]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by a-pb-sasl-sd.pobox.com (Postfix) with ESMTPSA id 5DEE3A8586 for <tls@ietf.org>; Fri, 18 Dec 2009 14:24:00 -0500 (EST)
Message-ID: <4B2BD73D.4050702@pobox.com>
Date: Fri, 18 Dec 2009 11:25:49 -0800
From: Michael D'Errico <mike-list@pobox.com>
User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812)
MIME-Version: 1.0
To: TLS Mailing List <tls@ietf.org>
References: <20091216213202.C5CC26C82B8@kilo.networkresonance.com> <4B2A73C7.7030505@pobox.com> <7E1DF37F1F42AB4E877E492C308E6AC402EEEAF1@XCH57YKF.rim.net> <4B2B94C0.7080302@extendedsubset.com> <7E1DF37F1F42AB4E877E492C308E6AC402EEEC63@XCH57YKF.rim.net> <4B2BAFAC.9020501@extendedsubset.com>
In-Reply-To: <4B2BAFAC.9020501@extendedsubset.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Pobox-Relay-ID: E5518922-EC0A-11DE-9F3D-B34DBBB5EC2E-38729857!a-pb-sasl-sd.pobox.com
Subject: Re: [TLS] Updated draft
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Dec 2009 19:24:18 -0000
A limousine pulls up in front of a busy nightclub in LA. A well-dressed couple emerge and approach the entrance. The bouncer greets them with a smile and says, "you two arrived in a Swanky Comfortable Stretch Vehicle; you must be very important, so please go right on in." Later, a beat-up Buick with one headlight out pulls up in front of the club. After tipping the valet, the driver approaches the entrance to the bar. The bouncer puffs his chest and stops the man from entering. "Where do you think you're going?" he asks. The man pulls something out of his pocket and shows it to the bouncer. "Oh, you have an invitation to the party; you must be Really Important, my apologies." Soon another limousine arrives and a Hollywood starlet gets out. When she reaches the bouncer, she hands him her invitation to the party. "Here you are, darling -- my invitation." "I'm sorry, but I can't let you in," replies the bouncer, "you are apparently Really Important, but you arrived in a Swanky Comfortable Stretch Vehicle, so I can't let you in." "Of all the.... I demand to speak to your manager, what is your name?" "My name is Xor, madam. May I suggest you ditch the limo and come back in a less- fancy car? We'll reconnect then, and I'll let you in." Mike Marsh Ray wrote: > Robert Dugal wrote: >> Oops, you're right. I misstated what I'd like the draft to allow. >> What I'd like is the option to always send the SCSV in the >> ClientHello and on renegotiation requests send the SCSV + RI >> extension in the ClientHello. > > That certainly sounds like a reasonably minor change to make...but it isn't. > > I don't recall seeing anyone propose wording changes that would allow > such behavior, except in the context of the other proposals which are > fundamentally different in that they modify the inputs to the PRF. It's > possible that some concrete wording was suggested and is in one of the > 1340 emails in my TLS folder. > > Currently, the SCSV achieves its primary objective with a very simple > definition. It has "exactly the same semantics as an empty > 'renegotiation_info' extension". > > IMHO, proponents of other semantics for SCSV should be able to produce > an equally straightforward description of what they are, or show > something truly magical to justify complicating the description. Saving > an 'if' statement somewhere, partially fixing a multiply-broken > scenario, or avoiding extensions handling in some non-general case don't > sound like they justify the extra complexity. > > Personally, I'd prefer that we don't propose (and re-propose) design > features at this point. We have to ship a fix for this open security > vulnerability, and I think the current design is squarely in the "good > enough" department. I.e. it fixes the problem and doesn't make anything > else significantly worse. > > If anyone sees a security flaw or attack against a correct > implementation of draft-ietf-tls-renegotiation-02, please please speak up. > > - Marsh
- [TLS] Updated draft Eric Rescorla
- Re: [TLS] Updated draft Michael D'Errico
- Re: [TLS] Updated draft Robert Dugal
- Re: [TLS] Updated draft Marsh Ray
- Re: [TLS] Updated draft Robert Dugal
- Re: [TLS] Updated draft Eric Rescorla
- Re: [TLS] Updated draft Martin Rex
- Re: [TLS] Updated draft Marsh Ray
- Re: [TLS] Updated draft Martin Rex
- Re: [TLS] Updated draft Michael D'Errico
- Re: [TLS] Updated draft Stephen Farrell
- Re: [TLS] Updated draft Martin Rex
- Re: [TLS] Updated draft Martin Rex
- Re: [TLS] Updated draft Marsh Ray
- Re: [TLS] Updated draft Martin Rex
- Re: [TLS] Updated draft Michael D'Errico
- [TLS] SCSV vs RI when both specified. Was: Update… Marsh Ray
- Re: [TLS] SCSV vs RI when both specified. Was: Up… Martin Rex
- [TLS] Apologies Martin Rex
- Re: [TLS] Updated draft - editorial tom.petch
- Re: [TLS] Updated draft tom.petch
- Re: [TLS] Updated draft Marsh Ray
- Re: [TLS] Updated draft tom.petch
- Re: [TLS] Updated draft: Minor Edits peter.robinson