Re: [TLS] Proposed text for removing renegotiation

Martin Thomson <martin.thomson@gmail.com> Fri, 20 June 2014 16:50 UTC

Return-Path: <martin.thomson@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 764C91A03DF for <tls@ietfa.amsl.com>; Fri, 20 Jun 2014 09:50:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1BA8dXpuY706 for <tls@ietfa.amsl.com>; Fri, 20 Jun 2014 09:50:39 -0700 (PDT)
Received: from mail-we0-x230.google.com (mail-we0-x230.google.com [IPv6:2a00:1450:400c:c03::230]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D553B1A03E1 for <tls@ietf.org>; Fri, 20 Jun 2014 09:50:38 -0700 (PDT)
Received: by mail-we0-f176.google.com with SMTP id u56so3995978wes.21 for <tls@ietf.org>; Fri, 20 Jun 2014 09:50:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=9ffDZpFIxN5gQ1In7+MHnj3HRj4bzA+pryty93QBbmM=; b=FCdUm0r/jxn0QcUE8MNbmaP9jAWTdPPGXqWaZuo9RXmVvHV1yFSF3q0M3F23bmpMc/ V9rkVSNWa+AysjjIc+ApKaYJLSysljqnVWGFBHTP6y4uU35be07jKp4xYE1xsTGukmhW kRU/HSAeNs4wD37cbi7dnBxz7ju2ue7M5INfIEfFFRScESpoL1Y/EHrdF3ETFezciOeS wBlNMU44kLwv+TxaG0gdI75j5AMS9o0zwMbDB5NeLQziyTgcdg445Ht2315HNiNF6wAA Rt4e9iOHnk+p01yqgzpSt+kLvXBx8oNf1JgvQKdJvAVrSythzluzOIH3KZz2bITMFlwD aCNw==
MIME-Version: 1.0
X-Received: by 10.180.74.131 with SMTP id t3mr5497481wiv.23.1403283037460; Fri, 20 Jun 2014 09:50:37 -0700 (PDT)
Received: by 10.194.51.134 with HTTP; Fri, 20 Jun 2014 09:50:37 -0700 (PDT)
In-Reply-To: <1403249527.30440.11.camel@dhcp-2-127.brq.redhat.com>
References: <CAFewVt65X1V6=A_HP_pcg=6nXNVFLxQmSsPB2rq1KvmGPRz+og@mail.gmail.com> <20140606223045.3B5AF1AD46@ld9781.wdf.sap.corp> <CACsn0cmcc6kXvOuqkZaDj7+QPdpY9qqQ58bs3s-JBGXdNJSZyw@mail.gmail.com> <CABcZeBPe45BM-uXd7DEBD_BBn=jhk8KkYB=facp+NMb2e4nBiw@mail.gmail.com> <1402299260.2427.2.camel@dhcp-2-127.brq.redhat.com> <CABkgnnX5+fXNDy1o7Pu60rp8vSx7XfKbt337e_q=+3fb8fXHJw@mail.gmail.com> <1402388399.2369.5.camel@dhcp-2-127.brq.redhat.com> <CACsn0cm5OzzjOh5nSXcu-cx+ZYFeJiJ5eGvgwjsWPUeX4ozz2g@mail.gmail.com> <1402476304.2305.8.camel@dhcp-2-127.brq.redhat.com> <CACsn0cmM4KpMgwXo0iTygsQ+En6N3J46jPY-Q3hfwzqG431M1w@mail.gmail.com> <1402648977.6191.36.camel@dhcp-2-127.brq.redhat.com> <CACsn0ck6OxPm8BwuNeAn+wpayaefkAzZtiyjkaQ1sB_4hp0C_Q@mail.gmail.com> <1402990596.2335.18.camel@dhcp-2-127.brq.redhat.com> <53A0AB7E.4050706@fifthhorseman.net> <1403173608.5825.6.camel@dhcp-2-127.brq.redhat.com> <CABkgnnVuTauFLeto3KebbMDFysjpd7rg_dHrTQVZBeS8BktmoA@mail.gmail.com> <1403249527.30440.11.camel@dhcp-2-127.brq.redhat.com>
Date: Fri, 20 Jun 2014 09:50:37 -0700
Message-ID: <CABkgnnWwkrb6uF-uUxxf+eKEObiJKNa+KDNpT3svYdFxew5UmA@mail.gmail.com>
From: Martin Thomson <martin.thomson@gmail.com>
To: Nikos Mavrogiannopoulos <nmav@redhat.com>
Content-Type: text/plain; charset=UTF-8
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/Xk2Jen7I-uIeTTgZVrYIFOjxPI4
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Proposed text for removing renegotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Jun 2014 16:50:40 -0000

On 20 June 2014 00:32, Nikos Mavrogiannopoulos <nmav@redhat.com> wrote:
> Could you elaborate on the applications that will be affected by such
> change? I've never seen any such applications, and in fact for the 99%
> of the renegotiation uses (e.g., the web) the renegotiation operation
> would be identical before and after my proposed change.

I'm concerned about applications that rely on renegotiation for
rekeying purposes, not the web scenarios.  For instance, those small
number of F5 users that have set a renegotiation timer (see David's
email earlier in the thread).