Re: [TLS] Closing some open comments on draft-ietf-tls-renegotiation

Marsh Ray <marsh@extendedsubset.com> Wed, 09 December 2009 00:17 UTC

Return-Path: <marsh@extendedsubset.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BBA8F3A69CE for <tls@core3.amsl.com>; Tue, 8 Dec 2009 16:17:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.521
X-Spam-Level:
X-Spam-Status: No, score=-2.521 tagged_above=-999 required=5 tests=[AWL=0.078, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LWTcyevQxX0w for <tls@core3.amsl.com>; Tue, 8 Dec 2009 16:17:03 -0800 (PST)
Received: from mho-02-ewr.mailhop.org (mho-02-ewr.mailhop.org [204.13.248.72]) by core3.amsl.com (Postfix) with ESMTP id 4C3433A69C0 for <tls@ietf.org>; Tue, 8 Dec 2009 16:17:03 -0800 (PST)
Received: from xs01.extendedsubset.com ([69.164.193.58]) by mho-02-ewr.mailhop.org with esmtpa (Exim 4.68) (envelope-from <marsh@extendedsubset.com>) id 1NIAEe-0004SS-AR; Wed, 09 Dec 2009 00:16:52 +0000
Received: from [127.0.0.1] (localhost [127.0.0.1]) by xs01.extendedsubset.com (Postfix) with ESMTP id EEE27603A; Wed, 9 Dec 2009 00:16:48 +0000 (UTC)
X-Mail-Handler: MailHop Outbound by DynDNS
X-Originating-IP: 69.164.193.58
X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/mailhop/outbound_abuse.html for abuse reporting information)
X-MHO-User: U2FsdGVkX1/wWWS2+DhjuiKXxsWHVJIn8KF1mc2iOkw=
Message-ID: <4B1EEC70.5090205@extendedsubset.com>
Date: Tue, 08 Dec 2009 18:16:48 -0600
From: Marsh Ray <marsh@extendedsubset.com>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: mrex@sap.com
References: <200912082336.nB8NatS7017577@fs4113.wdf.sap.corp>
In-Reply-To: <200912082336.nB8NatS7017577@fs4113.wdf.sap.corp>
X-Enigmail-Version: 0.96.0
OpenPGP: id=1E36DBF2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: tls@ietf.org
Subject: Re: [TLS] Closing some open comments on draft-ietf-tls-renegotiation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Dec 2009 00:17:05 -0000

Martin Rex wrote:
> 
> I feel a little uneasy with the term "rehandhshake". 
> I assume you refer to "renegotiation", i.e. a handshake that
> is performed when the "current connection state" differs
> from "no encrytion, no compression, no MAC".
> 
> I realize that the word "rehandshake" was added in one place to
> rfc5246 -- but I still would prefer a single term only.

+1, it sounds like slightly loose terminology. Someone could easily
think it referred to session resumption.

There's also another section of proposed text where it emphasizes that
every handshake must be considered independently of all others
(signaling RI I think it was). The term "rehandshake" could be taken to
imply that the same handshake is to be done again (whatever that would
mean).

- Marsh