IETF Logo Mail Archive

Re: [TLS] I-D Action: draft-ietf-tls-session-hash-02.txt

Alfredo Pironti <alfredo@pironti.eu> Sun, 02 November 2014 17:30 UTC

Return-Path: <alfredo@pironti.eu>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B6E91A8983 for <tls@ietfa.amsl.com>; Sun, 2 Nov 2014 09:30:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.522
X-Spam-Level:
X-Spam-Status: No, score=0.522 tagged_above=-999 required=5 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5F7kYg9SSRr3 for <tls@ietfa.amsl.com>; Sun, 2 Nov 2014 09:30:53 -0800 (PST)
Received: from mail-oi0-x22b.google.com (mail-oi0-x22b.google.com [IPv6:2607:f8b0:4003:c06::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B59A31A896D for <tls@ietf.org>; Sun, 2 Nov 2014 09:30:53 -0800 (PST)
Received: by mail-oi0-f43.google.com with SMTP id e131so7799435oig.16 for <tls@ietf.org>; Sun, 02 Nov 2014 09:30:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pironti.eu; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=7JAxtqDo/iclym43OaH5gy9PiE3AbNdkzrTCb8OolWs=; b=I8+qmf9vCDCekEICoDAEm1m459oyGrhBXXeDK0B8Dh+fxkGMZuYEVAGFFaMvbdk3Tv /fsK8rix3L/AvqX+SXuEcgjcoj/oS068xGytDMBBkzQ4VTRipoeYlgQgCmvXGq4jsHi7 0Q1DJwiJ/6P0V7PuTm3eBFsRFEZYeIGge617Y=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=7JAxtqDo/iclym43OaH5gy9PiE3AbNdkzrTCb8OolWs=; b=K/a/z7dBem7iXtSNPgeCH8GJvWpzrWZqgPAKtD9+nh/WZ7AWw0zM67D8DAqADenyoc aVhbCDoVmoMpjTRgTxdCNWLzQnVNYkL0unC4v3Gwe6F7ZiA6Wl27LmbDFe665NNBgZZX i5SNqhBH4H4toFjw5lp4vz7KRT19LcWLqt/h1I47WvSnRlawufssj4bhJCEK1kOvd84f /lT7uEpj8vJqPSQnYBG+2blfdYQSdCogCfZyt+ap06lMbechVjsAwKLsDADBBxnC1Njj l8BqLHZKyICYaG5FZXyJiDUcKcAXHY5tc9/Nshez1PK7Ta93LWhZyZL6sfAIwJg202Fx AB8g==
X-Gm-Message-State: ALoCoQlkGUFU89nipFeDM/2BwaJlQPRmvwzIzcmxNSqrrAzasAsKGQnccAo3pw4QgBN3hyieXN3z
MIME-Version: 1.0
X-Received: by 10.60.160.33 with SMTP id xh1mr2343052oeb.57.1414949452887; Sun, 02 Nov 2014 09:30:52 -0800 (PST)
Received: by 10.76.84.65 with HTTP; Sun, 2 Nov 2014 09:30:52 -0800 (PST)
X-Originating-IP: [82.224.193.99]
In-Reply-To: <20141006131625.5451.13842.idtracker@ietfa.amsl.com>
References: <20141006131625.5451.13842.idtracker@ietfa.amsl.com>
Date: Sun, 02 Nov 2014 18:30:52 +0100
Message-ID: <CALR0uiKZbK=UDBkccGDLv39gYa4y9Yg87YEHz69s9aiF1RmaSw@mail.gmail.com>
From: Alfredo Pironti <alfredo@pironti.eu>
To: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="089e010d8d8483ce4d0506e39721"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/UZVNl2meucG1g6lF8P4MMsmF3mc
Subject: Re: [TLS] I-D Action: draft-ietf-tls-session-hash-02.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Nov 2014 17:30:55 -0000

Dear list,

I've updated the session-hash and extended master secret draft, according
to the feedback received on this mailing list and at the latest interim
meeting in Paris. With respect to the previous version, I've made the
following changes:

- removed support for SSL 3.0
- populated the "security considerations" section
- minor editorial improvements

As the I-D submission tool is unavailable now, I've made a copy of
draft-ietf-tls-session-hash-03.txt available at [1]. The link will become
invalid as soon as the draft will be pushed on the IETF servers.

Best,
Alfredo

[1]
https://owncloud.pironti.eu/public.php?service=files&t=ffff684c90daea4a7b2327647e000d75&download

On Mon, Oct 6, 2014 at 3:16 PM, <internet-drafts@ietf.org> wrote:

>
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
>  This draft is a work item of the Transport Layer Security Working Group
> of the IETF.
>
>         Title           : Transport Layer Security (TLS) Session Hash and
> Extended Master Secret Extension
>         Authors         : Karthikeyan Bhargavan
>                           Antoine Delignat-Lavaud
>                           Alfredo Pironti
>                           Adam Langley
>                           Marsh Ray
>         Filename        : draft-ietf-tls-session-hash-02.txt
>         Pages           : 9
>         Date            : 2014-10-06
>
> Abstract:
>    The Transport Layer Security (TLS) master secret is not
>    cryptographically bound to important session parameters such as the
>    client and server identities.  Consequently, it is possible for an
>    active attacker to set up two sessions, one with a client and another
>    with a server, such that the master secrets on the two sessions are
>    the same.  Thereafter, any mechanism that relies on the master secret
>    for authentication, including session resumption, becomes vulnerable
>    to a man-in-the-middle attack, where the attacker can simply forward
>    messages back and forth between the client and server.  This
>    specification defines a TLS extension that contextually binds the
>    master secret to a log of the full handshake that computes it, thus
>    preventing such attacks.
>
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-tls-session-hash/
>
> There's also a htmlized version available at:
> http://tools.ietf.org/html/draft-ietf-tls-session-hash-02
>
> A diff from the previous version is available at:
> http://www.ietf.org/rfcdiff?url2=draft-ietf-tls-session-hash-02
>
>
> Please note that it may take a couple of minutes from the time of
> submission
> until the htmlized version and diff are available at tools.ietf.org.
>
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

v2.23.0 | Report a Bug | By Email