Re: [TLS] TLS Digest, Vol 65, Issue 88

Ravi Ganesan <> Mon, 21 December 2009 18:27 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 8B6663A6889 for <>; Mon, 21 Dec 2009 10:27:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.131
X-Spam-Status: No, score=-2.131 tagged_above=-999 required=5 tests=[AWL=-0.155, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id V7uKCfTzf9dx for <>; Mon, 21 Dec 2009 10:27:57 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 574203A6405 for <>; Mon, 21 Dec 2009 10:27:57 -0800 (PST)
Received: by pzk6 with SMTP id 6so3927193pzk.29 for <>; Mon, 21 Dec 2009 10:27:38 -0800 (PST)
MIME-Version: 1.0
Received: by with SMTP id l16mr1519811wae.39.1261420058293; Mon, 21 Dec 2009 10:27:38 -0800 (PST)
In-Reply-To: <>
References: <>
Date: Mon, 21 Dec 2009 10:27:38 -0800
Message-ID: <>
From: Ravi Ganesan <>
Content-Type: multipart/alternative; boundary="00504502f58f7cb807047b413ec8"
Subject: Re: [TLS] TLS Digest, Vol 65, Issue 88
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 21 Dec 2009 18:27:58 -0000

> Ravi, your terminology is slightly confusing.  Renegotiation refers
> to a TLS handshake that is performed under protection of an existing
> TLS session, so the two things you could distinguish are:

Martin, Point well taken. Thx, Ravi

p.s. I prefer not to think of the handshake happening "under protection" of
previous session. Another example of this is in current draft which says:
"The handshake is in the clear to the attacker but encrypted over the
attacker's TLS connection to the server." The handshake itself is always of
course is in the clear, certain values in it are encrypted with certain
keys. And in some cases this results in binding to previous sessions. This
sounds nitpicky, but I only say this because perfectly smart security people
with some knowledge of SSL can read sentences like above to assume the
entire handshake (including client_random and server_random) is encrypted.