Re: [TLS] Closing some open comments on draft-ietf-tls-renegotiation

Eric Rescorla <ekr@networkresonance.com> Wed, 09 December 2009 00:26 UTC

Return-Path: <ekr@networkresonance.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7F2733A6803 for <tls@core3.amsl.com>; Tue, 8 Dec 2009 16:26:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.92
X-Spam-Level:
X-Spam-Status: No, score=0.92 tagged_above=-999 required=5 tests=[AWL=0.025, BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HELO_MISMATCH_COM=0.553, HOST_MISMATCH_NET=0.311, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yNrjJygmspFQ for <tls@core3.amsl.com>; Tue, 8 Dec 2009 16:26:46 -0800 (PST)
Received: from kilo.networkresonance.com (216.156.83.78.ptr.us.xo.net [216.156.83.78]) by core3.amsl.com (Postfix) with ESMTP id 5AE1B3A68E4 for <tls@ietf.org>; Tue, 8 Dec 2009 16:26:45 -0800 (PST)
Received: from kilo.local (localhost [127.0.0.1]) by kilo.networkresonance.com (Postfix) with ESMTP id C49576C55F6; Tue, 8 Dec 2009 16:28:26 -0800 (PST)
Date: Tue, 08 Dec 2009 16:28:26 -0800
From: Eric Rescorla <ekr@networkresonance.com>
To: mrex@sap.com
In-Reply-To: <200912082336.nB8NatS7017577@fs4113.wdf.sap.corp>
References: <20091207220244.DA1A06C5242@kilo.networkresonance.com>
User-Agent: Wanderlust/2.15.5 (Almost Unreal) Emacs/22.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20091209002826.C49576C55F6@kilo.networkresonance.com>
Cc: tls@ietf.org
Subject: Re: [TLS] Closing some open comments on draft-ietf-tls-renegotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Dec 2009 00:26:47 -0000

At Wed, 9 Dec 2009 00:36:55 +0100 (MET),
Martin Rex wrote:
> 
> Eric Rescorla wrote:
> > 
> > 6. Explicitly state that this extension may also be used with
> >    SSLv3 (we don't have any authority to update SSLv3 in any
> >    way but we can certainly say that there is no technical
> >    obstacle.)
> 
> What we're doing is giving recommendations to implementors what
> to do in their implementations when protocol version { 0x03, 0x00 }
> is negotiated.  We do not need any formal authority to do so.
>
> I would suggest to mention the sizes of the SSLv3 finished
> messages (36 octets), since these are considerably larger than
> in TLS (12 octets).

I have no problem with any of this. I was just saying that this
seems to be different from the situation with TLS where we 
can say you MUST do X, Y, and Z, and one could say that
implementations were nonconformant if they did not.


> > 7. Clarify that RI MUST be generated in all rehandshakes, per the
> >    issue Martin raised earlier and proposed resolution by Marsh
> >    and Nelson.
> 
> 
> Please add that this applies to _all_ handshakes, including
> TLS session resumes, i.e. the Server must return the
> TLS extension RI in the ServerHello of a TLS session resume as well!

Some text to this effect appears earlier, but I'm happy to
add it here as well.


> I feel a little uneasy with the term "rehandhshake". 
> I assume you refer to "renegotiation", i.e. a handshake that
> is performed when the "current connection state" differs
> from "no encrytion, no compression, no MAC".
> 
> I realize that the word "rehandshake" was added in one place to
> rfc5246 -- but I still would prefer a single term only.

Good point. I'm fine with using renegotiation throughout.

-Ekr