[TLS] [Technical Errata Reported] RFC2246 (3481)

RFC Errata System <rfc-editor@rfc-editor.org> Fri, 08 February 2013 22:01 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6F2C21F8BE2 for <tls@ietfa.amsl.com>; Fri, 8 Feb 2013 14:01:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.382
X-Spam-Level:
X-Spam-Status: No, score=-102.382 tagged_above=-999 required=5 tests=[AWL=0.218, BAYES_00=-2.599, NO_RELAYS=-0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fk3eMqjj-2h8 for <tls@ietfa.amsl.com>; Fri, 8 Feb 2013 14:01:30 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [IPv6:2001:1890:123a::1:2f]) by ietfa.amsl.com (Postfix) with ESMTP id 3E29E21F8BEB for <tls@ietf.org>; Fri, 8 Feb 2013 14:01:30 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id 1011DB1E004; Fri, 8 Feb 2013 14:01:22 -0800 (PST)
To: tdierks@certicom.com, pck@netcom.com, relyea@netscape.com, jar@netscape.com, msabin@netcom.com, dansimon@microsoft.com, tomw@netscape.com, hugo@watson.ibm.com, stephen.farrell@cs.tcd.ie, turners@ieca.com, ekr@networkresonance.com, jsalowey@cisco.com, ekr@rtfm.com
From: RFC Errata System <rfc-editor@rfc-editor.org>
Message-Id: <20130208220123.1011DB1E004@rfc-editor.org>
Date: Fri, 8 Feb 2013 14:01:22 -0800 (PST)
X-Mailman-Approved-At: Mon, 11 Feb 2013 08:08:48 -0800
Cc: tls@ietf.org, rfc-editor@rfc-editor.org
Subject: [TLS] [Technical Errata Reported] RFC2246 (3481)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Feb 2013 22:01:30 -0000

The following errata report has been submitted for RFC2246,
"The TLS Protocol Version 1.0".

--------------------------------------
You may review the report below and at:
http://www.rfc-editor.org/errata_search.php?rfc=2246&eid=3481

--------------------------------------
Type: Technical
Reported by: Martin Rex <mrex@sap.com>

Section: 8.1.2

Original Text
-------------
8.1.2. Diffie-Hellman

   A conventional Diffie-Hellman computation is performed. The
   negotiated key (Z) is used as the pre_master_secret, and is converted
   into the master_secret, as specified above.


Corrected Text
--------------
8.1.2. Diffie-Hellman

   A conventional Diffie-Hellman computation is performed.  The
   negotiated key (Z) is used as the pre_master_secret, and is converted
   into the master_secret, as specified above.  Leading bytes of Z that
   contain all zero bits are stripped before it is used as the
   pre_master_secret.


Notes
-----
Adopting the clarification from rfc4346 Section 8.1.2.  Not stripping the leading zero bits of Z will cause interop problems (handshake failures) with the installed base.  Rfc2246 is still the authoritative spec for TLSv1.0.  One can not implement TLSv1.0 from rfc4346.

Instructions:
-------------
This errata is currently posted as "Reported". If necessary, please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party (IESG)
can log in to change the status and edit the report, if necessary. 

--------------------------------------
RFC2246 (no draft string recorded)
--------------------------------------
Title               : The TLS Protocol Version 1.0
Publication Date    : January 1999
Author(s)           : T. Dierks, C. Allen
Category            : PROPOSED STANDARD
Source              : Transport Layer Security
Area                : Security
Stream              : IETF
Verifying Party     : IESG