IETF Logo Mail Archive

Re: [TLS] draft-turner-ssl-must-not

Marsh Ray <marsh@extendedsubset.com> Tue, 06 July 2010 16:04 UTC

Return-Path: <marsh@extendedsubset.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 330123A687E for <tls@core3.amsl.com>; Tue, 6 Jul 2010 09:04:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.954
X-Spam-Level:
X-Spam-Status: No, score=-0.954 tagged_above=-999 required=5 tests=[AWL=1.646, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Cw8p0Qsm6XDY for <tls@core3.amsl.com>; Tue, 6 Jul 2010 09:04:17 -0700 (PDT)
Received: from mho-01-ewr.mailhop.org (mho-01-ewr.mailhop.org [204.13.248.71]) by core3.amsl.com (Postfix) with ESMTP id AA0033A6828 for <tls@ietf.org>; Tue, 6 Jul 2010 09:04:16 -0700 (PDT)
Received: from xs01.extendedsubset.com ([69.164.193.58]) by mho-01-ewr.mailhop.org with esmtpa (Exim 4.68) (envelope-from <marsh@extendedsubset.com>) id 1OWAd8-0005GR-Jv; Tue, 06 Jul 2010 16:04:18 +0000
Received: from [192.168.1.15] (localhost [127.0.0.1]) by xs01.extendedsubset.com (Postfix) with ESMTP id C37946334; Tue, 6 Jul 2010 16:04:15 +0000 (UTC)
X-Mail-Handler: MailHop Outbound by DynDNS
X-Originating-IP: 69.164.193.58
X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/mailhop/outbound_abuse.html for abuse reporting information)
X-MHO-User: U2FsdGVkX1/NIglCrdAXZV8jXD0lafkr7ESoNLV0pSo=
Message-ID: <4C3353FF.9090301@extendedsubset.com>
Date: Tue, 06 Jul 2010 11:04:15 -0500
From: Marsh Ray <marsh@extendedsubset.com>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.9) Gecko/20100423 Thunderbird/3.0.4
MIME-Version: 1.0
To: Nikos Mavrogiannopoulos <nmav@gnutls.org>
References: <201007061425.o66EP2Rc021252@fs4113.wdf.sap.corp> <4C334063.6020806@gnutls.org>
In-Reply-To: <4C334063.6020806@gnutls.org>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: Marsh Ray <marsh@xs01.extendedsubset.com>, tls@ietf.org
Subject: Re: [TLS] draft-turner-ssl-must-not
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Jul 2010 16:04:18 -0000

On 07/06/2010 09:40 AM, Nikos Mavrogiannopoulos wrote:
>
> Or just sending the whole output. I don't even know why truncation is
> there. I'd understand truncation in the record layer HMAC that is sent
> on every message, there it would save bandwidth... but on the finished
> message?

Well the RFC defines it as a number of bytes output from the PRF, which 
is a byte-by-byte data source in the abstract sense. Under the hood we 
know that there are whole hashes being produced but it seems reasonable 
that the spec wouldn't be defined in terms of that.

12 bytes though, that's shorter than any of the hashes anywhere else in 
the system.

- Marsh

v2.23.0 | Report a Bug | By Email