Re: [TLS] RFC 7627 on Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension
Sean Turner <sean@sn3rd.com> Thu, 17 September 2015 01:18 UTC
Return-Path: <sean@sn3rd.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C15C1A90F7 for <tls@ietfa.amsl.com>; Wed, 16 Sep 2015 18:18:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kEH9ZrSZOYdU for <tls@ietfa.amsl.com>; Wed, 16 Sep 2015 18:18:32 -0700 (PDT)
Received: from mail-pa0-x22b.google.com (mail-pa0-x22b.google.com [IPv6:2607:f8b0:400e:c03::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 239FD1A90EE for <tls@ietf.org>; Wed, 16 Sep 2015 18:18:32 -0700 (PDT)
Received: by padhk3 with SMTP id hk3so4093663pad.3 for <tls@ietf.org>; Wed, 16 Sep 2015 18:18:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to; bh=0HvqrD2LjL3CpUhH9swAt1Tw+2CjJQ//IYJUlplnS+I=; b=MCazwPMu9bAA4fKYtZAsmUuVLwfqITyjdywPIa2c4mNcT3baoz8mOZqBNshMhHuNXc 8DlgOf6NXa9YFjtQrHorCaBk8C7OKLsoE5PtSJgyk3bxYs5NQEihDs4tyllh7UljL0eX uJTytMwEO1NQAqGUxvCQw/12N0R+SdfuirEn0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:content-transfer-encoding:message-id:references:to; bh=0HvqrD2LjL3CpUhH9swAt1Tw+2CjJQ//IYJUlplnS+I=; b=Ouua1I+CndmlRbJjcpS83+yC90fjiZntZGMcn0HPAiHA/629V0d0qeTxXV0aIziNCA p52j2VC8aUQYnOnBauw/mqutuGE55Y7XIyWi9lTJUkm5+ObUUzzBWdBYWgtuSATP1T+p sRHHbh9RjQXNX2aj09QI62B6ngHa4dtjbow6le3RGi+2dCYey61RNFplw4TccJ1d4vax GSvbMoAZ0Vtnm59eH8zuaiVvJlySMlTwW0qv56IH9rjFc3szT2DO4etCdB4ltv1t7DFs LHbjV3tAegJnQuCOY3oHnt+OgY6Vz2Umh48X0Q6IJe5QXTw0IaC3cvzeqXMwTwvCeDaH Qqdw==
X-Gm-Message-State: ALoCoQmXj1X5bFA6xjgU7Q5QSfw1lGGRtHSbeR+/GaB/sVqXeWL81zVyI+sZUENEVGOQmEQ8pmml
X-Received: by 10.66.55.66 with SMTP id q2mr65978533pap.94.1442452711768; Wed, 16 Sep 2015 18:18:31 -0700 (PDT)
Received: from [10.0.0.131] (75-144-26-38-sfba-ca.hfc.comcastbusiness.net. [75.144.26.38]) by smtp.gmail.com with ESMTPSA id dk2sm509478pbd.57.2015.09.16.18.18.31 for <tls@ietf.org> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 16 Sep 2015 18:18:31 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <20150916204458.A9F2B180205@rfc-editor.org>
Date: Wed, 16 Sep 2015 18:18:29 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <80BFEB19-8D95-4A7F-BC34-983F7A3F312C@sn3rd.com>
References: <20150916204458.A9F2B180205@rfc-editor.org>
To: "<tls@ietf.org>" <tls@ietf.org>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/W6c9jco0HFV7V2_xz_chL2d-V84>
Subject: Re: [TLS] RFC 7627 on Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Sep 2015 01:18:34 -0000
Thanks to all who helped to get this published. spt On Sep 16, 2015, at 13:44, rfc-editor@rfc-editor.org wrote: > A new Request for Comments is now available in online RFC libraries. > > > RFC 7627 > > Title: Transport Layer Security (TLS) Session > Hash and Extended Master Secret Extension > Author: K. Bhargavan, Ed., A. Delignat-Lavaud, > A. Pironti, A. Langley, M. Ray > Status: Standards Track > Stream: IETF > Date: September 2015 > Mailbox: karthikeyan.bhargavan@inria.fr, > antoine.delignat-lavaud@inria.fr, > alfredo.pironti@inria.fr, > agl@google.com, > maray@microsoft.com > Pages: 15 > Characters: 34788 > Updates: RFC 5246 > > I-D Tag: draft-ietf-tls-session-hash-06.txt > > URL: https://www.rfc-editor.org/info/rfc7627 > > DOI: http://dx.doi.org/10.17487/RFC7627 > > The Transport Layer Security (TLS) master secret is not > cryptographically bound to important session parameters such as the > server certificate. Consequently, it is possible for an active > attacker to set up two sessions, one with a client and another with a > server, such that the master secrets on the two sessions are the > same. Thereafter, any mechanism that relies on the master secret for > authentication, including session resumption, becomes vulnerable to a > man-in-the-middle attack, where the attacker can simply forward > messages back and forth between the client and server. This > specification defines a TLS extension that contextually binds the > master secret to a log of the full handshake that computes it, thus > preventing such attacks. > > This document is a product of the Transport Layer Security Working Group of the IETF. > > This is now a Proposed Standard. > > STANDARDS TRACK: This document specifies an Internet Standards Track > protocol for the Internet community, and requests discussion and suggestions > for improvements. Please refer to the current edition of the Official > Internet Protocol Standards (https://www.rfc-editor.org/standards) for the > standardization state and status of this protocol. Distribution of this > memo is unlimited. > > This announcement is sent to the IETF-Announce and rfc-dist lists. > To subscribe or unsubscribe, see > https://www.ietf.org/mailman/listinfo/ietf-announce > https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist > > For searching the RFC series, see https://www.rfc-editor.org/search > For downloading RFCs, see https://www.rfc-editor.org/rfc.html > > Requests for special distribution should be addressed to either the > author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless > specifically noted otherwise on the RFC itself, all RFCs are for > unlimited distribution. > > > The RFC Editor Team > Association Management Solutions, LLC > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls