IETF Logo Mail Archive

Re: [TLS] Next Protocol Negotiation 03

Adam Langley <agl@chromium.org> Mon, 21 May 2012 21:36 UTC

Return-Path: <agl@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE1B621F8554 for <tls@ietfa.amsl.com>; Mon, 21 May 2012 14:36:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.977
X-Spam-Level:
X-Spam-Status: No, score=-102.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iNDFpDPm2x-G for <tls@ietfa.amsl.com>; Mon, 21 May 2012 14:36:11 -0700 (PDT)
Received: from mail-gg0-f172.google.com (mail-gg0-f172.google.com [209.85.161.172]) by ietfa.amsl.com (Postfix) with ESMTP id 4614721F8551 for <tls@ietf.org>; Mon, 21 May 2012 14:36:11 -0700 (PDT)
Received: by ggnc4 with SMTP id c4so5678519ggn.31 for <tls@ietf.org>; Mon, 21 May 2012 14:36:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :x-system-of-record; bh=sEOBqK+2bS5bltsOkoRmEZkufTp9gBP45dwIBERSO7U=; b=TqDAU+A+4EwDALE3JG6BQIWEsWNWpUlj0jzs1glqeX8wMq8DW2mQqloJ+lBYRBPECL L1VhjZOJZOqdEZOAOOX1zEMrPRlFfqk48D3YVRxrkPKqdwkBm6h+TX5muyZZtv0T1TrT FDblxRM7ouBhsPDRS7i7wDpeqm00aw+eUBKoxyh4NHv6jU2RSkfaAOFQko187GonjwET 6vwLRILw5NBrB0ZJV7ZqWCsMaW2OMKHQslFAufVu0sL+G/+no/z1X4QQTM/GOh1PSTd+ 3PjviSy0i3cUsiCzvnfXzkQ4h+JpLssdG+qyxta3MZ7cbRuKKot8OXCyUK5ndWMxn3YJ DuPw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :x-system-of-record:x-gm-message-state; bh=sEOBqK+2bS5bltsOkoRmEZkufTp9gBP45dwIBERSO7U=; b=iCara2Ttxq/iH0pBOxkX058Itc1PJsvIKJhSVWG/rzGqcjNw8GHSZcttjaQXV3HJ8I 90ND3dDB1eY5XUT5TIY+CAZ0K1Skc+3piBfNv31uxLJpHASec5gUb8TiGVJ68qDEsen3 dpI3z6cf4k/1PWz6TFeY3fmI/5eyL3N7+hbfTFY9aEllYbRb/p0Vh6HQ11ozKSKb6gHy f0e8hs8v8NxBCrs6MhXRBUVfYBLBpUlF3sfB4ZKDZOOGVviWPzO1NZkL8ss12Ngp34QK QNv8v+Tzm20qaedITvAePhiqGW7eyL+k/OkmNT4Cyb1gx7sWKLEMPGWZ8oVF16qQzZF9 Sodg==
Received: by 10.50.185.233 with SMTP id ff9mr7816991igc.57.1337636170433; Mon, 21 May 2012 14:36:10 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.50.185.233 with SMTP id ff9mr7816984igc.57.1337636170314; Mon, 21 May 2012 14:36:10 -0700 (PDT)
Sender: agl@google.com
Received: by 10.231.112.136 with HTTP; Mon, 21 May 2012 14:36:10 -0700 (PDT)
In-Reply-To: <CAL9PXLwkMqyaSfDLssGH_oT5gHFeV2s64v-gTiYFH+dSq9ZvAQ@mail.gmail.com>
References: <4F9981FC.4000205@extendedsubset.com> <201204261721.q3QHL0lA014062@fs4113.wdf.sap.corp> <CAL9PXLwkMqyaSfDLssGH_oT5gHFeV2s64v-gTiYFH+dSq9ZvAQ@mail.gmail.com>
Date: Mon, 21 May 2012 17:36:10 -0400
X-Google-Sender-Auth: 1oejKhrPUtedy2jEhJ0ykZmKCiY
Message-ID: <CAL9PXLyX0NKtjK4DcmSq-J3X3yNhNm2BUC3HPLbpEALzR0NmYg@mail.gmail.com>
From: Adam Langley <agl@chromium.org>
To: mrex@sap.com
Content-Type: text/plain; charset="UTF-8"
X-System-Of-Record: true
X-Gm-Message-State: ALoCoQmynzEt5mD7bGO9gZFFy8pmkhbwRSQ9CRAZkT7mNq2U0r1/EzBfy9bQuh/PjbZA9LHn276FK4zX0G143PR+ArC0B+I5HvpG3Om3hJprAk4BdfTG4rz0unaRNzyQX4l/kmUhDf5l
Cc: tls@ietf.org
Subject: Re: [TLS] Next Protocol Negotiation 03
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 May 2012 21:36:11 -0000

On Thu, Apr 26, 2012 at 1:29 PM, Adam Langley <agl@chromium.org> wrote
> So, in short, "still thinking".

I've respun the draft in order to change the NextProtocol message into
an EncryptedExtensions message which has the same format as the
extension block in the hello messages. Everything else is the same.

This allows the client's protocol selection to remain under
encryption. The server's list of protocols is still in the clear, but
that can be fixed via an orthogonal change like Marsh's encrypted
handshake.

https://tools.ietf.org/html/draft-agl-tls-nextprotoneg-04


Cheers

AGL

v2.23.0 | Report a Bug | By Email