Re: [TLS] Viability of fallback SCSV and padding drafts.
Dr Stephen Henson <lists@drh-consultancy.co.uk> Thu, 27 February 2014 18:19 UTC
Return-Path: <lists@drh-consultancy.co.uk>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EEFF81A0234 for <tls@ietfa.amsl.com>; Thu, 27 Feb 2014 10:19:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.589
X-Spam-Level: *
X-Spam-Status: No, score=1.589 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NEUTRAL=0.779, T_HK_NAME_DR=0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dTbUWsG1Daye for <tls@ietfa.amsl.com>; Thu, 27 Feb 2014 10:19:54 -0800 (PST)
Received: from claranet-outbound-smtp06.uk.clara.net (claranet-outbound-smtp06.uk.clara.net [195.8.89.39]) by ietfa.amsl.com (Postfix) with ESMTP id B37E21A0163 for <tls@ietf.org>; Thu, 27 Feb 2014 10:19:54 -0800 (PST)
Received: from drh-consultancy.demon.co.uk ([80.177.30.10]:59222 helo=[192.168.7.9]) by relay16.mail.eu.clara.net (relay.clara.net [81.171.239.36]:10465) with esmtpa (authdaemon_plain:drh) id 1WJ5Ym-0002rG-JM for tls@ietf.org (return-path <lists@drh-consultancy.co.uk>); Thu, 27 Feb 2014 18:19:52 +0000
Message-ID: <530F81C5.1060104@drh-consultancy.co.uk>
Date: Thu, 27 Feb 2014 18:19:49 +0000
From: Dr Stephen Henson <lists@drh-consultancy.co.uk>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: tls@ietf.org
References: <CAL9PXLw8zF4trB4btCPR-NPT7gZhdOtsDCr4PGckrHHpD1BH-Q@mail.gmail.com>
In-Reply-To: <CAL9PXLw8zF4trB4btCPR-NPT7gZhdOtsDCr4PGckrHHpD1BH-Q@mail.gmail.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/ZET3ICFEh3_4GeY0TV4BUvPlC4M
Subject: Re: [TLS] Viability of fallback SCSV and padding drafts.
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Feb 2014 18:19:57 -0000
On 27/02/2014 17:47, Adam Langley wrote: > > It's possible that smaller breakages have also occurred but I've seen > no evidence of that yet. We continue to follow up on user reports in > case there's something that got missed. > > We're going to change Chrome 33 to only pad ClientHellos when needed, > but that's the only change scheduled so far. Otherwise both changes > are holding steady and appear viable. > That's good to know. I'm hoping that once there is an official designation for the padding extension (any news on when that might be?) it can be enabled by default in OpenSSL, at present it needs a compilation option. It could then appear in 1.0.2 when it is officially released and 1.0.1 releases. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.co.uk/ Email: shenson@drh-consultancy.co.uk, PGP key: via homepage.
- [TLS] Viability of fallback SCSV and padding draf… Adam Langley
- Re: [TLS] Viability of fallback SCSV and padding … Dr Stephen Henson